Login or Register to Ask a Question and Join Our Community


AIX

SSH connection "Permission denied"

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX SSH connection "Permission denied"
# 1  
Old 08-30-2014
SSH connection "Permission denied"
Hello,

I tried to connect with root or any other user to AIX using ssh. It throws me error like Permission denied (publickey,keyboard-interactive). i don't know why!!
and the PermitRootLogin is yes

any help will be appreciated

Thanks
# 2  
Old 08-31-2014
Quote:
Originally Posted by moudmm
I tried to connect with root or any other user to AIX using ssh.
Have you made sure the other users do exist on the target system? ssh makes a point of not indicating anything to the outside, therefore you get a "permission denied" (and not a "user does not exist") when you try to connect with a non-existent user-account.

Quote:
Originally Posted by moudmm
It throws me error like Permission denied (publickey,keyboard-interactive).
This means you have not exchanged any (valid) key which ssh could have tried (->"publickey"), ssh has asked you for a password and you typed no valid one (-> "keyboard-interactive").

Quote:
Originally Posted by moudmm
i don't know why!!
Well - this was the reason why. There is no mystery about it. ;-))

Which versions of ssh did you use on both sides? And what does the file /etc/sshd.config look on the system you are trying to connect to? Post it here (comments removed, they are usually 95% of the file) and let us have a look.

Generally, it is a good idea to post relevant version information along with the problem description.

I hope this helps.

bakunin
# 3  
Old 08-31-2014
Thanks for your reply

It not accept the password through ssh

Code:
# ssh root@localhost
root@localhost password:
Permission denied, please try again.
root@localhost password:
Permission denied, please try again.
root@localhost password:
Permission denied (publickey,password,keyboard-interactive).

also when i run # /usr/sbin/sshd -dd

Code:
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 164
debug2: parse_server_config: config /etc/ssh/sshd_config len 164
debug1: sshd version OpenSSH_6.0p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-dd'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22 on 0.0.0.0.
Bind to port 22 on 0.0.0.0 failed: The socket name is already in use..
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22 on ::.
Bind to port 22 on :: failed: The socket name is already in use..
Cannot bind any address.

The sshd_config file

Code:
# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no

#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem       sftp    /usr/sbin/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding yes
#       AllowTcpForwarding no
#       ForceCommand cvs server

Thanks

Moderator's Comments:
Mod Comment edit by bakunin: please use CODE-tags for file-output, terminal output, commands and similar text. Thank you.
Last edited by bakunin; 08-31-2014 at 07:49 AM..
# 4  
Old 08-31-2014
Quote:
Originally Posted by moudmm
# ssh root@localhost
Do you want to connect from another computer to the AIX computer? If so, then you are using a wrong ssh command. ssh root@localhost will obviously try to connect to the same computer on which you are typing this command. It doesn't make sense.

Try ssh root@<insert ip address of AIX computer here> or ssh root@<insert name of AIX computer here>

---------- Post updated at 12:55 PM ---------- Previous update was at 12:53 PM ----------

By the way: the sshd_config file doesn't look valid and working to me. If you leave all the comments out, only two lines remain:
Code:
Protocol 2
Subsystem sftp /usr/sbin/sftp-server

# 5  
Old 08-31-2014
It not connect ssh locally or from remote host

after i connect via telnet local i'm trying to connect shh

#ssh root@servername

it prompt ssh password but it refused the password

Permission denied, please try again.

also the same issue when i try to connect from remote host.

Thanks
# 6  
Old 08-31-2014
Quote:
Originally Posted by moudmm
Code:
# ssh root@localhost

It is quite common that the login of the root user is prohibited. Usually normal user accounts log in and are then allowed to become root. Issue an

Code:
lsuser root

and have a look at the user attributes. Alternatively do a smitty chuser and check there.

Quote:
Originally Posted by moudmm
also when i run # /usr/sbin/sshd -dd

Code:
debug1: Bind to port 22 on 0.0.0.0.
Bind to port 22 on 0.0.0.0 failed: The socket name is already in use..
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22 on ::.
Bind to port 22 on :: failed: The socket name is already in use..
Cannot bind any address.

This seems to be pretty obvious, doesn't it? Whatever occupies port 22 either has to go or you will have to use another (unoccupied) port for ssh.

Quote:
Originally Posted by moudmm
The sshd_config file

Code:
Protocol 2
#PermitRootLogin yes
Subsystem       sftp    /usr/sbin/sftp-server

I asked you to remove the comments and i really did mean it. It seems that PermitRootLogin yes is not set at all and other relevant parameters are not set either.

Correct your sshd_config (you can find many examples for AIX here in this board) and then restart your ssh-daemon. Btw., newer versions of the sshd (you still haven't told us which version/package you are using) are controlled via the systems resource controller: instead of starting it from the command line you do a:

Code:
refresh -s sshd

or, if it is not started (check with lssrc)

Code:
startsrc -s sshd


I hope this helps.

bakunin
# 7  
Old 09-01-2014
Can i replace the sshd_config file with one already working in other machine?

Thanks
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. OS X (Apple)

"Permission denied" when trying to SSH my iPhone though password is correct

Hi, I hope this is the correct section in the forum to post as I'm trying to SSH from my MacBook. I was looking to see whether ssh on my jailbroken iPhone 6s (10.3.1) still works fine and was following this old reddit guide. I installed OpenSSH&OpenSSL from Cydia and changed the password using... (7 Replies)
Discussion started by: hss1
7 Replies

2. Solaris

"Permission denied" when changing IP netmask

hello everyone, I am new on unix systems. I am working with a Solaris 10 OS. When i try to change netmask on certain interface: I get: How can i enable permission for changing that ? I have administrator privileges. Your help is much appreciated. thanks, (13 Replies)
Discussion started by: pablod76
13 Replies

3. UNIX for Advanced & Expert Users

Showing "permission denied" when trying to login in - Montavista Linux

Hello friends, I have scratched my system and after that when I am trying to access the console via root login it's failing with an error message of "permission denied". I am able to access the other login, I am having only problem with root and some other user login. I am using an telnet... (7 Replies)
Discussion started by: sanoop
7 Replies

4. Linux

Showing "permission denied" when trying to login in - Montavista Linux

Hello friends, I have scratched my system and after that when I am trying to access the console via root login it's failing with an error message of "permission denied". I am able to access the other login, I am having only problem with root and some other user login. I am using an telnet... (2 Replies)
Discussion started by: sanoop
2 Replies

5. Red Hat

+ + in .rhosts is causing a "Permission Denied"

I have a user who has "+ +" at the top of his .rhosts file. He cannot "rsh NODE date" to a different box ( both are RHEL 5.4 ). If I remove the "+ +" then the "RSH" works. I have correct settings of node names/user in the .rhosts file. I even tried adding to the second box's... (3 Replies)
Discussion started by: rom828
3 Replies

6. Solaris

BSM auditing issues, need to audit "permission denied"

Let me preface with I am semi-new to Solaris. I work with it in the labs at work and that's about my extent (although I run Linux at home). Well, a week ago security comes around with updated requirements, some of which are the need to audit all failures. For the life of me I cannot get a... (0 Replies)
Discussion started by: mph275
0 Replies

7. OS X (Apple)

"Permission Denied" while modifying mounted files on MAC

Hi, I have two machines 1. MacOSx (Users --> userMac , IP - a.b.c.d) 2. FreeBSD (Users --> userBSD, IP- p.q.r.s) I want to modify some files of FreeBSD on my MacOS. So, I mounted the FreeBSD folder on my Mac as follows. $ sudo mount -o -P p.q.r.s:/usr/home/user... (5 Replies)
Discussion started by: akash.mahakode
5 Replies

8. UNIX for Advanced & Expert Users

EACCES "Permission denied" while open(2)

guest@ulidtko:~$ id uid=126(guest) gid=134(guest) groups=134(guest) guest@ulidtko:~$ ls -ld /home drwxr-xr-x 8 root root 4096 May 12 19:47 /home guest@ulidtko:~$ ls -l /home ls: cannot open directory /home: Permission denied guest@ulidtko:~$ cat /proc/mounts rootfs / rootfs rw 0 0... (4 Replies)
Discussion started by: ulidtko
4 Replies

9. UNIX for Dummies Questions & Answers

changing password with sudo user " permission denied"

HI All, I am using solaris i created a user adam and updated his permissions in vi sudoers file as follows adam ALL=(ALL) NOPASSWORD: ALL ........... when i create user by logging as sudo user . $ sudo useradd -d /home/kalyan -m -s /bin/sh kalyan sudo: not found ... (6 Replies)
Discussion started by: kalyankalyan
6 Replies

10. Shell Programming and Scripting

screen throws "permission denied"

Hi all, i've got problem in running a script in background... i have written a script, and i want to run it everytime i log in, but when i log off i want the script to stay (i watch not to run two scripts at one time in the script). so as a normal user i want to do: $ screen my_script & ... (6 Replies)
Discussion started by: miechu
6 Replies
Login or Register to Ask a Question