1

So I have a chrootdir setup in sshd_config to a folder, and the user myuser, it's been working fine for months, then today I wanted to change myuser's password, so I did this with passwd, then restarted /etc/init.d/ssh restart, but now when I try login via sftp with the updated password it fails.

The sshd_config settings:

Subsystem sftp internal-sftp

Match User myuser
   ChrootDirectory /chrootDIR
   ForceCommand internal-sftp
   AllowTcpForwarding no
   PermitTunnel no
   X11Forwarding no

The logs in /var/log/auth.log are:

 sshd[13368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=[client ip is here]  user=myuser
 sshd[13368]: Failed password for myuser from [client ip is here] port 39154 ssh2
 sshd[13368]: Connection closed by [client ip is here] [preauth]

I don't think I'm missing any steps am I?

Mint
  • 476
  • 2
  • 9
  • 23
  • you probably wrote wrong password when changing password or when connecting. Can you log in locally? – Jakuje Feb 09 '16 at 19:41
  • Yeah, that's what I thought, but I copied it into passwd, and pasted it into my SFTP client to avoid that. And yeah I can log in locally, so why would sftp be blocked. – Mint Feb 09 '16 at 19:43
  • What does your `/etc/pam.d/sshd` configuration look like? Perhaps there is a PAM module checking something else, some additional resource for the changed password? – Castaglia Feb 12 '16 at 03:39
  • I've never been to that file, but guess something else could have changed it. It's contents are: http://pastebin.com/xjNgA7ZM – Mint Feb 12 '16 at 05:03
  • So it seems like even if I create a new user, it still wont let me login, even via ssh, but it does work with the login command when im already logged in via root – Mint Feb 12 '16 at 11:22

1 Answers1

0

Ok, so seems the issue had something todo with AllowUsers in sshd_config, as when I commented it out and restarted ssh it was working, then I added it back at the bottom of the file, restarted and it worked, then I commented the bottom one out and uncommented the original line, and restarted ssh and it still works.

So in conclusion, I'm not quite sure what it is, maybe ssh wasn't restarting proper.

Mint
  • 476
  • 2
  • 9
  • 23