Attempting Device Authentication but prompted to "Create a local password" #655
Unanswered
jbrucato-eci
asked this question in
Q&A
Replies: 1 comment
-
That's the expected behavior... Currently you need a local password to be set. Technically I suppose it could be disabled adding an option to the broker for specific setups, but then you wouldn't be able to login in case of missing connection. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Running into an issue here (Ubuntu 24.04 fully patched). Auth seems to function when code is submitted, but I drop down into a local password loop:
_>>ssh username@[email protected]
(username@[email protected]) == Broker selection ==
1 - local
2 - Microsoft Entra ID
Select broker: 2
Insert 'r' to cancel the request and go back
(username@[email protected]) Enter your local password:
(username@[email protected]) == Authentication mode selection (use 'r' to go back) ==
1 - Local Password Authentication
2 - Device Authentication
Select authentication mode: 2
Scan the QR code or access "https://microsoft.com/devicelogin" and use the provided login code
https://microsoft.com/devicelogin
AQCEFPFAE
(username@[email protected]) == Qr Code authentication (use 'r' to go back) ==
1 - Wait for the QR code scan result
2 - Request new login code
Select action: 1
Insert 'r' to cancel the request and go back
(username@[email protected]) Create a local password:_
Periodically seeing the following in Authd logs:
Nov 12 18:02:06 MYSERVER systemd[1]: Stopping authd.service - Authd daemon service...
Nov 12 18:02:06 MYSERVER systemd[1]: authd.service: Deactivated successfully.
Nov 12 18:02:06 MYSERVER systemd[1]: Stopped authd.service - Authd daemon service.
Nov 12 18:02:06 MYSERVER systemd[1]: Starting authd.service - Authd daemon service...
Nov 12 18:02:06 MYSERVER systemd[1]: Started authd.service - Authd daemon service.
Nov 12 18:05:11 MYSERVER authd[3654]: 2024/11/12 18:05:11 WARN rpc error: code = NotFound desc =
Nov 12 18:10:11 MYSERVER authd[3654]: 2024/11/12 18:10:11 WARN rpc error: code = NotFound desc =
lines 48-79/79 (END)
Auth logs during attempt:
2024-11-12T18:16:26.427587+00:00 MYSERVER sshd[3891]: pam_aad(sshd:account): AadAuthorize, Version: 1.0.028680001; CorrelationId: XXXXXXX
2024-11-12T18:16:26.427804+00:00 MYSERVER sshd[3891]: pam_aad(sshd:account): This is an Azure machine
2024-11-12T18:16:26.578334+00:00 MYSERVER sshd[3891]: pam_aad(sshd:account): Login denied for user [email protected].
2024-11-12T18:16:26.578795+00:00 MYSERVER sshd[3888]: error: PAM: User account has expired for [email protected] from x.x.x.x
2024-11-12T18:16:26.640504+00:00 MYSERVER sshd[3888]: fatal: monitor_read: unpermitted request 104
Beta Was this translation helpful? Give feedback.
All reactions