LinuxQuestions.org
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   user password doesnot work via ssh (https://www.linuxquestions.org/questions/linux-server-73/user-password-doesnot-work-via-ssh-4175721051/)

sag2662 01-18-2023 10:03 AM
user password doesnot work via ssh
 
Hi all,
I am trying to connect to the client from server with the user test. on the client i have added user "test" and from the server, i am trying to connect to client via ssh as below

Code:
root@server:/home# su - test
$ ssh client1
The authenticity of host 'client1 (172.67.8.90)' can't be established.
ED25519 key fingerprint is SHA256:PpN7cwhwwfd59H9yPtUhIv7hP7B8/IH9Fc2OXWX8dlo.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'client1 ' (ED25519) to the list of known hosts.
Unauthorized access to this machine is prohibited
Press <Ctrl-D> if you are not an authorized user
(test@client1) Password:
Connection closed by 172.67.8.90 port 22
though I give the right password it doesnot take at all. what could be the issue?
where am i going wrong.please suggest

Turbocapitalist 01-18-2023 10:12 AM
That looks normal, if it were roort. Most systems allow only either key-based or certificate-based login for root. Try logging in as another user or else make and install a key pair for root. However it is usually a bad idea to allow remote login for root and most tasks can be accomplished by other means. What problem are you trying to solve?

Edit: misread the first line. See the -v -v -v suggestion instead.

pan64 01-18-2023 10:13 AM
you might want to use ssh -vvv <host> to see what's going on. We don't know the configuration so we can hardly find the root cause. Would be nice to give us more details.

Turbocapitalist 01-18-2023 10:17 AM
The relevant lines from the client configuration file ~/.ssh/config might help too, if it is in use.

If you want to see the full set of options as they are going to be applied to that particular session, see the -G option for the SSH client:

Code:
ssh -G test@client1 | sort | less

sag2662 01-18-2023 11:03 AM
Quote:
Originally Posted by pan64 (Post 6405245)
you might want to use ssh -vvv <host> to see what's going on. We don't know the configuration so we can hardly find the root cause. Would be nice to give us more details.
yes i ran in verbose mode it always asks me to issue password, but it doesnot accept password, but from the client i can always switch as test user.

sag2662 01-18-2023 11:08 AM
Quote:
Originally Posted by Turbocapitalist (Post 6405247)
The relevant lines from the client configuration file ~/.ssh/config might help too, if it is in use.

If you want to see the full set of options as they are going to be applied to that particular session, see the -G option for the SSH client:

Code:
ssh -G test@client1 | sort | less
is there any particular option that i could look for ?

Code:
user test
userknownhostsfile /home/test.ssh/known_hosts /home/test/.ssh/known_hosts2
verifyhostkeydns false

TenTenths 01-18-2023 11:08 AM
Check that the remote system actually allows password based logins. It may be configured for key-pair only.

lvm_ 01-18-2023 11:40 AM
If anything at all involving client-server interaction not working as expected you should start by analysing server logs - do it. OpenSSH log is in /var/log/auth.log, you might want to increase log verbosity using LogLevel directive in /etc/ssh/sshd_config.

pan64 01-18-2023 11:45 AM
Quote:
Originally Posted by sag2662 (Post 6405259)
yes i ran in verbose mode it always asks me to issue password, but it doesnot accept password, but from the client i can always switch as test user.
and it is still not enough to help you. You need to either show us the config and the real commands (how did you execute, what and what was the response) or check the log files on both sides.

scasey 01-19-2023 01:34 PM
OP is connecting “from server to client”…
Is sshd configured and running on the client? I’m guessing not.
ssh is a one-way process. Being able to connect from machine A to machine B does not mean you can connect from machine B to machine A. You’d need to set up sshd on the “client” machine to be able to connect to it (at which time, the “server” will become the client and vice versa)

Turbocapitalist 01-19-2023 01:55 PM
Quote:
Originally Posted by scasey (Post 6405542)
OP is connecting “from server to client”…
Is sshd configured and running on the client? I’m guessing not.
It did connect, it just did not authenticate. Checking sshd's logs on the system receiving the connection would be the way to go, as mentioned in post #8 above.

sag2662 01-20-2023 01:53 AM
Quote:
Originally Posted by scasey (Post 6405542)
OP is connecting “from server to client”…
Is sshd configured and running on the client? I’m guessing not.
ssh is a one-way process. Being able to connect from machine A to machine B does not mean you can connect from machine B to machine A. You’d need to set up sshd on the “client” machine to be able to connect to it (at which time, the “server” will become the client and vice versa)

sshd is configured and it justs works fine from another machines.

Turbocapitalist 01-20-2023 02:58 AM
Quote:
Originally Posted by sag2662 (Post 6405660)
sshd is configured and it justs works fine from another machines.
Then try tracking what's going on with the connection from the one specific client by setting up a one-off SSH session. On the system being connected to:

Code:
/usr/sbin/sshd -p 2222 -d -d -E /tmp/server1.ssh.log
Then on the system you are connecting from:

Code:
ssh -p 2222 -v -E /tmp/client1.ssh.log test@client1
That will allow one single attempt at connecting. On the server, the output from sshd will be saved in /tmp/server1.ssh.log and on the client the output will be save in /tmp/client1.ssh.log and both will contain information from only the single session attempt.

sag2662 01-20-2023 04:01 AM
Quote:
Originally Posted by Turbocapitalist (Post 6405677)
Then try tracking what's going on with the connection from the one specific client by setting up a one-off SSH session. On the system being connected to:

Code:
/usr/sbin/sshd -p 2222 -d -d -E /tmp/server1.ssh.log
Then on the system you are connecting from:

Code:
ssh -p 2222 -v -E /tmp/client1.ssh.log test@client1
That will allow one single attempt at connecting. On the server, the output from sshd will be saved in /tmp/server1.ssh.log and on the client the output will be save in /tmp/client1.ssh.log and both will contain information from only the single session attempt.

Thank you. I ran this on server and client side and I have the following. Says too many authentication failures. may be i create new user on server and client and try again

on client1:
Code:
PAM: Authentication failure for illegal user test from "172.60.20.15"
Failed:/keyboard-interactive/pam for invalid user test from "172.67.8.90" port 54264 ssh2
Disconnecting invalid user test port 54264:Too many authentication failures

on server1:
Code:
Disconnect from 172.67.8.90  port 2222:22 Too many authentication failureson client1:

Turbocapitalist 01-20-2023 04:05 AM
Quote:
Originally Posted by sag2662 (Post 6405689)
on client1:
Code:
PAM: Authentication failure for illegal user test from "serverip"
Failed:/keyboard-interactive/pam for invalid user test from "serverip" port 54264 ssh2
Disconnecting invalid user test port 54264:Too many authentication failures
Thanks. That seems to narrow it down to "client1". Does the account "test" exist on that system? What are the full configuration settings there?

Code:
/usr/sbin/sshd -T -C user=test | sort
How have you set PAM there on "client1" ?


All times are GMT -5. The time now is 11:34 AM.
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page