SOLVED - Debian 7.1 and mysql auth with libpam-mysql

Scripts which allow the use of special authentication methods (LDAP, AD, MySQL/PostgreSQL, etc).

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
nellox
OpenVpn Newbie
Posts: 3
Joined: Tue Oct 01, 2013 1:38 pm

SOLVED - Debian 7.1 and mysql auth with libpam-mysql

Post by nellox » Tue Oct 01, 2013 1:49 pm

Hello,
we had problem with authenticating one openvpn user on a Debian 7.1.0 server with mysqld.

In mysql db, in one db we have a table containing user and password.

We installed the following debian package:

libpam-mysql

Our openvpnserver.conf had the string:
plugin /usr/lib/openvpn/openvpn-auth-pam.so openvpn

In the /etc/pam.d/openvpn we had:
auth sufficient pam_mysql.so user=alfa passwd=xxxxxx host=localhost db=dbopenvpn table=vpn_ad usercolumn=username passwdcolumn=password [where=(expire>=CURRENT_DATE OR expire = 0000-00-00) and active=1] sqllog=0 crypt=0
account required pam_mysql.so user=alfa passwd=xxxxxx host=localhost db=dbopenvpn table=vpn_ad usercolumn=username passwd column=password [where=(expire>=CURRENT_DATE OR expire = 0000-00-00) and active=1] sqllog=0 crypt=0

We found (via mysql debug" that the "account required" string is not able to check the password beacuse it does no more understand the word"passwd".
We solved writing "password" and not "passwd".

spykey
OpenVpn Newbie
Posts: 5
Joined: Thu Jan 18, 2018 2:34 pm

Re: SOLVED - Debian 7.1 and mysql auth with libpam-mysql

Post by spykey » Thu Jan 18, 2018 2:35 pm

Hi Nellox,
I still cannot get it to work, would you be able to share the content of your file /etc/pam.d/openvpn please?

Thanks

Post Reply