• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Ssh Login Rejected : authentication error for illegal user

mrfontana

New Member


Messages: 5

#1
Hello all, I am having a problem with the lastest production release(7.1). When logging in through ssh, I am able to do it for the first few times, but then after that, my login keeps getting rejected with this error.

Code:
sshd[852]:error:pam:authentication error for illegal user
I have added AllowUsers with the correct user to the sshd_config files and restarted the server several times, yet my login is still being rejected. Any ideas as to what could be causing this?
 

anomie

Aspiring Daemon

Thanks: 118
Messages: 781

#4
mrfontana said:
When logging in through ssh, I am able to do it for the first few times, but then after that, my login keeps getting rejected with this error.
Do you mean it worked following initial installation but then stopped working, and has not worked since? Or do you mean it works sporadically, but only for a few tries, and then it stops working for awhile?

mrfontana said:
Code:
sshd[852]:error:pam:authentication error for illegal user
Is that the entire message from auth.log? What user are you trying to log in as? What sort of client software are you using?
 

mrfontana

New Member


Messages: 5

#5
I logged in like 3 times since the install, then it started and still does deny my login with the response to my client "Access Denied". I am using Putty as my client. The exact message I am getting from the auth.log is:

Code:
Invalid user bob from 192.168.1.50
error:PAM:authentication for illegal-user bob from windows-machine-name
Failed keyboard-interactive/pam for invalid user from 192.168.1.50 port 2982 ssh2
bob is the user I am trying to login with. It's a member of wheel if that helps.
 

anomie

Aspiring Daemon

Thanks: 118
Messages: 781

#6
I'd be curious to see the output from a couple commands:

# egrep -i 'allow|deny' /etc/ssh/sshd_config

# grep 'bob' /etc/passwd

(I am also assuming you've reloaded or restarted sshd following and config file changes.)
 

johnblue

Well-Known Member

Thanks: 25
Messages: 256

#7
anomie said:
I'd be curious to see the output from a couple commands:
Agreed. An invalid user is an invalid user. Here are some SSH hammer attempts from my auth.log:
Code:
Feb  5 21:41:27 Invalid user james from 208.96.162.136
Feb  5 21:41:28 Invalid user austin from 208.96.162.136
Feb  5 21:41:29 Invalid user jackson from 208.96.162.136
Feb  5 21:41:30 Invalid user justin from 208.96.162.136
Feb  5 21:41:31 Invalid user brandon from 208.96.162.136
Feb  5 21:41:32 Invalid user john from 208.96.162.136
 

mrfontana

New Member


Messages: 5

#8
Absolutely right. I ran the command and found out the user was bob1 and I had added bob to the AllowUsers. Thanks for the help and sorry for wasting everyone's time with my noob mistake.
 

johnblue

Well-Known Member

Thanks: 25
Messages: 256

#10
mrfontana said:
Thanks for the help and sorry for wasting everyone's time with my noob mistake.
I think most normal people associated with BSD are here to help and so no apologies are needed, but ya need to give props to anomie for helping ya with those grep statements.

;)
 

mrfontana

New Member


Messages: 5

#11
Yeah, big thanks to Anomie, those statements wrapped it up pretty quick. Great work. I am going to still checkout that guide for using keys, thanks to killasmurf86 as well.
 

malsaie

New Member


Messages: 1

#12
[ Warning: bad and unsafe advice follows. -- Mod. ]

To enable SSH on FreeBSD

# vi /etc/ssh/sshd_config

Code:
PermitRootLogin no----> yes
:wq

# /etc/rc.d/sshd restart
 

kpa

Beastie's Twin

Thanks: 1,680
Messages: 6,084

#13
1) You're replying to a 3 year old thread

2) Your advice is dangerous unless your network is properly isolated from the hostile internet, do not enable ssh root login unless there's a good reason to.
 
Top