SSH & VNC problems

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

macrules34

Active Member
Mar 18, 2016
407
28
28
40
I have a Suse Linux server that I'm trying to gain access to through ssh and VNC.

With ssh I am able to get a prompt for the user name and password but I get rejected with "Access Denied". I have opened port 22 on the firewall. I am using putty from a Windows 7 machine.

With VNC I get the GUI with the login but when I type in the password it tells me that it didn't work and to try again. I know the password is correct because I am able to log in with that username and password locally.
 

j_h_o

Active Member
Apr 21, 2015
644
179
43
California, US
Check sshd_config -- logging in with root and/or with a password may be blocked.

Try adding a new user, and trying ssh with that user. And/or generate a public/private keypair for the new user and using that with pageant to authenticate putty/ssh.

Not sure about vnc.

Are you certain you're connecting to the correct server? You've tripled-checked the ip address, correct?
 
Last edited:

macrules34

Active Member
Mar 18, 2016
407
28
28
40
Yes I have checked the IP address multiple times. Also am unable to ssh in as root and I have tried a local user as well with the same result. I have edited sshd_config to allow root logins but still no luck.
 

11Blade

Member
Aug 8, 2016
31
6
8
54
Yes I have checked the IP address multiple times. Also am unable to ssh in as root and I have tried a local user as well with the same result. I have edited sshd_config to allow root logins but still no luck.
If you using a Dell server or SM server, make sure the ipmi is set to a different Ip number. I had a similar problem that I couldnt solve until I changed the ipmi ip# because it was the same as the server itself, (dumb)
 

macrules34

Active Member
Mar 18, 2016
407
28
28
40
No I hadn’t tried that. Never done that before. How do you do it?

When I first ssh’ed to the host it asked me to accept the key and I did, I don’t know if that makes a difference.
 

Markus

Member
Oct 25, 2015
78
19
8
What's about Log-Entries of the system (secure-Log / Login-Logs / syslog...).
Beside that the sshd_config could be helpful (sshd -T on newer Linux-Systems).

Regards
Markus
 

macrules34

Active Member
Mar 18, 2016
407
28
28
40
@j_h_o "PasswordAuthentication" is set to yes and I am sure that the password I am using is correct because I use the same one to log into the machine locally.
 

macrules34

Active Member
Mar 18, 2016
407
28
28
40
Here is the out put from ssh -v:

OpenSSH_7.6p1, LibreSSL 2.6.2

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 48: Applying options for *

debug1: Connecting to 10.0.1.234 port 22.

debug1: Connection established.

debug1: key_load_public: No such file or directory

debug1: identity file /Users/nick/.ssh/id_rsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /Users/nick/.ssh/id_rsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /Users/nick/.ssh/id_dsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /Users/nick/.ssh/id_dsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /Users/nick/.ssh/id_ecdsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file /Users/nick/.ssh/id_ecdsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file /Users/nick/.ssh/id_ed25519 type -1

debug1: key_load_public: No such file or directory

debug1: identity file /Users/nick/.ssh/id_ed25519-cert type -1

debug1: Local version string SSH-2.0-OpenSSH_7.6

debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1

debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000

debug1: Authenticating to 10.0.1.234:22 as 'nick'

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: algorithm: curve25519-sha256@libssh.org

debug1: kex: host key algorithm: ecdsa-sha2-nistp256

debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ecdsa-sha2-nistp256 SHA256:+oqECzMl38RtReemyOUl+p9pPcljMnoC/Deyq3mc2aw

debug1: Host '10.0.1.234' is known and matches the ECDSA host key.

debug1: Found key in /Users/nick/.ssh/known_hosts:1

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey,password,keyboard-interactive

debug1: Next authentication method: publickey

debug1: Trying private key: /Users/nick/.ssh/id_rsa

debug1: Trying private key: /Users/nick/.ssh/id_dsa

debug1: Trying private key: /Users/nick/.ssh/id_ecdsa

debug1: Trying private key: /Users/nick/.ssh/id_ed25519

debug1: Next authentication method: keyboard-interactive

Password:

debug1: Authentications that can continue: publickey,password,keyboard-interactive

Password:

debug1: Authentications that can continue: publickey,password,keyboard-interactive

Password:

debug1: Authentications that can continue: publickey,password,keyboard-interactive

debug1: Next authentication method: password

nick@10.0.1.234's password:

debug1: Authentications that can continue: publickey,password,keyboard-interactive

Permission denied, please try again.

nick@10.0.1.234's password:

debug1: Authentications that can continue: publickey,password,keyboard-interactive

Permission denied, please try again.

nick@10.0.1.234's password:

Received disconnect from 10.0.1.234 port 22:2: Too many authentication failures for nick

Disconnected from 10.0.1.234 port 22
 

WANg

Well-Known Member
Jun 10, 2018
1,302
967
113
46
New York, NY
Here is the out put from ssh -v:

OpenSSH_7.6p1, LibreSSL 2.6.2

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 48: Applying options for *

debug1: Connecting to 10.0.1.234 port 22.

debug1: Connection established.

debug1: key_load_public: No such file or directory

debug1: identity file /Users/nick/.ssh/id_rsa type -1

...

debug1: Authentications that can continue: publickey,password,keyboard-interactive

Permission denied, please try again.

nick@10.0.1.234's password:

Received disconnect from 10.0.1.234 port 22:2: Too many authentication failures for nick

Disconnected from 10.0.1.234 port 22
Eh, is this the ssh log from the client end? /Users/<username> looks more like a MacOS thing than a Linux thing.
You'll need to post the log from the server (SuSE) end.
 

macrules34

Active Member
Mar 18, 2016
407
28
28
40
When I view the /var/log/messages file I see that when I attempt to login I get "error: PAM: Authentication failure for <username> from <host IP>. When I comment out USEPam Yes I get the following error: Failed password for <user> from 0.0.0.0 port 51320 ssh2. But I know the password that I am using is correct.
 

macrules34

Active Member
Mar 18, 2016
407
28
28
40
@WANg that is from the client side. The error that I am getting on the server is in post #14. I also get the same error from a windows client using putty.
 

WANg

Well-Known Member
Jun 10, 2018
1,302
967
113
46
New York, NY
When I view the /var/log/messages file I see that when I attempt to login I get "error: PAM: Authentication failure for <username> from <host IP>. When I comment out USEPam Yes I get the following error: Failed password for <user> from 0.0.0.0 port 51320 ssh2. But I know the password that I am using is correct.
Don't comment out UsePAM - it doesn't explicitly set that as a no, and besides, even that is a bad move - disabling PAM will disallow password logins altogether.

Okay, several things to look at:
a) Did you enable NIS+/YP or Kerberos SSO authentication on that machine, did you? If you did, local passwords are ignored.

b) Did someone mess with access.conf to effectively block yourself from logging in?

c) What about SELinux? Did someone mess with the rules? If not sure, get in as root, and run:

setenforce 0


Then run:

getenforce

To verify that it is set as permissive, then try again.

d) Check /etc/ssh/sshd_config - did someone add
PasswordAuthentication No

Because that will totally cause headaches.

e) When in doubt, change passwords as root, then test it on the SuSE box by logging in as localhost. If it works as localhost, see if there is some weird restriction on /etc/ssh/sshd_config that allow logins only from certain hostmasks.

Then finally, if you are logging onto a machine remotely via some NAT setup, make sure that the port/port range forwarding is pointing you to the correct machine.
 

macrules34

Active Member
Mar 18, 2016
407
28
28
40
a) No
b) No, I'm the only one with access to this machine.
c) Those commands are not found on my system.
d) No, I set it to Yes
e) I know the password is correct.
 
Last edited:

macrules34

Active Member
Mar 18, 2016
407
28
28
40
I have tried to ssh with in the box that I'm trying to connect to and I am able to connect. Buy yet I can't connect from a remote host. The remote host is on the same sub net as the server I'm trying to connect to, no ISP in the middle.
 

WANg

Well-Known Member
Jun 10, 2018
1,302
967
113
46
New York, NY
Looks like it's either a firewall rule or netmask/range restrictions on sshd.

Do an:

iptables -nvL

And paste the results to show the current firewall rules.

Then copy and paste the /etc/ssh/sshd_config on the box onto the forums

(Redact anything private, obviously)
 

macrules34

Active Member
Mar 18, 2016
407
28
28
40
I did turn the firewall off and still go the same results, so I don't think its a firewall issue.