Access denied - SSH login

RamblingBiped

"invalid user root"

What does your sshd_config file look like? Is root allowed? Have you restarted the ssh server since you made the last changes to the config file?

AdamF

@RamblingBiped said in Access denied - SSH login:

"invalid user root"

What does your sshd_config file look like? Is root allowed? Have you restarted the ssh server since you made the last changes to the config file?

Yes, service is restarted. The only changes to the stock sshd_config flle is:

PermitRootLogin yes
AllowGroups wheel
Port xxxx
AddressFamily inet

Alex Sage

Firewall?

scottalanmiller

Test the login from the box itself using the loopback 127.0.0.1

AdamF

@scottalanmiller said in Access denied - SSH login:

Test the login from the box itself using the loopback 127.0.0.1

No go. Permission denied, using the same password that I just logged in with.

scottalanmiller

@fuznutz04 said in Access denied - SSH login:

@scottalanmiller said in Access denied - SSH login:

Test the login from the box itself using the loopback 127.0.0.1

No go. Permission denied, using the same password that I just logged in with.

Okay, so you can rule out networking, both firewalls, etc. It's all down to SSH configuration at this point.

AdamF

@scottalanmiller said in Access denied - SSH login:

@fuznutz04 said in Access denied - SSH login:

@scottalanmiller said in Access denied - SSH login:

Test the login from the box itself using the loopback 127.0.0.1

No go. Permission denied, using the same password that I just logged in with.

Okay, so you can rule out networking, both firewalls, etc. It's all down to SSH configuration at this point.

Thanks for the tip. That definitely narrowed it down. So after playing with the config file for a while, I concluded that the problem is the line:

AllowGroups wheel

If I comment that out, it works perfect. if it's uncommented, it doesn't allow access, even to root.

(looks up and to the right while squinting eyes, confused...)

scottalanmiller

Yeah, that is a bit odd.

travisdh1

@fuznutz04 If you comment out 'PermitRootLogin yes' and leave 'AllowGroups wheel' in, are you able to login as a member of the wheel group? Thinking it might not like overlapping root and wheel, maybe.

I'm with @scottalanmiller, it doesn't make sense either way.

stacksofplates

I think allow group will only allow members from that group and since root isn't part of wheel it can't log in.

stacksofplates

If you add

AllowUsers root 

it should also let root along with the wheel group.

AdamF

@travisdh1 Didn't like that either. It also doesn't work if I remove AllowGroups and try it with AllowUsers. It's almost like any line I add into that config borks the entire thing.

scottalanmiller

Very odd, indeed. Sorry I don't have any magic insight there.

AdamF

@scottalanmiller Yeah, it was a test box on Vultr, and in the end, I'll probably just reinstall it, but the fact that it's doing this is bothering me, especially thinking about if it would be a production box. Oh well, thanks for the help.