SSH-problem : shut out
These are my settings in /etc/ssh/sshd_config
Code:
Port 2273 Code:
[jonas@jonas ~]$ ssh -2 -p 2273 -l myadmin -i .ssh/id_rsa_myadmin domain.tld What did I do wrong ?? |
Quote:
As a side note authorized_keys2 has been depricated since v3.0, authorized_keys is recommended. Mike |
If it isn't permissions, try running ssh with the -v option. That will often give you extra insights into what ssh is trying to do when it fails.
|
Quote:
Code:
OpenSSH_5.1p1, OpenSSL 0.9.8g 19 Oct 2007 |
Quote:
Make sure that id_rsa_myadmin.pub is in the authorized_keys on the server, that you're trying to log in from the right account on the client, and of course the permissions are right on both client and server. I just noticed that you said that you couldn't log in after a reboot of the server. Does this mean that you could before? What changed? Mike |
Quote:
On my laptop I'm logged in as normal user 'jonas' and with the -l option I give the username of the user to log in : Code:
ssh -v -2 -p 2273 -l admin-voipcenter -i .ssh/id_rsa_voipcenter myserver.domain.tld Quote:
Code:
AllowUsers admin-voipcenter Or so I thought... after a reboot of the server (not just the deamon) I could no longer login through ssh... That's the whole story. Is there any way that I can gain access to the server without physically moving ?? |
Quote:
The next trick to try is to start up the server with the -d option. This is the debugging mode which leaves it in the foreground and prints out error messages. It will only accept one connection and then quit. Let me know how it goes. Mike |
Quote:
I did not change network... I was, and still am, on my home network. Quote:
If I open the Telnet-port on the firewall (through the ClarkConnect-GUI) would I be able to send commands through Telnet ? Is there a Telnet-command to edit files (I would then edit etc/hosts.allow and explicitly put my hostname in it) ?? |
Quote:
hopefully we can get some debug info to help. on the server: Code:
sudo /sbin/service sshd stop Code:
sudo tail -f /var/log/messages Code:
ssh -v -v -v user@server.net |
So I'm physically at the server.
I have granted password-access in /etc/ssh/sshd_config -file... There's something strange : Code:
[root@box ~]# passwd admin-voipcenter Code:
[root@box .ssh]# cat /etc/passwd | grep admin Code:
/usr/sbin/useradd admin-voipcenter Would there be a reason that key-authentication fails because of an 'unknown user' ?? |
Yep, user admin-voipcenter does not exist as you can see from /etc/passwd and also the uid instead of the name is showing as the owner on the home dir. The latter means there's no matching entry in /etc/passwd. The dirs are all owned by uid, but the system shows you the acct name if and only if it can get a matching uid from /etc/passwd.
|
Quote:
If you re-add the user admin-voipcenter you'll have to specify the uid and gid of 1004 so that it can read the old home directory. At the same time you should specify the home directory itself too. If this user is for remote login only you don't need a local password and can run Code:
passwd admin-voipcerter -d Code:
/home/admin-voipcenter/.ssh/authorized_keys Code:
./ssh/authorized_keys Once that's fixed, you should be fine. Mike |
All times are GMT -5. The time now is 06:34 AM. |