We got a problem that TACACS user could login to N9K via TACACS ID only one time, after that all login attemps are failure.
The log shows:
2016 Jan 29 01:51:39 HOSTNAME%AUTHPRIV-6-SYSTEM_MSG: START: ssh pid=13840 from=::ffff:10.25.158.105 - dcos-xinetd
2016 Jan 29 01:51:39 HOSTNAME%AUTH-6-SYSTEM_MSG: Could not load host key: /isan/etc/ssh_host_dsa_key - sshd
2016 Jan 29 01:51:57 HOSTNAME%DAEMON-3-SYSTEM_MSG: Unable to create temporary user 1473165. Error 0x404a000a usermod: group '1473165' does not exist (100663296) - sshd
2016 Jan 29 01:51:57 HOSTNAME%AUTHPRIV-3-SYSTEM_MSG: pam_aaa:Authentication failed for user 1473165 from 10.25.158.105 - sshd
2016 Jan 29 01:51:57 HOSTNAME%AUTHPRIV-5-SYSTEM_MSG: Login failed for user 1473165 - sshd
2016 Jan 29 01:51:57 HOSTNAME%DAEMON-6-SYSTEM_MSG: Failed password for 1473165 from 10.25.158.105 port 54733 ssh2 - sshd
All user could only login one time, we confirmed the password are correct.
But when we "show user-account", we found the account were cached which suppose to make this problem.
account created through REMOTE authentication
Credentials such as ssh server key will be cached temporarily only for this user account
Local login not possible
Is there anyone know how to remove those cached user accounts ? And how to configre auto-remove cache users once logoff ?
Solved! Go to Solution.