I followed the documentation section "Automated Guest Logins" (https://www.virtualbox.org/manual/ch09.html#autologon) and I succesfully configured PAM with pam_vbox module, set CredsWait to 1 (host command), and set credentials for a "titi" user (even if I don't know if I have to do so).
Both host and guest are Linux.
My issue is that when I try to login on my guest with "titi" user, it failed. Even by SSH or console.
I try to figure out what could prevent login through vbox pam module, but no success...
if you can help me, or explain how it works, it would be greatly appreciated
Regards,
PluX62
P.S: some infos that may help in troubleshoot...
if some infos are missing, don't hesitate.
I) On my guest (ubuntu server)
$ sudo tail -f /var/log/auth.log # debug set to pam_vbox module
Code: Select all
...
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_authenticate called
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox: 5.2.44r139111, running on amd64
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_init: runtime initialized
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_init: guest lib initialized
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_init: rhost=192.168.1.36, tty=ssh, prompt=<none>
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_read_prop: read key "/VirtualBox/GuestAdd/PAM/CredsWait"="1"
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_read_prop: read key "/VirtualBox/GuestAdd/PAM/CredsWait" with rc=VINF_SUCCESS
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_read_prop: read key "/VirtualBox/GuestAdd/PAM/CredsWaitTimeout" with rc=VERR_NOT_FOUND
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_read_prop: read key "/VirtualBox/GuestAdd/PAM/CredsMsgWaiting" with rc=VERR_NOT_FOUND
Aug 13 08:16:16 dns-01 pam_vbox[758]: Showing message "Waiting for credentials ..." (type 4)
Aug 13 08:16:16 dns-01 pam_vbox[758]: Response to message "Waiting for credentials ..." was ""
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_check_creds: could not query for credentials! rc=VERR_PERMISSION_DENIED. Aborting
Aug 13 08:16:16 dns-01 pam_vbox[758]: pam_vbox_authenticate: overall result rc=VERR_PERMISSION_DENIED
Aug 13 08:16:16 dns-01 sshd[758]: pam_unix(sshd:auth): check pass; user unknown
Aug 13 08:16:16 dns-01 sshd[758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.36
Aug 13 08:16:18 dns-01 sshd[758]: Failed password for invalid user titi from 192.168.1.36 port 64541 ssh2
...
Code: Select all
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.5 LTS
Release: 18.04
Codename: bionic
Code: Select all
Oracle VM VirtualBox Guest Additions Command Line Management Interface Version 5.2.44
(C) 2008-2020 Oracle Corporation
All rights reserved.
5.2.44r139111
Code: Select all
#
# /etc/pam.d/common-auth - authentication settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
# traditional Unix authentication mechanisms.
#
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules. See
# pam-auth-update(8) for details.
# vbox host auth
auth requisite pam_vbox.so debug
# here are the per-package modules (the "Primary" block)
auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass
# here's the fallback if no module succeeds
auth requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
auth required pam_permit.so
# and here are more per-package modules (the "Additional" block)
auth optional pam_cap.so
# end of pam-auth-update config
Code: Select all
-rw-r--r-- 1 root root 818408 Jul 9 2020 /lib/x86_64-linux-gnu/security/pam_vbox.so
Code: Select all
crw-rw---- 1 vboxadd root 10, 56 Aug 13 07:57 vboxguest
crw-rw-rw- 1 vboxadd root 10, 55 Aug 13 07:57 vboxuser
Code: Select all
root 343 2 0 07:57 ? 00:00:00 [iprt-VBoxWQueue]
root 610 1 0 07:57 ? 00:00:01 /usr/sbin/VBoxService --pidfile /var/run/vboxadd-service.sh
ladmin 875 819 0 09:59 pts/1 00:00:00 grep --color=auto -i vbox
$ sudo -u vbox_admin vboxmanage guestproperty enumerate 6dae84c0-1af8-4d3c-a1ef-f8bbc4356642
Code: Select all
Name: /VirtualBox/GuestInfo/OS/Product, value: Linux, timestamp: 1628834277819271000, flags:
Name: /VirtualBox/GuestInfo/Net/0/V4/IP, value: 192.168.1.47, timestamp: 1628834277823824000, flags:
Name: /VirtualBox/GuestInfo/Net/0/MAC, value: 080027DB7E82, timestamp: 1628834277826741000, flags:
Name: /VirtualBox/GuestInfo/OS/ServicePack, value: , timestamp: 1628834277819595000, flags:
Name: /VirtualBox/HostInfo/VBoxVerExt, value: 5.2.44, timestamp: 1628834256755826000, flags: TRANSIENT, RDONLYGUEST
Name: /VirtualBox/GuestInfo/Net/0/V4/Netmask, value: 255.255.255.0, timestamp: 1628834277824237000, flags:
Name: /VirtualBox/GuestInfo/OS/Version, value: #160-Ubuntu SMP Thu Jul 29 06:54:29 UTC 2021, timestamp: 1628834277819491000, flags:
Name: /VirtualBox/GuestAdd/VersionExt, value: 5.2.44, timestamp: 1628834277819866000, flags:
Name: /VirtualBox/GuestAdd/Revision, value: 139111, timestamp: 1628834277820238000, flags:
Name: /VirtualBox/HostGuest/SysprepExec, value: , timestamp: 1628834256754591000, flags: TRANSIENT, RDONLYGUEST
Name: /VirtualBox/GuestInfo/OS/LoggedInUsers, value: 1, timestamp: 1628834582759988000, flags: TRANSIENT, TRANSRESET
Name: /VirtualBox/GuestInfo/Net/0/Status, value: Up, timestamp: 1628834277827113000, flags:
Name: /VirtualBox/GuestAdd/PAM/CredsWait, value: 1, timestamp: 1628801274172594000, flags: RDONLYGUEST
Name: /VirtualBox/GuestInfo/Net/0/Name, value: enp0s3, timestamp: 1628834277827447000, flags:
Name: /VirtualBox/HostGuest/SysprepArgs, value: , timestamp: 1628834256754684000, flags: TRANSIENT, RDONLYGUEST
Name: /VirtualBox/GuestAdd/Version, value: 5.2.44, timestamp: 1628834277819747000, flags:
Name: /VirtualBox/HostInfo/VBoxRev, value: 139111, timestamp: 1628834256755908000, flags: TRANSIENT, RDONLYGUEST
Name: /VirtualBox/GuestInfo/Net/0/V4/Broadcast, value: 192.168.1.255, timestamp: 1628834277824034000, flags:
Name: /VirtualBox/HostInfo/VBoxVer, value: 5.2.44, timestamp: 1628834256755741000, flags: TRANSIENT, RDONLYGUEST
Name: /VirtualBox/GuestInfo/OS/LoggedInUsersList, value: ladmin, timestamp: 1628834582759723000, flags: TRANSIENT, TRANSRESET
Name: /VirtualBox/GuestInfo/Net/Count, value: 1, timestamp: 1628842544415344000, flags:
Name: /VirtualBox/GuestInfo/OS/Release, value: 4.15.0-153-generic, timestamp: 1628834277819418000, flags:
Name: /VirtualBox/GuestInfo/OS/NoLoggedInUsers, value: false, timestamp: 1628834582760186000, flags: TRANSIENT, TRANSRESET
Code: Select all
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.2 LTS
Release: 20.04
Codename: focal
Code: Select all
Oracle VM VirtualBox Headless Interface 5.2.44
(C) 2008-2020 Oracle Corporation
All rights reserved.
5.2.44r139111
Code: Select all
root 1008 2 0 07:57 ? 00:00:00 [iprt-VBoxWQueue]
root 1009 2 0 07:57 ? 00:00:00 [iprt-VBoxTscThr]
vbox_ad+ 1165 1 0 07:57 ? 00:00:00 /usr/lib/virtualbox/vboxwebsrv --background -H 192.168.1.250 -F /var/log/vboxweb-service.log
vbox_ad+ 1174 1 0 07:57 ? 00:00:02 /usr/lib/virtualbox/VBoxXPCOMIPCD
vbox_ad+ 1193 1 0 07:57 ? 00:00:05 /usr/lib/virtualbox/VBoxSVC --auto-shutdown
vbox_ad+ 1323 1193 1 07:57 ? 00:01:44 /usr/lib/virtualbox/VBoxHeadless --comment myvm-01 --startvm 6dae84c0-1af8-4d3c-a1ef-f8bbc4356642 --vrde config
ladmin 2935 2872 0 10:01 pts/2 00:00:00 grep --color=auto -i vbox