# Ssh



## rbizzell33 (Jan 8, 2010)

I am getting pam authoruiztion failed when I try to login as root using ssh from one unix box to another. I configured it to permit root access and set that to yes and reloaded and restarted and I still can't ssh to the new FreeBsd Box. I am running version 8.0. I can ssh from the new freebsd boxes to my old freebsd boxes. I can't even ssh locally to the new freebsd box and ssh is running


----------



## anomie (Jan 8, 2010)

Can you login as root at a local terminal? 

How did you permit root access, exactly? 

Are you using any of the following sshd_config directives: AllowUsers, AllowGroups, DenyUsers, DenyGroups

?


----------



## emosms (Jan 8, 2010)

*ssh root login fail*

the same problem.
cant logon as a root remotely.
cant figure out what settings/permissions to set.
I do log on as a simple user.


----------



## rbizzell33 (Jan 8, 2010)

*permission denied publickey keyboard-interactive FreeBSD*

Trying to ssh into Freebsd 8 I set to allow root login to yes. I am getting pam authenitcation errors and I can't ssh into the Box from the old box. I juse get permission denied publickey keyboard-interactive FreeBSD


----------



## Business_Woman (Jan 8, 2010)

Paste your configs.

Did you add the key to ~./authorized_keys ?


----------



## anomie (Jan 8, 2010)

As I'm sure you (both) know, there is a directive that needs to be tweaked in sshd_config(5) -- *PermitRootLogin*. 

It should be as simple as that, unless you've been playing around with the other directives I mentioned, or with login.access(5).


----------



## johnblue (Jan 8, 2010)

emosms said:
			
		

> I do log on as a simple user.


After you log in as a basic user, you should be able to type:  su and the root password and become root.

If you cannot, then you may need to reset the root password.  And as anomie mentioned, it also will depend on how much you've tweeked.

You can also make sure that the ssh daemon is running by typing:  sockstat -4


----------



## SirDice (Jan 8, 2010)

Also note that only members of the wheel group are allowed to use su.


----------



## emosms (Jan 8, 2010)

SirDice said:
			
		

> Also note that only members of the wheel group are allowed to use su.


cant add user to a group.
says "not implemented yet"
also cant go into directories, even as a root
f. ex.:
 /root
Permission denied


----------



## SirDice (Jan 9, 2010)

Can you login as root locally?

This will add userA to the wheel group: `#  pw groupmod wheel -m userA`

Did you edit any of the files in /etc/pam.d/? If so, change it back. Restore the sshd_config too.


----------



## emosms (Jan 9, 2010)

SirDice said:
			
		

> Can you login as root locally?
> 
> This will add userA to the wheel group: `#  pw groupmod wheel -m userA`
> 
> Did you edit any of the files in /etc/pam.d/? If so, change it back. Restore the sshd_config too.


I login as a root localy but cannot browse in directories.


----------



## emosms (Jan 9, 2010)

Hijacking the thread again.
I am trying to edit sshd_config file through the vi editor.
logged on as a root.
when I try to write the file I get:
_Read-only file, not written; use ! to override_
when i type *:w!*, I get:
Error: etc/ssh/sshd_config Permission denied.
freeBDS 7.2
what more permissions than as a root??


----------



## rbizzell33 (Jan 9, 2010)

I can login in as root on the server. I changed the option under sshd_config the option permit root access and I changed to yes. I left the pam.d conf file alone. I also changed password authentication to yes in the sshd_config. Before I made those changes i still couldn't ssh from my other freebsd box to this new freebsd box. The older FreeBSd boxes are running 6.1


----------



## anomie (Jan 10, 2010)

What does /var/log/auth.log say?


----------



## rbizzell33 (Jan 11, 2010)

*can't ssh*

The /var/log/auth.log files says server listening on port 22  user root not allowed because shell , does$ not exist
PAM authentication error for illegal$ invalit user root from 10.1.0.51 port 58191 ssh2
Failed keyboard-interactive/pam for invalid$ illegal user root


----------



## anomie (Jan 11, 2010)

There's your answer, right? 

"shell does not exist" sounds like a good clue.


----------

