Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 4th May 2012, 02:36
halsafar halsafar is offline
Junior Member
 
Join Date: May 2012
Posts: 6
Thanks: 0
Thanked 1 Time in 1 Post
Default [solved] Shell User Cannot SSH

I created a shell user bar for the client foo. When I try and ssh in as foobar@myserver.com it fails.

/etc/passwd contains an entry for foobar and it looks correct.

As root I can su foobar and get the correct home dir and permissions. As a regular user already logged in I cannot su foobar, the password is not accepted.

Code:
tail -f /var/log/auth.log shows this activity on the failure:
May  3 18:32:35 myserver su[15418]: pam_unix(su:auth): authentication failure; logname=theuser uid=1000 euid=0 tty=/dev/pts/6 ruser=theuser rhost=  user=foobar
May  3 18:32:35 myserver su[15418]: pam_winbind(su:auth): getting password (0x00000388)
May  3 18:32:35 myserver su[15418]: pam_winbind(su:auth): pam_get_item returned a password
May  3 18:32:35 myserver su[15418]: pam_winbind(su:auth): request wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_USER_UNKNOWN (10), NTSTATUS: NT_STATUS_NO_SUCH_USER, Error message was: No such user
May  3 18:32:36 myserver su[15418]: pam_authenticate: Authentication failure

I am at a complete loss here. The user definitely exists on the system as the user is in /etc/passwd and I can su to that user as root without issues. However the user cannot login via SSH or right on the machine itself.

Update:
- More frustrating. If I try deactive the shell user then reactivate it is clear in auth.log that the password is udpated for that user, no errors. I can now login directly but SSH is still broken.
- What other info can I share to held shed light on this problem?

Last edited by halsafar; 4th May 2012 at 02:51.
Reply With Quote
Sponsored Links
  #2  
Old 4th May 2012, 02:51
halsafar halsafar is offline
Junior Member
 
Join Date: May 2012
Posts: 6
Thanks: 0
Thanked 1 Time in 1 Post
 
Default

Solved!

Not entirely sure why but here is where it stands:
- all shell users made cannot be used immediately. Have to deactivate the user then reactive the user, forcing the password update.
- have to manually add the user to sshusers group (adduser foobar sshusers)
- /etc/ssh/sshd_config is required to have AllowGroups sshusers set. This appears not to be set by default.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hacking attack (ubuntu 7.04 server + local root exploit on kernel) smoko General 4 15th September 2013 05:05
How change default login shell for Shell-user? atomlab Installation/Configuration 4 28th September 2011 15:15
Statistic not working mzo Installation/Configuration 49 20th April 2011 12:19
Shell user web directory access ctql Installation/Configuration 3 22nd August 2009 15:24
log files cruz Technical 3 15th May 2007 14:35


All times are GMT +2. The time now is 10:33.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.