sshd on a minimal Linux: "Failed password for invalid user root"
Solution 1
I suppose you must have solved your problem long time ago by now?
I have the same type of setup but on Debian, not Fedora, minimal linux no PAM etc and stumbled on this problem. google wasn't helpful, after downloading open SSH sources I found that sshd, in absence of PAM uses a glibc function, getpwnam(), in the authentication process. This function, no doubt, is super generic and helpful in any type of environment but it would not resort to checking the /etc/passwd and friends if libnss_files.so.* wasn't installed.
Adding this library to my minimal linux fixed the problem for me. I'm curious to know the reason in your case?
Solution 2
Perhaps you didn't see this comment in the default sshd_config file?
# WARNING: 'UsePAM no' is not supported in Fedora and may cause several
# problems.
On Fedora and Red Hat, you must enable PAM authentication.
Related videos on Youtube
01 : 16
02 : 45
01 : 59
15 : 46
05 : 48
05 : 37
01 : 35
05 : 30
19 : 09
![[vi] Ubuntu: Reset password trên Ubuntu.](https://i.ytimg.com/vi/o4Iat7GE4T0/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLA1f2Nqvp5wI5wZ2Zk443xV7hYruQ)
04 : 36
Divius
Updated on September 18, 2022Comments
-
Divius over 1 year
I'm trying to start SSH server on a minimal Fedora installation. And I mean really minimal: one that is produced by diskimage-builder ramdisk builder. It does not even have users (absent
/etc/passwdetc).So, now I'm trying to run sshd on such a system. During the build I copy
/etc/{passwd,group,shadow} from a minimal (hmm.. less minimal) system. I also pregenerate host keys andsshd_config:PermitRootLogin yes UsePAM no UseDNS no UsePrivilegeSeparation no PasswordAuthentication yes HostKey /etc/ssh/ssh_host_key HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key(full script). In the ramdisk I set root password via chpasswd and start SSHd with
/sbin/sshd -p $SSH_PORT(
SSH_PORTbeing 22 for now - default one). And after the ramdisk boots and reports back, I try to log in. Here fun starts:debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password [email protected]'s password: debug1: Authentications that can continue: publickey,password,keyboard-interactive Permission denied, please try again. [email protected]'s password:In ssh logs on a server I see
debug1: userauth-request for user root service ssh-connection method password Could not get shadow information for NOUSER Failed password for invalid user root from 192.0.2.1 port 38734 ssh2So despite everything I tried, user '
root' stays invalid. Any ideas are appreciated. -
Divius about 9 yearsThere's no PAM on these ramdisks. Also "cause several problems" does not mean "ok, we broke everything in a strange way" to me...
-
Divius about 9 yearssorry, but that does not. There was authentication in Unix much before PAM was invented. And presence of UsePAM=no option definitely says that sshd should work without it somehow...