Access denied - SSH login
-
Test the login from the box itself using the loopback 127.0.0.1
-
@scottalanmiller said in Access denied - SSH login:
Test the login from the box itself using the loopback 127.0.0.1
No go. Permission denied, using the same password that I just logged in with.
-
@fuznutz04 said in Access denied - SSH login:
@scottalanmiller said in Access denied - SSH login:
Test the login from the box itself using the loopback 127.0.0.1
No go. Permission denied, using the same password that I just logged in with.
Okay, so you can rule out networking, both firewalls, etc. It's all down to SSH configuration at this point.
-
@scottalanmiller said in Access denied - SSH login:
@fuznutz04 said in Access denied - SSH login:
@scottalanmiller said in Access denied - SSH login:
Test the login from the box itself using the loopback 127.0.0.1
No go. Permission denied, using the same password that I just logged in with.
Okay, so you can rule out networking, both firewalls, etc. It's all down to SSH configuration at this point.
Thanks for the tip. That definitely narrowed it down. So after playing with the config file for a while, I concluded that the problem is the line:
AllowGroups wheelIf I comment that out, it works perfect. if it's uncommented, it doesn't allow access, even to root.
(looks up and to the right while squinting eyes, confused...)
-
Yeah, that is a bit odd.
-
@fuznutz04 If you comment out 'PermitRootLogin yes' and leave 'AllowGroups wheel' in, are you able to login as a member of the wheel group? Thinking it might not like overlapping root and wheel, maybe.
I'm with @scottalanmiller, it doesn't make sense either way.
-
I think allow group will only allow members from that group and since root isn't part of wheel it can't log in.
-
If you add
AllowUsers rootit should also let root along with the wheel group.
-
@travisdh1 Didn't like that either. It also doesn't work if I remove AllowGroups and try it with AllowUsers. It's almost like any line I add into that config borks the entire thing.
-
Very odd, indeed. Sorry I don't have any magic insight there.
-
@scottalanmiller Yeah, it was a test box on Vultr, and in the end, I'll probably just reinstall it, but the fact that it's doing this is bothering me, especially thinking about if it would be a production box. Oh well, thanks for the help.
