Guest asked this 9 months ago

CentOS 7 SSH access denied message

I created a new user in Centos and when I try to ssh using that username I get access denied message.

Is there anything else I need to do to allow access to this new user?


LinuxGuru 9 months ago

Do you get any errors in /var/log/messages and  /var/log/secure

Guest 9 months ago

There are no errors in /var/log/messages However I see failed password message in /var/log/secure

Feb 13 21:28:25 localhost sshd[19414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.200  user=ccweb
Feb 13 21:28:27 localhost sshd[19414]: Failed password for ccweb from 192.168.1.200 port 55194 ssh2
Feb 13 21:28:38 localhost sshd[19414]: Failed password for ccweb from 192.168.1.200 port 55194 ssh2
Feb 13 21:28:51 localhost sshd[19414]: Failed password for ccweb from 192.168.1.200 port 55194 ssh2
Feb 13 21:28:52 localhost sshd[19414]: error: Received disconnect from 192.168.1.200 port 55194:13: Unable to authenticate [preauth]
Feb 13 21:28:52 localhost sshd[19414]: Disconnected from 192.168.1.200 port 55194 [preauth]
Feb 13 21:28:52 localhost sshd[19414]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.200  user=ccweb

I also noticed that I can ssh as root user and the su as the new user without any problem

LinuxGuru 9 months ago

If you are using AllowUsers or AllowUserGroups in /etc/ssh/sshd_config to restrict the user then you also need to add the new user to that list

Guest 9 months ago

I havent changed anything in /etc/ssh/sshd_config file. It is the default and I also don’t see AllowUsers and AllowUserGroups line in that file

LinuxGuru 9 months ago

How did you create the new user? Have you set a password for the user after creating it. 

Yad 9 months ago

Created user and set password using the following command

# useradd ccweb -m -p password

Best Answer by LinuxGuru
2 likes

You cant set a plaint text password like that with useradd command. with the -p option you need to give encrypted password. so first you create the user and then set the password with the passwd command.

useradd ccweb -m

passwd ccweb