On Thu, 3 Mar 2016 07:34:59 -0800
Tom Huegel <[email protected]> wrote:
> I wish I had some idea of what I might have changed. Intentionally I
> haven't changed anything.
> There are no new messages in the /var/log/messages file after a failed
> logon.
check also /var/log/secure
one reason for such behaviour can be SELinux denials, either boot with
selinux=0 passed to the kernel command line (#cp vi vmsg should allow
it for z/VM guests) or disable it in /etc/selinux/config
Dan
> Comparing /etc/parm.d/sshd to another system that allows SSH
> logons ... they are identical.
> cat
> /etc/pam.d/sshd
>
> #%PAM-1.0
>
> auth required
> pam_sepermit.so
> auth substack
> password-auth
> auth include
> postlogin
> # Used with polkit to reauthorize users in remote
> sessions
> -auth optional pam_reauthorize.so
> prepare
> account required
> pam_nologin.so
> account include
> password-auth
> password include
> password-auth
> # pam_selinux.so close should be the first session
> rule
> session required pam_selinux.so
> close
> session required
> pam_loginuid.so
> # pam_selinux.so open should only be followed by sessions to be
> # executed in
> the user context
> session required pam_selinux.so open
> env_params
> session optional pam_keyinit.so force
> revoke
> session include
> password-auth
> session include
> postlogin
> # Used with polkit to reauthorize users in remote
> sessions
> -session optional pam_reauthorize.so
> prepare
>
>
>
>
>
>
> On Thu, Mar 3, 2016 at 7:11 AM, van Sleeuwen, Berry <
> [email protected]> wrote:
>
> > Hi Tom,
> >
> > Could it be the pam configuration for ssh is changed? Perhaps the
> > password checking in pam?
> >
> > I once had such an issue when I made a typo in /etc/pam.d/sshd.
> > After this I couldn't login anymore. It showed up in the console
> > log as "Error: PAM: Module is unknown for <userid> from
> > <ip-address>.". (This might be in /var/log/messages as well.)
> >
> > I had to correct the typo using "sed" in the Linux console.
> >
> > Met vriendelijke groet/With kind regards/Mit freundlichen Grüßen,
> > Berry van Sleeuwen
> >
> > -----Original Message-----
> > From: Linux on 390 Port [mailto:[email protected]] On Behalf
> > Of Tom Huegel
> > Sent: Thursday, March 03, 2016 3:23 PM
> > To: [email protected]
> > Subject: LINUX SSH problem.
> >
> > This seems strange to me (a LINUX novice) but I have FEDORA f21
> > system that has been working fine until recently.
> > It seems strange LINUX starts up just fine but when I try to SSH
> > (Putty) into it I get the initial logon screen but the password is
> > always rejected.
> > From the z/VM console I can logon using the same password.
> >
> > I must have touched something *&&*&%.
> > Any idea how to fix it?
> > Thanks
> > Tom
> >
> > ----------------------------------------------------------------------
> > For LINUX-390 subscribe / signoff / archive access instructions,
> > send email to [email protected] with the message: INFO
> > LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
> > ----------------------------------------------------------------------
> > For more information on Linux on System z, visit
> > http://wiki.linuxvm.org/ This e-mail and the documents attached are
> > confidential and intended solely for the addressee; it may also be
> > privileged. If you receive this e-mail in error, please notify the
> > sender immediately and destroy it. As its integrity cannot be
> > secured on the Internet, Atos’ liability cannot be triggered for
> > the message content. Although the sender endeavours to maintain a
> > computer virus-free network, the sender does not warrant that this
> > transmission is virus-free and will not be liable for any damages
> > resulting from any virus transmitted. On all offers and agreements
> > under which Atos Nederland B.V. supplies goods and/or services of
> > whatever nature, the Terms of Delivery from Atos Nederland B.V.
> > exclusively apply. The Terms of Delivery shall be promptly
> > submitted to you on your request.
> >
>
> ----------------------------------------------------------------------
> For LINUX-390 subscribe / signoff / archive access instructions,
> send email to [email protected] with the message: INFO LINUX-390
> or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
> ----------------------------------------------------------------------
> For more information on Linux on System z, visit
> http://wiki.linuxvm.org/
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For more information on Linux on System z, visit
http://wiki.linuxvm.org/
