No longer able to log into ssh. Password right but "permission denied"
I've been using ssh for a while and its worked perfectly however now when I try to login...
Code:
login...andrew@tux ~ $ ssh localhost |
Can you log in locally without a problem? Have you tried resetting the password as root? Can you post your sshd_config?
|
Locally, all the passwords are fine, logging in, su'ing etc.
Quote:
As for my sshd config: Code:
# $OpenBSD: sshd_config,v 1.69 2004/05/23 23:59:53 dtucker Exp $ |
Here's the result of trying to log in with ssh -v:
Code:
ssh -v localhost |
Hrrm, that looks just fine. Try looking in your logs. Usually a more verbose message gets logged.
Very often, the log will be /var/log/secure, /var/log/sshd, or similar. |
there we no logs specific for ssh however it looks like it may have to have something to do with PAM. Also notice how it still lets root in (when "permitrootlogin=yes" of coarse).
Code:
less /var/log/messages | grep ssh: |
I guess it's time to turn to your attention to /etc/pam.d/sshd. What does that file contain? :)
|
Thanks for your help so far Matir :)
/etc/pam.d/sshd Code:
#%PAM-1.0 |
Quite perplexing. Your pam.d/sshd is identical to mine (Gentoo defaults for the 2005.0 profile). I don't suppose the file /etc/nologin exists?
Also, try to grep pam in /var/log/messages. Perhaps it's giving a more verbose message through pam. Interestingly enough, pam_stack should handle local logins and ssh logins the same, so only pam_shell and pam_nologin should matter. |
Thank you soo much. For some odd reason a /etc/nologin had been created with a line about "system is going down for a shutdown, blah blah" message. I deleted it and now all looks fine so far.
Once again, thanks! :D |
LOL, glad it's working. Might want to keep an eye out for that popping up again. I can't imagine what would cause it.
|
Deleting the account from /etc/passwd can help too
I had the same problem. I was unable to SSH to host-xyz, while other folks in my same unix group were able to. I was seeing this in /var/log/messages:
sshd[4191]: error: PAM: Authentication failure for emallove ... The problem was that somehow an account for "emallove" had been created on the local system which was apparently overriding our shared LDAP passwd file. After deleting the "emallove" line from /etc/passwd I can now SSH to host-xyz. |
All times are GMT -5. The time now is 08:19 AM. |