LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   *BSD (https://www.linuxquestions.org/questions/%2Absd-17/)
-   -   ssh is not allowing me to login (https://www.linuxquestions.org/questions/%2Absd-17/ssh-is-not-allowing-me-to-login-753853/)

manya 09-09-2009 08:03 AM

ssh is not allowing me to login
 
Hi Guys,

I am new to FreeBSD and just completed my first installation. I am trying to access this system via SSH but system is not allowing me to log in while it is prompting for the password. Don't know what went wrong or I missed anything.

Please advise...

Lee_Ball 09-09-2009 10:47 AM

So it prompts for username and password ok then?

Does it say login incorrect when you try and login? Also, who are you trying to login as?

anomie 09-09-2009 11:59 AM

Quote:

Originally Posted by manya
I am new to FreeBSD and just completed my first installation. I am trying to access this system via SSH but system is not allowing me to log in while it is prompting for the password. Don't know what went wrong or I missed anything.

I'm going to guess that you're trying to log in over ssh as root. Is that right? If so, it's disabled by default. (ssh in as a regular user and then su to root instead.)

If that doesn't help, then tail /var/log/auth.log on the FreeBSD host while trying to ssh in. Post the messages you see here.

manya 09-09-2009 10:15 PM

That's right anomie, I tried login as root but even I did the same thing with normal user and tried su - and system says BAD SU - over .

Right now I do not have FreeBSD machine in front of me. Will paste the auth.log o/p later

Lee_Ball 09-10-2009 04:02 AM

Try su root rather then just su.

Sounds like you're now logging into the box correctly using SSH though, your issue now is elevating your privileges.

Fin7PL 09-10-2009 06:41 AM

Is your user part of the wheel group?

Code:

pw group show wheel
If not

Code:

pw usermod "yourname" -G wheel
Ofc you have to do that as root and then ssh your user in and try su

manya 09-14-2009 09:24 AM

I could login with normal user then su to become root via ssh using pw method, but there is no way by which we can allow root to access directly via ssh.

Lee_Ball 09-15-2009 03:30 AM

Quote:

Originally Posted by manya (Post 3682294)
I could login with normal user then su to become root via ssh using pw method, but there is no way by which we can allow root to access directly via ssh.

You can, but its not recommended as people will already be trying to login by root, and once they have compromised your password they will have root access.

But, as with all things, its your choice.

The most likely reason you can't login as root is the PermitRootLogin section in /etc/ssh/sshd_config is set to no.

Change that line to this:

PermitRootLogin Yes

then save the file and restart the ssh service, or the whole machine if you want.

I never allow root login though, and its ALWAYS the thing to turn off, view various guides online suggesting don't do it.

Fin7PL 09-15-2009 03:35 AM

I thought that root login was denied as default in FBSD. I´m pretty sure about it.

Fin7PL 09-15-2009 03:38 AM

Quote:

Originally Posted by manya (Post 3682294)
I could login with normal user then su to become root via ssh using pw method, but there is no way by which we can allow root to access directly via ssh.

It should be Disabled by default, unless you have enabled it.

As Lee_ball informs, there´s way to Disable it again though.

manya 09-16-2009 10:06 PM

disabled, you mean for ssh service only or in pam. Because I could directly login on console that means root is not disabled only thing is I am not able to login via ssh.
And, even I tried doing su - but it says BAD Su for user xxxx

Fin7PL 09-17-2009 01:21 AM

Yes i mean over ssh. What is your problem now exactly?

Using su ? or...


EDIT: Once again, in order to allow user "xxxx" use SU command succesfully, he has to be part of the wheel group.

EDIT2: Also the /var/log/auth.log would be nice.

Lee_Ball 09-17-2009 08:25 AM

Quote:

Originally Posted by manya (Post 3686289)
disabled, you mean for ssh service only or in pam. Because I could directly login on console that means root is not disabled only thing is I am not able to login via ssh.
And, even I tried doing su - but it says BAD Su for user xxxx

Hello Manya,

When you login at the console, you're not using SSH to login with so there is still a good chance its locked down.

I still think its a bad idea and using su to elevate privileges once logged in with a normal user account is always the way to go.

See here for examples of people suggesting lock it down:

http://blog.dbugs.org/2007/08/29/ssh-security/

http://www.wikihow.com/Secure-a-Linux-Server - See point 4



With regards to root logging in via ssh see this article:

http://www.ssh.com/.../Configuring_Root_Logins.html

Lee_Ball 09-22-2009 07:17 AM

Please see this recent news article regarding why being able to login as root is a baaaaadddd idea:

http://www.builderau.com.au/program/...9298642,00.htm


All times are GMT -5. The time now is 08:23 AM.