LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-14-2018, 09:47 AM   #1
tejama
Member
 
Registered: Aug 2007
Posts: 37

Rep: Reputation: 15
SSH Access


I created a new user on my AWS EC2 RHEL 7 instance that I just use for learning purposes. I also created a new SSH key for use on this server. Everything looked to be configured for the user in terms of having created the ~/.ssh/authorized_keys file on the server with the public key. I set the permissions correctly, but I was still having trouble logging in as I kept getting a permission denied message (Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

I checked /etc/ssh/sshd_config to see what the setup looked like and I didn't see any explicit declarations for AllowGroups or AllowUser. But on a whim, I just tried adding the newly created user to the 'adm' group which the default 'ec2-user' was a part of and everything worked as expected.

So my question is, if not in the /etc/ssh/sshd_config file, where is the configuration specified to allow members of the 'adm' group to login via ssh?
 
Old 11-15-2018, 03:02 AM   #2
berndbausch
Senior Member
 
Registered: Nov 2013
Location: Tokyo
Distribution: A few
Posts: 4,789

Rep: Reputation: 1425Reputation: 1425Reputation: 1425Reputation: 1425Reputation: 1425Reputation: 1425Reputation: 1425Reputation: 1425Reputation: 1425Reputation: 1425
While I can't answer the question, I would use verbose options (ssh -vvv) to better understand what's going on, and check /var/log/secure, where successful and failed login attempts are logged. The sshd log might also help (journalctl -u sshd).
 
Old 11-15-2018, 11:38 AM   #3
dc.901
Member
 
Registered: Aug 2018
Location: Atlanta, GA - USA
Distribution: CentOS/RHEL, openSuSE/SLES, Ubuntu
Posts: 775

Rep: Reputation: 241Reputation: 241Reputation: 241
Quote:
Originally Posted by tejama View Post
I created a new user on my AWS EC2 RHEL 7 instance that I just use for learning purposes. I also created a new SSH key for use on this server. Everything looked to be configured for the user in terms of having created the ~/.ssh/authorized_keys file on the server with the public key. I set the permissions correctly, but I was still having trouble logging in as I kept getting a permission denied message (Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

I checked /etc/ssh/sshd_config to see what the setup looked like and I didn't see any explicit declarations for AllowGroups or AllowUser. But on a whim, I just tried adding the newly created user to the 'adm' group which the default 'ec2-user' was a part of and everything worked as expected.

So my question is, if not in the /etc/ssh/sshd_config file, where is the configuration specified to allow members of the 'adm' group to login via ssh?
And, what is getting logged in /var/log/secure or /var/log/messages when you try to login as this new user?
 
  


Reply

Tags
rhel, ssh, ssh access using key


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to log ssh activity in /var/log/ssh/ssh*.log MrUmunhum Linux - Server 3 11-02-2011 02:25 AM
SSH access problems: Can only allow users SSH access by adding to root group dhupke Slackware 10 12-21-2008 09:48 AM
ssh-agent, ssh-add and ssh-keygen AND CVS raylpc Linux - General 2 11-19-2008 02:50 AM
setting up an ssh soxy or local ssh tunnel from within an ssh soxy Mangenius Linux - Networking 0 03-05-2007 03:15 PM
Passwordless SSH with SSH commercial server and open ssh cereal83 Linux - General 7 04-18-2006 12:34 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:44 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration