Access denied SSH from windows to linux via putty
ugh I knew it was something simple... when I was logging in i used (username)@(servername). after disabling UsePAM and testing connection I found that the login attempt was automatically appending the servername to the end of the login I entered, giving the wrong login. i logged in using just the username and was successful. renabled UsePAM parameter and was successful.. solved. thanks to all that responded!!
Related videos on Youtube
doval
Updated on September 18, 2022Comments
-
doval over 1 year
I have a fresh install of openSUSE (tumbleweed) that I am trying to access via ssh from my Windows 7 box on my local home network. I can ping the boxes from each other successfully. I have edited the /etc/ssh/sshd_config file on the openSUSE box and changed the port to 2223. I have added the line AllowUsers (mylogin) to ssh_config. PermitRootLogin is set to no. PasswordAuthentication is set to yes. I generated a public key on my windows machine and copied it to the openSUSE machine via a flash drive and added it to my .ssh/authorized_keys, but my understanding is this shouldn't be needed if I have PasswordAuthentication set to yes.
I have done these things after researching different solutions on the internet but I can't seem to find a solution to my problem: I can't login to my openSUSE box from Windows via Putty. I can connect to a session but I get 'Access Denied' everytime I attempt a login.
edit* I can login via ssh on my linux box from my linux box using
ssh openSUSEcomputername -p 2223
-
text over 7 yearsFirewall/Apparmor problem? and/or windows firewall problem?
-
MelBurslan over 7 yearsIs something like iptables enabled by default while installing suse ?
-
MelBurslan over 7 yearsfrom windows, open up a command prompt and try running
telnet suselinuxservername 2223
what do you see ? -
doval over 7 years@MelBurslan the response to telnet is a blank screen that says SSH-2.0-OpenSSH_7.2 and has a blinking cursor on the next line. If I don't type anything I get Connection to host lost after a couple minutes.
-
MelBurslan over 7 yearsThen you don't have a firewall problem. Try shutting down sshd and starting in debug mode for one single instance with
sshd -p 2223 -D -ddd -e
and try logging in from your windows machine, while watching the log screen on your linux box. It may give you the indication why it is giving access denied message. -
doval over 7 years@MelBurslan I tried that command and I get the response 'sshd re-exec requires execution with an absolute path'. I am not sure what that means. I looked it up and I didn't find an answer that makes sense to me. Can you elaborate on what I'm not doing right or doing wrong?
-
MelBurslan over 7 yearsfind the location of your ssh executable. Probably it will be something like
/usr/sbin/sshd
and replacesshd
portion of the command above with that absolute path -
doval over 7 yearsI stopped the service and started it with those parameters. I attempted a connection. The login failed and the entry in the sshd output that stood out was 'Failed keyboard-interactive/pam for invalid user (me)@(computer) from (ipaddress) port (port) ssh2'
-
doval over 7 yearsfound another entriy.. 'PAM: User not known to the underlying authentication module for illegal user (me)@(computer) from (Ip address)'
-
smw over 7 yearsWhere exactly did you put the
AllowUsers
line? Your text says in ssh_config (client side) but AFAIK it is only valid in sshd_config (server side). In either case, have you tried removing or commenting that out, at least until you get a basic connection working? -
doval over 7 years@steeldriver I put the AllowUsers line in /etc/ssh/sshd_config. I just verified that, was a typo in the post. I tried logging in before I added that line with the same results. I added that line to see if it would resolve my issue, but it didn't.
-
doval over 7 yearsI researched the pam configuration file a bit, i don't know how to post the info in a comment. I also checked /etc/passwd and /etc/shadow and the user exists in those files, I don't know if other information is missing or not as I don't have experience with these files.
-
doval over 7 years@MelBurslan forgot to tag you on that last update
-
doval over 7 yearsugh I knew it was something simple... when I was logging in i used (username)@(servername). after disabling PAM and testing connection I found that the login attempt was automatically appending the servername to the end of the login I entered, giving the wrong login. i logged in using just the username and was successful. renabled UsePAM parameter and was successful.. solved. thanks to all that responded!!
-