SSH login error

Posted on 2002-03-26
Last Modified: 2012-06-27
i have a SSH error, here is some onfo.....

Kernel 2.4.18
SSH 3.1.0
All users trying to login through port 22 (aka, ssh) get the
ssh: FATAL: Access Denied.

and this answer comes very very fast, so i think the SSHD2 does not even try to check the password..

any ideas ??

             8'    .88            
             8`._.' Y8.            
            d/      `8b.          
          .dP   .     Y8b.        
         d8:'   "   `::88b.        
        d8"           `Y88b      
       :8P     '       :888        
        8a.    :      _a88P        
      ._/"Yaa_ :    .| 88P|        
 jgs  \    YP"      `| 8P  `.      
 a:f  /     \._____.d|    .'      
Question by:neostudio
  • 4
  • 3
LVL 40

Expert Comment

ID: 6899009
Is sshd running on the target system? You can check for it with 'ps -ef | grep sshd | grep -v grep'.

Is there a firewall active on the target system?

Author Comment

ID: 6899525
sshd is running !!
i can connect and it asks for the username,. then the password.
but no password for any user is accepted !!

here is some of the sshd2_config file...

## Authentication
## Hostbased and PAM are not enabled by default.
BannerMessageFile               /etc/
PasswordGuesses                 3
AllowedAuthentications          hostbased,password,publickey
RequiredAuthentications         publickey,password
#       SshPAMClientPath                ssh-pam-client

LVL 40

Expert Comment

ID: 6899759
Can I see what your sshd_config file looks like?
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.


Author Comment

ID: 6900678

## end of metaconfig
## (leave above lines intact!)
## sshd2_config
## SSH 3.0 Server Configuration File
## General

#       VerboseMode                     no
#       QuietMode                       yes
#       ForcePTTYAllocation             no
#       SyslogFacility                  AUTH
#       SyslogFacility                  LOCAL7

## Network
# Port is not commented out, as it is needed by the example startup
# scripts. Well, the default won't likely change.
Port                            22
ListenAddress                   any
#       RequireReverseMapping           no
#       MaxBroadcastsPerSecond          0
#       MaxBroadcastsPerSecond          1
NoDelay                         yes
KeepAlive                       yes
MaxConnections                  3

## Crypto
#Ciphers                                Blowfish
#       RekeyIntervalSeconds            3600

## User
PrintMotd                       yes
CheckMail                       yes
UserConfigDirectory             "%D/.ssh2"
#       UserKnownHosts                  yes
LoginGraceTime                  60
PermitEmptyPasswords            no
#       StrictModes                     yes
#       IdleTimeOut                     1h

# This variable is set here, because by default it's empty, and so no
# variables can be set. Because of that, we set a few common ones here.

## User public key authentication
#       HostKeyFile                     hostkey
#       PublicHostKeyFile     
#       RandomSeedFile                  random_seed
#       IdentityFile                    identification
#       AuthorizationFile               authorization
#       AllowAgentForwarding            yes

## Tunneling
#       AllowX11Forwarding              yes
#       AllowTcpForwarding              yes
#       AllowTcpForwardingForUsers      sjl, cowboyneal@slashdot\.org
#       DenyTcpForwardingForUsers       2[[:isdigit:]]*4,peelo
#       AllowTcpForwardingForGroups     priviliged_tcp_forwarders
#       DenyTcpForwardingForGroups      coming_from_outside

## Authentication
## Hostbased and PAM are not enabled by default.
BannerMessageFile               /etc/
PasswordGuesses                 3
AllowedAuthentications          hostbased,password,publickey
RequiredAuthentications ## Host restrictions
AllowHosts                      localhost

## User restrictions
#       AllowUsers                      sj.*,s[[:isdigit:]]*,s(jl|amza)
#       DenyUsers                       skuuppa,warezdude,31373
#       DenyUsers                       don@untrusted\.org
#       AllowGroups                     staff,users
#       DenyGroups                      guest
PermitRootLogin                 no

## SSH1 compatibility
#       Ssh1Compatibility               <set by configure by default>
#       Sshd1Path                       <set by configure by default>
# This is given as argument to sshd1 with "-f" if sshd2 is invoked
# with "-f"
#       Sshd1ConfigFile                 /etc/sshd_config_alternate

## Chrooted environment
ChRootUsers                     ftpadmin
ChRootGroups                    ftpadmin

## subsystem definitions

# Subsystem's don't have defaults, so this is needed here (uncommented).
        subsystem-sftp                  sftp-server
#       SshPAMClientPath                ssh-pam-client

so what do you see here ?
LVL 40

Accepted Solution

jlevie earned 50 total points
ID: 6900946
First of all I can see that you are using the commercial SSH implementation rather than OpenSSH. I was guessing that to be the case from the earlier reference to 'RequiredAuthentications', but wanted to see the complete config file to be certain. Since the OpenSSH is the standard for Linux is there some specific reason that you are using the commercial version?

By what I see in the config file you've restricted access to the SSH server to localhost on the machine running SSH and two other IP's ( Are you trying the connection from one of those two IP's? What happens if you connect to the localhost IP while logged on the SSH server box. Trying localhost would eliminate any firewalls or routers from the equation. Also is it possible that there's another copy of sshd installed and running?

Obviously this isn't a stock 6.2 system since you are running a 2.4.18 kernel. Such a radical departure from a RedHat distribution tends to make me think that using a binary rpm for SSH, which I assume is what you installed, might be iffy.

Author Comment

ID: 6901113
Hi again jlevie  !!

let me be frank, i already solved the problem, it was the
'RequiredAuthentications' as you suggested, but it was more my error than SSHd it self !!

i was asking for a hostbased certificate while but not comparing to it, which made the server deny any certificate, that was easy .

And for sure :-p
it is not a stock 6.2, i just made the installation long time ago, and it is (i think) the most secure linux ever found, i am patching it daily with the latest pathes and updating it weekly, it is VERY MUCH uptodated version, but i can't run away, it is still called a RH6.2 somewhere .

thank you for your help, please drop me a line at if you will have the time ..


Author Comment

ID: 6901115
Thanks again ...

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
mobaxterm not able to change directory 28 98
parse convert xml feed to text (python) 2 66
Access_log 17 98
Video Streaming 6 54
This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. Once you open the link you will see …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now