[wplug] scp, ssh, ftp login only root

Scott Kiesling kiesling+ at pitt.edu
Fri Apr 4 10:16:29 EST 2003 

Couldn't ssh to localhost -- I got the same problem.

Apparently in Gentoo the logs work differently, so the sshd log is in
/var/log/sshd/<date-time>. Maybe this is a metalog thing. Anyway, here
was the output for the log dated toaday. I couldn't se where the log was
for the session I talked about, though:

Mar 31 14:51:28 [sshd] Server listening on 0.0.0.0 port 22.
Mar 31 14:52:14 [sshd] Failed password for kiesling from 136.142.185.31
port 47507 ssh2
Mar 31 14:52:36 [sshd] Received signal 15; terminating.

Gentoo has a good forum, I'm gonna ask there, too.

SFK

On Thu, 2003-04-03 at 18:00, abe wrote:
> > > >Hi all-
> > > >
> > > >I think there is probably a simple answer to this, but I'm not good with
> > > >the networking stuff:
> > > 
> > > Speaking of "networking", what happens if you ssh from localhost?  Read 
> > > on...
> > 
> > I don't know how to do this. Please enlighten me.
> 
> i think what he means by this is ... login to the console as a user other than root.  then try typing 'ssh localhost' and attempt to login that way.
> 
> > > >I am trying to use ssh, scp, and ftp to log into my machine (the former
> > > >preferred). When I try to log in, I get the message "530 Authentication
> > > >failed, sorry Login failed." When I try loggin in as root (dangerous, I
> > > >know), it works. I am using the same password I use successfully when
> > > >loggin in at the console. What is wrong? How can I fix it? 
> > > 
> > > Hmmm... shadow passwords not set up correctly?  How did you set your 
> > > user passwords up, anyway?  'passwd' command, or what?
> > 
> > I used useradd. I've changed the password once, I think I probably used
> > 'passwd' .
> 
> i really have no idea what could have been done to permit only root logins via any service remotely.  if possible, try to login remotely via ssh as some user and then check the logs on the system you can't log into.
> 
> to do so, login as root at the console and type 'tail -n 25 /var/log/messages' .. look for anything peculiar as to why you can't login remotely.  here's sample output from my logs when i logged in successfully and when i intentionally mistyped my password:
> 
> Apr  3 17:47:45 spengler sshd[15350]: Accepted password for coldfire from 127.0.0.1 port 33602 ssh2
> Apr  3 17:47:54 spengler sshd[15367]: Failed password for coldfire from 127.0.0.1 port 33603 ssh2
> Apr  3 17:48:00 spengler sshd[15367]: Connection closed by 127.0.0.1
> 
> good luck.
> 
> 
> abe
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
-- 
Scott F. Kiesling

Assistant Professor		
Director of Graduate Studies
Department of Linguistics		kiesling at pitt.edu
University of Pittsburgh, 2816 CL	Phone: 412-624-5916
Pittsburgh, PA 15260 USA		Fax: 412-624-6130

http://www.pitt.edu/~kiesling/skpage.html

More information about the wplug mailing list