On the remote machine, try running "login" command, or logging into a tty (in other words, on the remote machine do alt+crtl+f1 and login with the fmain user). Can you use login to login as this user? Also, try: su root su some_other_user su fmain It should prompt you for the password for fmain. Does it accept it. If so, please paste your /etc/pam.d/sshd (or /etc/pam.d/ssh) file. Quintin Beukes On Mon, Jan 18, 2010 at 12:43 AM, Yarin <yarin@xxxxxxxxxxxx> wrote: > Hello all, > > I'm trying to get SSH to work with a non-root user in a VPS Container running CentOS 5.3. But with no luck. > I can log in to root with no problem, but no matter which way I try, I can't log in to any normal users that I make. When I try to log in via SSH, it always fails, and behaves exactly as if though I was entering the wrong password. (I am entering the right one, though, I've make sure of that) > > Here I try to log into user "fmain": (with debugging view enabled) > > > # ssh 109.107.120.17 -l fmain -v > OpenSSH_5.2p1, OpenSSL 0.9.8k-fips 25 Mar 2009 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug1: Connecting to 109.107.120.17 [109.107.120.17] port 22. > debug1: Connection established. > debug1: identity file /home/yarin/.ssh/identity type -1 > debug1: identity file /home/yarin/.ssh/id_rsa type -1 > debug1: identity file /home/yarin/.ssh/id_dsa type -1 > debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 > debug1: match: OpenSSH_4.3 pat OpenSSH_4* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_5.2 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client aes128-ctr hmac-md5 none > debug1: kex: client->server aes128-ctr hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug1: Host '109.107.120.17' is known and matches the RSA host key. > debug1: Found key in /home/yarin/.ssh/known_hosts:1 > debug1: ssh_rsa_verify: signature correct > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug1: Authentications that can continue: publickey,gssapi-with-mic,password > debug1: Next authentication method: gssapi-with-mic > debug1: Unspecified GSS failure. Minor code may provide more information > No credentials cache found > debug1: Unspecified GSS failure. Minor code may provide more information > No credentials cache found > debug1: Unspecified GSS failure. Minor code may provide more information > debug1: Next authentication method: publickey > debug1: Trying private key: /home/yarin/.ssh/identity > debug1: Trying private key: /home/yarin/.ssh/id_rsa > debug1: Trying private key: /home/yarin/.ssh/id_dsa > debug1: Next authentication method: password > fmain@xxxxxxxxxxxxxx's password: > debug1: Authentications that can continue: publickey,gssapi-with-mic,password > Permission denied, please try again. > fmain@xxxxxxxxxxxxxx's password: > debug1: Authentications that can continue: publickey,gssapi-with-mic,password > Permission denied, please try again. > fmain@xxxxxxxxxxxxxx's password: > debug1: Authentications that can continue: publickey,gssapi-with-mic,password > debug1: No more authentication methods to try. > Permission denied (publickey,gssapi-with-mic,password). > > > The debugging comments are all the same when I successfully log in to root, except for everything beyond "root@xxxxxxxxxxxxxx's password:" of course. > > I checked, and all relevent /devs (on the the remote machine) have 666 privs minimum, so that's not the problem. > > The remote machine's /etc/ssh/sshd_config file looks like this: (with comment lines stripped) > > > Protocol 2 > SyslogFacility AUTHPRIV > PasswordAuthentication yes > ChallengeResponseAuthentication no > GSSAPIAuthentication yes > GSSAPICleanupCredentials yes > UsePAM yes > AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES > AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT > AcceptEnv LC_IDENTIFICATION LC_ALL > X11Forwarding no > Subsystem sftp /usr/libexec/openssh/sftp-server > > > I even tried adding "AllowUsers root fmain" to it, and restarting the SSH Daemon, but was no help. > > From my googling, there are plenty of people with the opposite problem (can log in, just not through root). And I tried everything that the few who seemed to have this same problem had done. > I've exhausted my searching options and don't know where to go from here. Anyone have any ideas? > > Thanks for any help that you may be able to provide, > Yarin >