David Christensen <[email protected]> writes: > On 06/12/2017 06:39 AM, Harry Putnam wrote: >> Running debian jesse in a vbox vm on a Solaris host >> >> I have what seems like an unusual problem with root login on this >> host.
[...] >> I'm fresh out of ideas as to what else to do here. >> >> The auth log shows: >> >> Jun 11 14:50:55 d2 sshd[2830]: pam_unix(sshd:auth): authentication >> failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=d.local.lan >> user=root >> >> Jun 11 14:50:57 d2 sshd[2830]: Failed password for root from >> 127.0.0.1 port 54522 ssh2 > > Please run the following commands from the console of the jesse vm as > root and paste your console session (prompts, commands entered, output > obtained). If you redact anything, substitute the phrase > '<redacted>': > > # cat /etc/debian_version > > # uname -a > > # dpkg-query --show openssh-server > > # dpkg-query --show openssh-client > > # ls -1 /etc/ssh/*ssh* > > # ls -1 /root/.ssh > > # egrep -v '^.*#' /etc/ssh/sshd_config | grep . > > # ssh localhost > > # tail /var/log/auth.log Thanks for the prod... I should have included at least some of that. ------- ------- ---=--- ------- ------- diagnostic_data: root # cat /etc/debian_version 8.8 root # uname -a Linux d2 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2 (2017-04-30) x86_64 GNU/Linux root # dpkg-query --show openssh-server openssh-server 1:6.7p1-5+deb8u3 root # dpkg-query --show openssh-client openssh-client 1:6.7p1-5+deb8u3 root # ls -1 /etc/ssh/*ssh* /etc/ssh/ssh_config /etc/ssh/sshd_config /etc/ssh/sshd_config~ /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_ed25519_key.pub /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub root # egrep -v '^.*#' /etc/ssh/sshd_config | grep . Port 22 Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key UsePrivilegeSeparation yes KeyRegenerationInterval 3600 ServerKeyBits 1024 SyslogFacility AUTH LogLevel INFO LoginGraceTime 120 PermitRootLogin without-password StrictModes yes RSAAuthentication yes PubkeyAuthentication yes IgnoreRhosts yes RhostsRSAAuthentication no HostbasedAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no PasswordAuthentication yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes PermitRootLogin yes root # ssh localhost root@localhost's password: Permission denied, please try again. root@localhost's password: **** Could not login **** -ed Harry root # tail /var/log/auth.log Jun 18 11:43:17 d2 sshd[1894]: Accepted password for reader from 192.168.1.42 port 40945 ssh2 Jun 18 11:43:17 d2 sshd[1894]: pam_unix(sshd:session): session opened for user reader by (uid=0) Jun 18 11:43:17 d2 systemd-logind[477]: New session 185 of user reader. Jun 18 11:43:17 d2 sshd[1897]: Setting tty modes failed: Invalid argument Jun 18 11:43:59 d2 su[1917]: Successful su for root by reader Jun 18 11:43:59 d2 su[1917]: + /dev/pts/4 reader:root Jun 18 11:43:59 d2 su[1917]: pam_unix(su:session): session opened for user root by reader(uid=1000) Jun 18 11:45:56 d2 sshd[1963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=d.local.lan user=root Jun 18 11:45:58 d2 sshd[1963]: Failed password for root from 127.0.0.1 port 54526 ssh2 Jun 18 11:46:03 d2 sshd[1963]: Connection closed by 127.0.0.1 [preauth]
