Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I created a new user on my AWS EC2 RHEL 7 instance that I just use for learning purposes. I also created a new SSH key for use on this server. Everything looked to be configured for the user in terms of having created the ~/.ssh/authorized_keys file on the server with the public key. I set the permissions correctly, but I was still having trouble logging in as I kept getting a permission denied message (Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
I checked /etc/ssh/sshd_config to see what the setup looked like and I didn't see any explicit declarations for AllowGroups or AllowUser. But on a whim, I just tried adding the newly created user to the 'adm' group which the default 'ec2-user' was a part of and everything worked as expected.
So my question is, if not in the /etc/ssh/sshd_config file, where is the configuration specified to allow members of the 'adm' group to login via ssh?
While I can't answer the question, I would use verbose options (ssh -vvv) to better understand what's going on, and check /var/log/secure, where successful and failed login attempts are logged. The sshd log might also help (journalctl -u sshd).
I created a new user on my AWS EC2 RHEL 7 instance that I just use for learning purposes. I also created a new SSH key for use on this server. Everything looked to be configured for the user in terms of having created the ~/.ssh/authorized_keys file on the server with the public key. I set the permissions correctly, but I was still having trouble logging in as I kept getting a permission denied message (Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
I checked /etc/ssh/sshd_config to see what the setup looked like and I didn't see any explicit declarations for AllowGroups or AllowUser. But on a whim, I just tried adding the newly created user to the 'adm' group which the default 'ec2-user' was a part of and everything worked as expected.
So my question is, if not in the /etc/ssh/sshd_config file, where is the configuration specified to allow members of the 'adm' group to login via ssh?
And, what is getting logged in /var/log/secure or /var/log/messages when you try to login as this new user?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
