Re: Can't log in as anything but root via SSH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On the remote machine, try running "login" command, or logging into a
tty (in other words, on the remote machine do alt+crtl+f1 and login
with the fmain user). Can you use login to login as this user?

Also, try:
su root
su some_other_user
su fmain

It should prompt you for the password for fmain. Does it accept it.

If so, please paste your /etc/pam.d/sshd (or /etc/pam.d/ssh) file.

Quintin Beukes



On Mon, Jan 18, 2010 at 12:43 AM, Yarin <yarin@xxxxxxxxxxxx> wrote:
> Hello all,
>
> I'm trying to get SSH to work with a non-root user in a VPS Container running CentOS 5.3. But with no luck.
> I can log in to root with no problem, but no matter which way I try, I can't log in to any normal users that I make. When I try to log in via SSH, it always fails, and behaves exactly as if though I was entering the wrong password. (I am entering the right one, though, I've make sure of that)
>
> Here I try to log into user "fmain": (with debugging view enabled)
>
>
> # ssh 109.107.120.17 -l fmain -v
> OpenSSH_5.2p1, OpenSSL 0.9.8k-fips 25 Mar 2009
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to 109.107.120.17 [109.107.120.17] port 22.
> debug1: Connection established.
> debug1: identity file /home/yarin/.ssh/identity type -1
> debug1: identity file /home/yarin/.ssh/id_rsa type -1
> debug1: identity file /home/yarin/.ssh/id_dsa type -1
> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
> debug1: match: OpenSSH_4.3 pat OpenSSH_4*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.2
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-ctr hmac-md5 none
> debug1: kex: client->server aes128-ctr hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host '109.107.120.17' is known and matches the RSA host key.
> debug1: Found key in /home/yarin/.ssh/known_hosts:1
> debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey,gssapi-with-mic,password
> debug1: Next authentication method: gssapi-with-mic
> debug1: Unspecified GSS failure. Minor code may provide more information
> No credentials cache found
> debug1: Unspecified GSS failure. Minor code may provide more information
> No credentials cache found
> debug1: Unspecified GSS failure. Minor code may provide more information
> debug1: Next authentication method: publickey
> debug1: Trying private key: /home/yarin/.ssh/identity
> debug1: Trying private key: /home/yarin/.ssh/id_rsa
> debug1: Trying private key: /home/yarin/.ssh/id_dsa
> debug1: Next authentication method: password
> fmain@xxxxxxxxxxxxxx's password:
> debug1: Authentications that can continue: publickey,gssapi-with-mic,password
> Permission denied, please try again.
> fmain@xxxxxxxxxxxxxx's password:
> debug1: Authentications that can continue: publickey,gssapi-with-mic,password
> Permission denied, please try again.
> fmain@xxxxxxxxxxxxxx's password:
> debug1: Authentications that can continue: publickey,gssapi-with-mic,password
> debug1: No more authentication methods to try.
> Permission denied (publickey,gssapi-with-mic,password).
>
>
> The debugging comments are all the same when I successfully log in to root, except for everything beyond "root@xxxxxxxxxxxxxx's password:" of course.
>
> I checked, and all relevent /devs (on the the remote machine) have 666 privs minimum, so that's not the problem.
>
> The remote machine's /etc/ssh/sshd_config file looks like this: (with comment lines stripped)
>
>
> Protocol 2
> SyslogFacility AUTHPRIV
> PasswordAuthentication yes
> ChallengeResponseAuthentication no
> GSSAPIAuthentication yes
> GSSAPICleanupCredentials yes
> UsePAM yes
> AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
> AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
> AcceptEnv LC_IDENTIFICATION LC_ALL
> X11Forwarding no
> Subsystem sftp /usr/libexec/openssh/sftp-server
>
>
> I even tried adding "AllowUsers root fmain" to it, and restarting the SSH Daemon, but was no help.
>
> From my googling, there are plenty of people with the opposite problem (can log in, just not through root). And I tried everything that the few who seemed to have this same problem had done.
> I've exhausted my searching options and don't know where to go from here. Anyone have any ideas?
>
> Thanks for any help that you may be able to provide,
> Yarin
>


[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux