Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I have an SSH login problem with our newly installed RedHat Advanced Server 2.1 running on Dell PowerEdge 1750. I CAN SSH into it if I log in as root, however, if I try to log in as normal user, error message 'connection closed' will appear.
Anybody has encountered simliar problem? I don't think it's ssh problem, as I turn on sshd verbose level to DEBUG, sshd is not complaining anything. Instead, I believe it should have something to do with my PAM configuration, but I am new to PAM and cannot find anything wrong with those config files.
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth required /lib/security/pam_deny.so
Haven't seen that prob. Checking these items next to what you've already shown would be the first things I'd do:
- SSH related: the /etc/ssh/ssh_ and sshd_ configs for DenyUsers or DenyGroups directives,
- PAM related: /etc/security/limits.conf for "login" directives for the user: if you limit those, make sure ssh-enabled users are allowed logins+1,
- TCP Wrappers: /etc/hosts.(deny|allow) for any IP, group or user based blocks.
Less common would be specific netfilter (iptables) rules using extensions like string or UID match, or IP blocks. While you're at it also check the users' ~/.ssh dir for right sig and config as well, even tho I can't imagine the problem to be in ~/.ssh.
If you ssh in as that user, specifying "-v -v -v" on the cmdline should give you all excessive and gory details of the connection and handshake buildup. Scrubbing IP addy's and posting the details *could* help.