Help
FortiPAM
FortiPAM allows you to protect, isolate and secure privileged account credentials, manage and control privileged user access, and monitor and record privileged account activity.
RobertD
Staff
Staff

Created on ‎04-28-2023 12:19 AM

Article Id 254328

Troubleshooting Tip: Password changing failed

Description This article introduces some typical password changer failures with SSH Server, and how to debug it.
Scope FortiPAM, Target SSH Server.
Solution

1) Typical failure reasons:

 

- The corresponding password-changing procedure is different with SSH Server.
When this scenario happens, PAM GUI shows the error 'Not matching as step [x]'.

- Failed to connect with SSH Server.
When this scenario happens, PAM GUI shows the error 'Connection Failure'.

- Username and password/key are incorrect with SSH Server.
When this scenario happens, PAM GUI shows the error 'LIBSSH2_ERROR_Authentication_Failed'.

- The New Password generated by PAM does not meet SSH Server requirements.
When this scenario happens, PAM can show different errors: 'Not matching as step [x]' or 'LIBSSH2_ERROR_Authentication_Failed'.

 

2) How to debug Password Changer Failure:

 

- Using debug command to debug password changing :

 

# diag debug en

# diag wad debug enable category pwdchg

# diag wad debug enable level verbose

 

After the debug finishes, run the command 'diag wad debug clear'.
1601
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.