Access denied - SSH login
-
@JaredBusch Yep, and I also created another user just to be sure. No dice. Also restarted the entire server for good measure.
-
@fuznutz04 said in Access denied - SSH login:
@JaredBusch Yep, and I also created another user just to be sure. No dice. Also restarted the entire server for good measure.
Reenable root login via SSH and see if that works on the new port setup.
-
Nope, Permission denied after allowing root, changing root's password, and restarting ssh
-
Up the verbosity when you connect and see if it provides any additional clues.
ssh -vvv user@host
-
After entering password:
debug2: we sent a password packet, wait for reply debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password Permission denied, please try again. -
Have you tried stopping Fail2Ban? Anything strange showing up in your Fail2Ban logs?
-
This will show your Fail2Ban jails and display whether your IP blacklisted.
sudo iptables -L -n -
Nothing is blacklisted. In fact, in both Fail2Ban as well as the Responsive firewall in firewall, the IP I'm trying to connect from is whitelisted/in the trusted zone.
For good measure, I stopped Fail2Ban, and still receive the same messages.
-
<sarcasm>
Are you certain CAPS-LOCK isn't on?
</sarcasm> -
Are you monitoring the /var/log/secure file as you are trying to connect? Have you tried connecting to the freepbx IP instead of hostname?
-
Just tried, and it says Failed password for invalid user root from IP port xxxxx ssh2
-
"invalid user root"
What does your sshd_config file look like? Is root allowed? Have you restarted the ssh server since you made the last changes to the config file?
-
@RamblingBiped said in Access denied - SSH login:
"invalid user root"
What does your sshd_config file look like? Is root allowed? Have you restarted the ssh server since you made the last changes to the config file?
Yes, service is restarted. The only changes to the stock sshd_config flle is:
PermitRootLogin yes
AllowGroups wheel
Port xxxx
AddressFamily inet -
Firewall?
-
Test the login from the box itself using the loopback 127.0.0.1
-
@scottalanmiller said in Access denied - SSH login:
Test the login from the box itself using the loopback 127.0.0.1
No go. Permission denied, using the same password that I just logged in with.
-
@fuznutz04 said in Access denied - SSH login:
@scottalanmiller said in Access denied - SSH login:
Test the login from the box itself using the loopback 127.0.0.1
No go. Permission denied, using the same password that I just logged in with.
Okay, so you can rule out networking, both firewalls, etc. It's all down to SSH configuration at this point.
-
@scottalanmiller said in Access denied - SSH login:
@fuznutz04 said in Access denied - SSH login:
@scottalanmiller said in Access denied - SSH login:
Test the login from the box itself using the loopback 127.0.0.1
No go. Permission denied, using the same password that I just logged in with.
Okay, so you can rule out networking, both firewalls, etc. It's all down to SSH configuration at this point.
Thanks for the tip. That definitely narrowed it down. So after playing with the config file for a while, I concluded that the problem is the line:
AllowGroups wheelIf I comment that out, it works perfect. if it's uncommented, it doesn't allow access, even to root.
(looks up and to the right while squinting eyes, confused...)
-
Yeah, that is a bit odd.
-
@fuznutz04 If you comment out 'PermitRootLogin yes' and leave 'AllowGroups wheel' in, are you able to login as a member of the wheel group? Thinking it might not like overlapping root and wheel, maybe.
I'm with @scottalanmiller, it doesn't make sense either way.
