1. N

    [SOLVED] Successful login with empty password (Realm: Linux PAM standard authentication)

    Under certain conditions, it is possible to log in to the web interface without knowing the user password. To create users on hosts, we use ansible playbook. There was an error in the playbook and one user had an incorrect password hash installed in /etc/shadow To log in via SSH, we use SSH...
  2. A

    Post PVE 7 to 8 issue: pam_env(sshd:session): deprecated reading of user environment enabled

    I've been seeing this in my logwatch reports since upgrading from PVE 7 to 8. Looks like a known issue at Debian. Several bug reports there - bugs 1018106, 1018260 and 1030119. I wasn't seeing these errors prior to the upgrade. Here's a link to one of them...
  3. J

    How to manage PAM Users on Proxmox Cluster

    Hello everyone, I have a question about whats the best was to manage User, specifically PAM users on a Proxmox Cluster. Say I have a Proxmox Cluster and a Loadbalancer for the WebUI. When I would try to login into the WebUI via PAM I don't know which node I am currently connected. I know that...
  4. E

    Restrict root Login to WebUI in Proxmox VE 8

    In the Proxmox VE 8 release notes, there is a change listed under the Access Control section: I assume this is meant to be used for restricting users able to login to the WebUI using Linux PAM. I haven't gotten around to testing this, but can anyone confirm it can be used in this capacity...
  5. A

    [SOLVED] Login failed. Please try again. Linix PAM auth

    Hello. I can’t log in to the WebUI of our proxmox via Linux PAM, but I connect via ssh with the same access. Only 1 server. Without a cluster. Only one user - root. I tried all the methods from similar topics on this forum - nothing helped - reboot server - Added a new user (admin@pve) - changed...
  6. E

    How to create a PAM user on Proxmox?

    Hi to everyone, I have some difficulties creating a PAM user on Proxmox. In GUI when I try to create PAM user in "Datastore" -> "Permissions" -> "Users" by the command "Add", I enter all the data (except the password because there is no field), but when I try to set the password I get the...
  7. R

    Active Directory AD Realm starts with number

    Good Day People, I have read through a few forum answers about the domain starting with a number is not allowed. This presents a problem since our company name starts with a number as well as the AD domain. This is not something that can be changed. Is there any work around for this? Some say...
  8. S

    Login in Node / Frage zu Passwörtern im Cluster

    Hallo, folgendes Szenario: Server Nr.1 ist schon länger vorhanden und hat PAM-Accounts für die User, die dann in Proxmox eingebunden worden. Jetzt wurde ein zweiter Server Nr.2 hinzugefügt. Nr.3 ist fertig wartet aber mit dem Joinen des Clusters noch. Ich habe die Accounts ja (Nr.1 ist etwa...
  9. M

    [SOLVED] Cannot delete PAM-User

    Hello, I've added accidentally an PAM-user over the GUI, realized after I created the user, that I've should have selected the PVE Realm. Here is my Problem: I cannot delete the (freshly) created PAM-user. When using the Remove-Button in the GUI: delete user failed: user '***@pam' not found...
  10. H

    TFA / 2FA not available for PVE Realm ?

    Hi Guys, I'm quite new to proxmox, i have some virtual machines and everything is fine so far, now i wanted to implement 2FA in order to make it a little safer and because i was curious. Unfortunately, i can't activate 2FA / TFA for a pve user, it's available for pam though. I'd appreciate...
  11. M

    Add pam user to pve admin group?

    I have been trying to find this info but all examples point to adding a pve user, and when I try to add the pam user to the pve group it says, not to anyones surprise, that the user doesn't exists. And if I add the user in the GUI as a PAM user that user does not appear when listing users in the...
  12. I

    Manage Groups with PAM/Unix

    Since we already manage our linux users and groups with an existing tool (puppet/ansible) the PAM login is very handy for us. While this allows new users to log in automatically, they have no permissions. Unfortunately I can't find a way to use the memberships from the Unix groups in Proxmox...
  13. A

    [SOLVED] Promox PAM Authentication not working against SSSD

    I'm trying to get Promox PAM Authentication working against FreeIPA. I've joined the Promox nodes to FreeIPA and I'm able to ssh into each of the nodes using both my password and ssh keys from FreeIPA. What seems to be going on is the order of operations in the PAM modules. Here are two...
  14. M

    Radius Authentication - SSH, SUDO, etc. working / Proxmox not

    Hello, Getting started with proxmox. Love it already! I´d like to see RADIUS Auth working on the Proxmox GUI :) SSH, SUDO, SU, etc all work with radius password. Any idea why Proxmox GUI is not? The user xxxxx has a radius password and a local PAM password. The local PAM password is working...
  15. R

    Creating a restricted shell user?

    Hello, I'm trying to implement some secure automation by creating a PAM user that can only run qm commands. Currently, the user can only run commands in their home directory, but softlinking qm into that directory gives the following error. ipcc_send_rec[1] failed: No such file or directory...
  16. L

    Restricting User Login to Certain IPs

    I am currently trying to solve the problem of allowing or denying certain users from logging into the Proxmox console from a specific IP. I want to allow certain user users to login to Proxmox from a particular IP but not allow the root user to login from that IP. This is due to my remote access...
  17. Z

    Hide Linux Pam login?

    Hi, I'm trying to commercial sell, using the default and powerful web panel. But How could I disable or hide the Linux pam login, left only Proxmox VE authentication? Apparently pam login is unsafe.
  18. A

    Linux PAM + Google Authenticator not working

    I have enabled OATH for Linux PAM authentication without adding a secret to my admin user. After I found out i locked myself out of the web UI, I added a secret (generated by oathkeygen) to my admin user in the following file: /etc/pve/user.cfg I have checked the date and time on both server...


The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!