Permission denied when ssh to EOS

Trying to understand ssh
Trying to ssh with three machines

  • Debian
  • Ubuntu
  • EOS

EOS client to Ubuntu or Debian server - works well
Ubuntu client to Debian server wroks well
Ubuntu client to EOS server - it asks for password I enter the user’s password and the return is permission denied please try again.
Do I need to change something in the EOS /etc/ssh/sshd_config to allow for the password to be accepted??
Thank you

Not sure, but could it be due to firewalld-settings running out-of-the-box on EnOS?

You probably need to open the ssh port in the firewall. You can do it right from the GUI.

2 Likes

so in /etc/sshd_config
I have the following

# Change to no to disable s/key passwords

KbdInteractiveAuthentication no

and
Port 22

and

PasswordAuthentication yes

still permission denied

That is the sshd config. That has nothing to do with the firewall…

1 Like

ok
how or where do I find the firewall settings?

There should be an application called “Firewall Configuration”

Open it, there will be a list of zones. The one you are using will be bold.

Click on that zone and then check the box for ssh in the pane on the right.

If it works, then click Options->runtime to permanant

Still there’s something like changing settings at runtime vs. permanent in the firewalld-GUI.

I don’t think I have a firewall.
I couldn’t find it in the menu.
Does it matter if I use i3?

also systemctl status firewalld.service - Unit firewalld.service could not be found

No firewall at all? Not even UFW running?

I am not sure how to check other than what I posted above

OK, what does this show?

pacman -Q | grep -E "(firewall|ufw)"   
1 Like

returns nothing

Not a firewall then.

How about systemctl status sshd

1 Like
 sshd.service - OpenSSH Daemon
     Loaded: loaded (/usr/lib/systemd/sy>
     Active: active (running) since Mon >
   Main PID: 318321 (sshd)
      Tasks: 1 (limit: 19077)
     Memory: 852.0K

Could the two settings you mention there counteract each other? Going only by logic?

KbdInteractiveAuthentication yes - How about that?

not sure
I returned this line to
#port 22
and
kept the PaswordAuthentication yes

the
KbdInteractiveAuthentication no is what came with the original config

Isn’t that for challenge/response based authentication? I don’t think that needs to be enabled.

I changed from no to yes like below

# Change to no to disable s/key passwords
KbdInteractiveAuthentication yes

now on the ubuntu machine it doesn’t even sayf permission denied it just asks for the password again…:slight_smile:

Are you trying to login as root or a normal user?