Troubleshooting
Problem
A local or remote connection to a database using: db2 connect to sample user using returns SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001
Errors in the Db2 diagnostic log might be similar to the following:
Errors in the Db2 diagnostic log might be similar to the following:
2011-10-19-14.05.06.682505-300 I2778202A437 LEVEL: Warning
PID : 10813678 TID : 6958 PROC : db2sysc
INSTANCE: db2inst1 NODE : 000 DB : SAMPLE
APPHDL : 0-117
EDUID : 6958 EDUNAME: db2agent (SAMPLE)
FUNCTION: DB2 UDB, bsu security, sqlexLogPluginMessage, probe:20
DATA #1 : String with size, 67 bytes
Password validation for user testuser failed with rc = -2029059891
2011-10-19-14.05.06.682321-300 I2777674A527 LEVEL: Severe
PID : 9633910 TID : 258 PROC : db2ckpwd 0
INSTANCE: db2inst1 NODE : 000
EDUID : 258 EDUNAME: db2sysc 0
FUNCTION: DB2 UDB, oper system services, sqloGetUserAttribByName, probe:50
MESSAGE : Unsupported password encryption algorithm in use! Configure the
Operating System to use a supported algorithm.
DATA #1 : Hexdump, 4 bytes
0x07000000003F7F00 : 870F 00CD ....
Symptom
No connections can be made to the database when userid and password are provided. These connections fail with SQL30082N with Reason "24" or "15" returned.
Cause
DB2 Version 9.1 and Version 9.5 up to Fixpack 3 support the following encryption algorithms.
- Crypt
- MD5
- SHA1
From DB2 Version 9.5 Fixpak 4 and versions beyond, the following algorithms are supported:
- Crypt
- MD5
- SHA1
- SHA256
- SHA512
- Blowfish
On AIX this is coded in the /etc/security/login.cfg file. To check what encryption algorithm is being used the login.cfg file will contain something like:
usw:
shells = /bin/sh,/bin/bsh,/bin/csh,/bin/ksh,/bin/tsh,/bin/ksh93,/usr/bin
/sh,/usr/bin/bsh,/usr/bin/csh,/usr/bin/ksh,/usr/bin/tsh,/usr/bin/ksh93,/usr/sbin
/sliplogin,/usr/sbin/uucp/uucico,/usr/sbin/snappd,/bin/false
maxlogins = 32767
logintimeout = 60
pwd_algorithm = sha256
auth_type = STD_AUTH
The passwd.txt file might also show something like this:
root:
password = {sha256}06$SBysqAi4UQQ1nxC3$L55aKwmscvwxnKskkVrMk0HddbJyNkoE
v6HNXoLO.kH
Resolving The Problem
Please use one of the supported encryption algorithms based on the version of DB2 that is being used.
Related Information
[{"Type":"MASTER","Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"ARM Category":[{"code":"a8m500000008PmmAAE","label":"Security and Plug-Ins->Authentication"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"}],"Version":"8.2.0;9.1.0;9.5.0"}]
Was this topic helpful?
Document Information
Modified date:
31 January 2022
UID
swg21470246