[SOLVED] Unable to remote ssh login (permission denied)
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
# The error message when I tried to login from remote terminal
[root@lnx-test04 ~]# ssh lnx-test07 -l robert
Permission denied, please try again.
# Error message from server lnx-test07 (/var/log/secure) where robert account was created
Jun 13 15:19:22 lnx-test07 sshd: pam_exec(sshd:auth): /usr/local/sbin/pam_check_home_dir.sh failed: exit code 1
Jun 13 15:19:24 lnx-test7 sshd: Failed password for robert from 172.xxx.xxx.xxx port 53626 ssh2
# Successfully login to robert account via (su – l spccaps) from the server where the robert account was created
[root@lnx-test04 ~]# su - robert
Are you using pubkey authentication or password authentication? If it's pubkey, you may have a directory/file permission problem. For OpenSSH with pubkey authentication, the $HOME directory, the .ssh subdirectory, and the authorized_keys file can not be writeable by anyone but the owner, else remotely logging in will fail. Having the 'robert' $HOME as a subdirectory under the 'john' $HOME might cause permissions issues. Can't say I've ever tried that particular setup to know from experience.
I also see mention of "ssh2" in one of your log messages, and I believe that "2" is normally associated with Tectia SSH. Are you using Tectia or OpenSSH?
Looks like Z038 has your answer. He posted at the same time I was typing. I didn't look at your PAM script closely, but Z038 did, and pointed out the problem with the script. I'm not sure why the script would want to enforce a strict convention for $HOME directories anyway. True, most people put users under /home, but I've seen plenty of cases where that isn't true, and it's weird that PAM would try to enforce that convention.
Thanks Z038, haertig and chrism01 for your feedback.
FYI, I am migrating application from hp-ux to Linux and suddenly hit by this issue.
It's totally worked in HP-UX (it was run for years) but not Linux. By the way, is there still a way to carry similar account setup in Linux?