[nycbug-talk] SSH not working for particular user

Francisco Reyes lists
Sat Aug 6 20:03:08 EDT 2005 

Besides the AllowUsers parameter in sshd_config is there is anything else that 
would allow certain users, but not others to ssh to a machine?

Have a machine that one id can connect to, but not a second one..
I "inherited" the setup so don't know yet what setups each 
machine has yet. Have an ID I was given to login, but now going to each machine 
to create my own ID and so far this is the only machine with this problem.

So far also checked /etc/login.access and there was nothing there that 
is preventing me to login and there is no AllowUsers setting in 
/etc/sshd_config

The machine I am trying to connect to is FreeBSD Release 5.3 and 
connecting from a FreeBSD 5.4

Doing ssh -v to the machine with the problem ID shows

OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7e 25 Oct 2004
debug1: Reading configuration data /home/fran/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to <machine> Port 22.
debug1: Connection established.
debug1: identity file /home/fran/.ssh/identity type -1
debug1: identity file /home/fran/.ssh/id_rsa type -1
debug1: identity file /home/fran/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version 
OpenSSH_3.8.1p1 FreeBSD-20040419
debug1: match: OpenSSH_3.8.1p1 FreeBSD-20040419 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 FreeBSD-20040419
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host <host> is known and matches the DSA host 
key.
debug1: Found key in /home/fran/.ssh/known_hosts:25
debug1: ssh_dss_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /home/fran/.ssh/id_dsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/fran/.ssh/identity
debug1: Trying private key: /home/fran/.ssh/id_rsa
debug1: Next authentication method: keyboard-interactive
Password:

Have reset the password a few times to make sure I have it right..

The output from /var/messages is

sshd[27236]: error: PAM: authentication error for fran from <my machine>

Also if I ssh using the other ID I am able to su to the trouble ID

More information about the talk mailing list