I changed the following file in centos
/etc/sysconfig/selinux
and set it as
SELINUX=disabled
and run the reboot command.
but now I cannot login to my server. It shows the error
Permission denied, please try again.
when I login as a user and password.
How can I get back into my server.
Disabling SELinux and rebooting seems to set the UsePAM option in your sshd_config to no which explicitly does not work in RHEL:
# WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several problems
If you are able to detach and access the volume externally, you can set this back to yes and should be able to ssh in again.
Ok. I got the solution.
when I login with domain after disabling SELinux lets say
ssh user#domain
I cannot login even with correct password
but I can login as
ssh user#ip
I don't know the reason but this actually worked for me.
Related
I am using the Remote-SSH extension in Visual Studio Code to connect to a remote machine. This remote machine is protected by Duo's two-factor authentication. When I SSH in a terminal (outside of VS Code), I'm able to log-in perfectly - the terminal prompts me through the 2FA process. However, inside VS Code when I'm using the extension, I am not able to log-in. After typing in my SSH hostname and ID, the VS Code interface prompts me for my password over and over again, and does not proceed beyond that point.
Has anyone encountered this issue before? I'd love to know if there is an existing solution. Unfortunately, 2FA is managed by my company and I can't turn it off.
I run into the same problem and fixed it by using SSH ControlMaster for Single Singe-On.
If you connect to the relevant machine using <user_name>#<host_name> you can simply add the following to your ~/.ssh/config:
Host <nickname>
User <user_name>
HostName <host_name>
ControlMaster auto
ControlPath ~/.ssh/%r#%h:%p
If you now open up a new session in your terminal running ssh <nickname> you will be asked for the password and the 2FA key. But all other subsequent ssh sessions (including svn, rsync, etc. that run over ssh) will piggyback off the initial connection without the need for re-authentication.
You can now in VS Code, select Remote-SSH: Connect to Host... from the Command Palette (F1, ⇧⌘P) and simply enter: <nickname> and ControlMaster will automatically connect you using the already standing connection.
In my case, the nickname that I choose is "ody". After connecting VSC's Remote Development extension shows the following in the bottom left corner and lets me browse the files on the remote machine.
From the FASCR:
Note that all subsequent connections are dependent on the initial connection — if you exit or kill the initial connection all other ones die, too. This can obviously be annoying if it happens accidentally. It’s easily avoided by setting up a master connection in the background:
ssh -CX -o ServerAliveInterval=30 -fN <nickname>
The -fN make it go into the background and sit idle, after authenticating. (C for compression,Y for X forwarding, and o ServerAliveInterval=30 to prevent dropped connections have nothing to do with the ControlMaster but are almost always helpful.)
Note that all port forwarding, including X display forwarding, must be setup by the initial connection and cannot be changed.
Got to settings in VS Code and enable this setting, remote.SSH.showLoginTerminal. This pulls up the terminal so that sign in via 2FA that way.
You can use ~/.ssh/config file to configure your hostnames and keys. But I don't know if there is a way to save passwords for convenience.
I want to access a remote VM with Remote-SSH extension of the VS Code editor from a Windows 10 machine. But I don't seem to succeed as VS Code is keeping prompting me to enter the password and deny the access each time. The VM runs on a Ubuntu 18.04 LTS OS.
stderr> Permission denied, please try again.
I generated an ssh key for authentication and that's how I am able to access the VM from the command line with an ssh client.
Am I doing something wrong? Is the password supposed to be something else other than the account password? Is this maybe a bug in VS Code?
You can find the detailed answer to this problem in the following github thread:
SSH error in VSCode: Permission denied, please try again. #92579
I have the same problem in VS Code Source Control, and there is no prompt to enter the ssh password. I executed the ssh-keygen -f <ssh-key> -p command to remove the ssh password and it can be used normally.
This is a temporary solution, I hope it can help you.
I got “Permission denied (publickey)" using:
ssh $USERNAME#my-ip
Things I’ve done:
Using Public/Private Key authentication, I can login to the server as root.
I created a user in the sudo group
I confirmed that my created user has sudo priveleges as I viewed auth.log successfully (sudo cat /var/log/auth.log)
I thought it was possibly because my server was unable to identify which key to use, as I have created multiple keys, so I specified which key to use:
ssh -i /path/to/key/id_rsa $USERNAME#my-ip
I got "Permission denied (publickey)" again.
I figured it out! Turns out I was missing an 's' in 'ssh' at the beginning of my authorized_keys file in my user. :) I also matched the permissions between the root and user authorized_keys files, though not sure if this helped truly.
I'm trying to execute below command using Putty pscp tool.
pscp -v -pw mypassword "X:\data\temp*" root#172.x.x.x:\tmp\data
I'm getting following error.
Fatal: Disconnected: No supported authentication methods available
I have to pass user name and password. And on target system I don't have much of control.
Could anybody point out what I'm doing wrong?
The remote server might be rejecting ssh with a password. You could try to set up DSA or RSA keys with puttygen but you would need to change the key on the remote site. Does this work with ftp? Root login might also be disabled, and besides its usually a bad idea. That is why someone suggested that this go to the superuser forum. Root is not a regular user and remote login might be disabled in /etc/sshd_config.
Changed
...
PermitRootLogin no
...
PasswordAuthentication no
...
To
...
PermitRootLogin yes
...
PasswordAuthentication yes
And it worked!
I am on a Windows7 machine and I'm trying to get graphic view on the centOS machine to be displayed on my current screen. When typing xclock, gedit... in terminal, I am getting the following error
-bash: xclock: command not found
and This the result of # vi /etc/ssh/sshd_config command
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
#tewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
Also Xming is running on server:0.0 and I turned X11 forwarding on on putty
So what's the problem ?
sudo yum install xorg-x11-apps
Should cover it!
Do you have an .Xauthority file in your home directory?
I've recently found the answer for my issue, which might be similar to yours. I've seen quite a few open questions about this topic without resolution. You may have a few more things to work through, but SELinux settings ended up being my final hurdle. This among many other steps are covered here: ssh X11 forwarding won't work
That aside, you may need to change the Xming settings to match the default DisplayOffset of 10 for Centos. And after any changes to sshd_config, you'll need to restart the service via
/etc/init.d/sshd restart
I would like to emphasize that my situation is a non-critical operation within a (hopefully!) securely-managed intranet. I would NOT suggest turning off SELinux at work, or at home if you're hoping to open ports or configure VPN for your home network. Please consider: http://securityblog.org/2006/05/21/software-not-working-disable-selinux/