On 08/23/15 12:07, Eric Haszlakiewicz wrote:
On August 23, 2015 10:38:12 AM EDT, "William A. Mahaffey III"
<wam%hiwaay.net@localhost> wrote:
I have a public-key from the Q6600 in my /root/.ssh/authorized_keys
file, but I still get errors trying to SSH in. My PAM files are
box-stock, as is/are my sshd config file(s). Any clues as to how to get
this to work appreciated. TIA & have a nice weekend.
Since you haven't changed the sshd config in /etc/ssh, then the
default is to refuse root logins. You'll need to edit that, then
restart sshd.
Or, a slightly better option would be to create and push your backups
to a non-root user, so a compromise one one box doesn't automatically
result in root on the other.
Eric
OK, changed sshd_config to allow root login, still nogo:
4256EE1 # tail -20 /var/log/authlog; date
Aug 23 09:48:08 4256EE1 rpcbind: connect from 192.168.0.27 to
getport/addr(mountd)
Aug 23 09:53:12 4256EE1 rpcbind: connect from 192.168.0.27 to
getport/addr(mountd)
Aug 23 12:02:43 4256EE1 rpcbind: connect from 192.168.0.27 to null()
Aug 23 12:02:43 4256EE1 rpcbind: connect from 192.168.0.27 to
getport/addr(nfs)
Aug 23 12:02:43 4256EE1 rpcbind: connect from 192.168.0.27 to
getport/addr(mountd)
Aug 23 12:02:43 4256EE1 rpcbind: connect from 192.168.0.27 to
getport/addr(mountd)
Aug 23 12:07:47 4256EE1 rpcbind: connect from 192.168.0.27 to
getport/addr(mountd)
Aug 23 18:27:32 4256EE1 sshd[12632]: SSH: Server;Ltype:
Version;Remote: 192.168.0.9-50583;Protocol: 2.0;Client: OpenSSH_5.5
Aug 23 18:27:32 4256EE1 sshd[12632]: SSH: Server;Ltype: Kex;Remote:
192.168.0.9-50583;Enc: aes128-ctr;MAC: hmac-md5;Comp: none [preauth]
Aug 23 18:27:33 4256EE1 sshd[12632]: SSH: Server;Ltype:
Authname;Remote: 192.168.0.9-50583;Name: root [preauth]
Aug 23 18:27:33 4256EE1 sshd[12632]: ROOT LOGIN REFUSED FROM 192.168.0.9
Aug 23 18:27:33 4256EE1 sshd[12632]: ROOT LOGIN REFUSED FROM
192.168.0.9 [preauth]
Aug 23 18:27:37 4256EE1 sshd[12632]: error: PAM: authentication error
for root from q6600
Aug 23 18:27:37 4256EE1 sshd[12632]: error: PAM: authentication error
for root from q6600
Aug 23 18:27:40 4256EE1 sshd[12632]: Postponed keyboard-interactive
for root from 192.168.0.9 port 50583 ssh2 [preauth]
Aug 23 18:27:43 4256EE1 sshd[12632]: error: PAM: authentication error
for root from q6600
Aug 23 18:27:43 4256EE1 sshd[12632]: Failed keyboard-interactive/pam
for root from 192.168.0.9 port 50583 ssh2
Aug 23 18:27:47 4256EE1 sshd[12632]: Failed password for root from
192.168.0.9 port 50583 ssh2
Aug 23 18:27:47 4256EE1 sshd[12632]: Failed password for root from
192.168.0.9 port 50583 ssh2
Aug 23 18:27:51 4256EE1 sshd[12632]: Disconnecting: Too many
authentication failures for root [preauth]
Sun Aug 23 18:34:21 MCDT 2015
4256EE1 # grep -i root ssh/sshd_config
#PermitRootLogin no
PermitRootLogin yes
#ChrootDirectory none
4256EE1 # uname -a
NetBSD 4256EE1.CFD.COM 6.1.5 NetBSD 6.1.5 (GENERIC) amd64
4256EE1 #