IBM Support

SQL30082 RC=24 or RC=15 returned when connecting to database on Server when pwd_algorithm is Crypt, MD5, SHA1, SHA256, SHA512, Blowfish

Troubleshooting


Problem

A local or remote connection to a database returns
 
SQL30082N Security processing failed with reason "24" ("USERNAME AND/OR PASSWORD INVALID"). SQLSTATE=08001

  
Errors in the Db2 diagnostic log might be similar to the following:
  
2011-10-19-14.05.06.682321-300 I2777674A527 LEVEL: Severe
PID : 9633910 TID : 258 PROC : db2ckpwd 0
INSTANCE: db2inst1 NODE : 000
EDUID : 258 EDUNAME: db2sysc 0
FUNCTION: DB2 UDB, oper system services, sqloGetUserAttribByName, probe:50
MESSAGE : Unsupported password encryption algorithm in use! Configure the
Operating System to use a supported algorithm.
DATA #1 : Hexdump, 4 bytes
0x07000000003F7F00 : 870F 00CD ....

Cause

DB2 Version 9.1 and Version 9.5 up to Fix Pack 3 supports the following password encryption algorithms:
  • crypt
  • md5
  • sha1
Db2 9.5 FP4 and beyond, including later major releases, do not have a restriction on password encryption algorithms for local users. Any algorithm supported by the operating system may be used.
 

Diagnosing The Problem

On AIX the password encryption algorithm is specified in the /etc/security/login.cfg file using the pwd_algorithm parameter:
  
usw:
shells = /bin/sh,/bin/bsh,/bin/csh,/bin/ksh,/bin/tsh,/bin/ksh93,/usr/bin
/sh,/usr/bin/bsh,/usr/bin/csh,/usr/bin/ksh,/usr/bin/tsh,/usr/bin/ksh93,/usr/sbin
/sliplogin,/usr/sbin/uucp/uucico,/usr/sbin/snappd,/bin/false
maxlogins = 32767
logintimeout = 60
pwd_algorithm = sha256
auth_type = STD_AUTH


The passwd.txt file might also show something like this:
root:
password = {sha256}06$SBysqAi4UQQ1nxC3$L55aKwmscvwxnKskkVrMk0HddbJyNkoE
v6HNXoLO.kH

Resolving The Problem

Use a supported password encryption algorithm or update to Db2 9.5 Fix Pack 4 or later.

[{"Type":"MASTER","Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"ARM Category":[{"code":"a8m500000008PmmAAE","label":"Security and Plug-Ins-\u003EAuthentication"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"}],"Version":"All Versions"}]

Document Information

Modified date:
19 September 2024

UID

swg21470246

Page Feedback