<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body><div> </div>
<div>By the way, earlier - in an attempt to isolate the program - I decided to use the same key pair for steve as works for root. I copied authorized_keys to /home/steve/.ssh and changed its owner to steve. It made no differentce<br></div>
<div>=======================================<br></div>
<div>SSHD CONFIG:<br></div>
<div>=======================================<br></div>
<div># $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $<br></div>
<div> </div>
<div># This is the sshd server system-wide configuration file. See<br></div>
<div># sshd_config(5) for more information.<br></div>
<div> </div>
<div># This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin<br></div>
<div> </div>
<div># The strategy used for options in the default sshd_config shipped with<br></div>
<div># OpenSSH is to specify options with their default value where<br></div>
<div># possible, but leave them commented. Uncommented options change a<br></div>
<div># default value.<br></div>
<div> </div>
<div># Port 22<br></div>
<div># AddressFamily any<br></div>
<div># ListenAddress 0.0.0.0<br></div>
<div># ListenAddress ::<br></div>
<div> </div>
<div># Disable legacy (protocol version 1) support in the server for new<br></div>
<div># installations. In future the default will change to require explicit<br></div>
<div># activation of protocol 1<br></div>
<div>Protocol 2<br></div>
<div> </div>
<div># HostKey for protocol version 1<br></div>
<div># HostKey /etc/ssh/ssh_host_key<br></div>
<div># HostKeys for protocol version 2<br></div>
<div># HostKey /etc/ssh/ssh_host_rsa_key<br></div>
<div># HostKey /etc/ssh/ssh_host_dsa_key<br></div>
<div> </div>
<div># Lifetime and size of ephemeral version 1 server key<br></div>
<div># KeyRegenerationInterval 1h<br></div>
<div># ServerKeyBits 1024<br></div>
<div> </div>
<div># Logging<br></div>
<div># obsoletes QuietMode and FascistLogging<br></div>
<div># SyslogFacility AUTH<br></div>
<div>SyslogFacility AUTHPRIV<br></div>
<div>LogLevel VERBOSE<br></div>
<div> </div>
<div># Authentication:<br></div>
<div> </div>
<div># LoginGraceTime 2m<br></div>
<div># PermitRootLogin yes<br></div>
<div># StrictModes yes<br></div>
<div># MaxAuthTries 6<br></div>
<div># MaxSessions 10<br></div>
<div> </div>
<div>#RSAAuthentication yes<br></div>
<div># PubkeyAuthentication yes<br></div>
<div># AuthorizedKeysFile %h/.ssh/authorized_keys<br></div>
<div># AuthorizedKeysCommand none<br></div>
<div># AuthorizedKeysCommandRunAs nobody<br></div>
<div> </div>
<div># For this to work you will also need host keys in /etc/ssh/ssh_known_hosts<br></div>
<div># RhostsRSAAuthentication no<br></div>
<div># similar for protocol version 2<br></div>
<div># HostbasedAuthentication no<br></div>
<div># Change to yes if you don't trust ~/.ssh/known_hosts for<br></div>
<div># RhostsRSAAuthentication and HostbasedAuthentication<br></div>
<div># IgnoreUserKnownHosts no<br></div>
<div># Don't read the user's ~/.rhosts and ~/.shosts files<br></div>
<div># IgnoreRhosts yes<br></div>
<div> </div>
<div># To disable tunneled clear text passwords, change to no here!<br></div>
<div># PasswordAuthentication yes<br></div>
<div># PermitEmptyPasswords no<br></div>
<div>PasswordAuthentication no<br></div>
<div> </div>
<div># Change to no to disable s/key passwords<br></div>
<div>#ChallengeResponseAuthentication yes<br></div>
<div>ChallengeResponseAuthentication no<br></div>
<div> </div>
<div># Kerberos options<br></div>
<div>#KerberosAuthentication no<br></div>
<div>#KerberosOrLocalPasswd yes<br></div>
<div>#KerberosTicketCleanup yes<br></div>
<div>#KerberosGetAFSToken no<br></div>
<div>#KerberosUseKuserok yes<br></div>
<div> </div>
<div># GSSAPI options<br></div>
<div># GSSAPIAuthentication no<br></div>
<div>GSSAPIAuthentication yes<br></div>
<div># GSSAPICleanupCredentials yes<br></div>
<div>GSSAPICleanupCredentials yes<br></div>
<div># GSSAPIStrictAcceptorCheck yes<br></div>
<div># GSSAPIKeyExchange no<br></div>
<div> </div>
<div># Set this to 'yes' to enable PAM authentication, account processing,<br></div>
<div># and session processing. If this is enabled, PAM authentication will<br></div>
<div># be allowed through the ChallengeResponseAuthentication and<br></div>
<div># PasswordAuthentication. Depending on your PAM configuration,<br></div>
<div># PAM authentication via ChallengeResponseAuthentication may bypass<br></div>
<div># the setting of "PermitRootLogin without-password".<br></div>
<div># If you just want the PAM account and session checks to run without<br></div>
<div># PAM authentication, then enable this but set PasswordAuthentication<br></div>
<div># and ChallengeResponseAuthentication to 'no'.<br></div>
<div>#UsePAM no<br></div>
<div>UsePAM yes<br></div>
<div> </div>
<div># Accept locale-related environment variables<br></div>
<div>AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES<br></div>
<div>AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT<br></div>
<div>AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE<br></div>
<div>AcceptEnv XMODIFIERS<br></div>
<div> </div>
<div>#AllowAgentForwarding yes<br></div>
<div>#AllowTcpForwarding yes<br></div>
<div>#GatewayPorts no<br></div>
<div>#X11Forwarding no<br></div>
<div>X11Forwarding yes<br></div>
<div>#X11DisplayOffset 10<br></div>
<div>#X11UseLocalhost yes<br></div>
<div>#PrintMotd yes<br></div>
<div>#PrintLastLog yes<br></div>
<div>#TCPKeepAlive yes<br></div>
<div>#UseLogin no<br></div>
<div>#UsePrivilegeSeparation yes<br></div>
<div>#PermitUserEnvironment no<br></div>
<div>#Compression delayed<br></div>
<div>#ClientAliveInterval 0<br></div>
<div>#ClientAliveCountMax 3<br></div>
<div>#ShowPatchLevel no<br></div>
<div>#UseDNS yes<br></div>
<div>#PidFile /var/run/sshd.pid<br></div>
<div>#MaxStartups 10:30:100<br></div>
<div>#PermitTunnel no<br></div>
<div>#ChrootDirectory none<br></div>
<div> </div>
<div># no default banner path<br></div>
<div>#Banner none<br></div>
<div> </div>
<div># override default of no subsystems<br></div>
<div>Subsystem sftp /usr/libexec/openssh/sftp-server<br></div>
<div> </div>
<div># Example of overriding settings on a per-user basis<br></div>
<div>#Match User anoncvs<br></div>
<div># X11Forwarding no<br></div>
<div># AllowTcpForwarding no<br></div>
<div># ForceCommand cvs server<br></div>
<div> </div>
<div>=======================================<br></div>
<div>recent contents of /var/log/secure<br></div>
<div>=======================================<br></div>
<div>May 11 12:28:31 vslaw sshd[5989]: Received signal 15; terminating.<br></div>
<div>May 11 12:28:31 vslaw sshd[7233]: Set /proc/self/oom_score_adj from 0 to -1000<br></div>
<div>May 11 12:28:31 vslaw sshd[7233]: Server listening on 0.0.0.0 port 22.<br></div>
<div>May 11 12:28:31 vslaw sshd[7233]: Server listening on :: port 22.<br></div>
<div>May 11 12:28:48 vslaw sshd[6760]: pam_unix(sshd:session): session closed for user root<br></div>
<div>May 11 12:28:53 vslaw sshd[7236]: Set /proc/self/oom_score_adj to 0<br></div>
<div>May 11 12:28:53 vslaw sshd[7236]: Connection from 107.132.57.128 port 1476<br></div>
<div>May 11 12:28:55 vslaw sshd[7236]: Found matching RSA key: f1:9e:10:c8:3a:ba:73:97:47:d7:e1:b6:f3:69:14:bc<br></div>
<div>May 11 12:28:55 vslaw sshd[7237]: Postponed publickey for root from 107.132.57.128 port 1476 ssh2<br></div>
<div>May 11 12:28:56 vslaw sshd[7236]: Found matching RSA key: f1:9e:10:c8:3a:ba:73:97:47:d7:e1:b6:f3:69:14:bc<br></div>
<div>May 11 12:28:56 vslaw sshd[7236]: Accepted publickey for root from 107.132.57.128 port 1476 ssh2<br></div>
<div>May 11 12:28:56 vslaw sshd[7236]: pam_unix(sshd:session): session opened for user root by (uid=0)<br></div>
<div>May 11 12:28:58 vslaw sshd[7236]: Connection closed by 107.132.57.128<br></div>
<div>May 11 12:28:58 vslaw sshd[7236]: pam_unix(sshd:session): session closed for user root<br></div>
<div>May 11 12:28:58 vslaw sshd[7236]: Transferred: sent 3760, received 3472 bytes<br></div>
<div>May 11 12:28:58 vslaw sshd[7236]: Closing connection to 107.132.57.128 port 1476<br></div>
<div>May 11 12:29:02 vslaw sshd[7252]: Set /proc/self/oom_score_adj to 0<br></div>
<div>May 11 12:29:02 vslaw sshd[7252]: Connection from 107.132.57.128 port 1477<br></div>
<div>May 11 12:29:04 vslaw sshd[7252]: Failed publickey for steve from 107.132.57.128 port 1477 ssh2<br></div>
<div>May 11 12:29:05 vslaw sshd[7253]: Received disconnect from 107.132.57.128: 14: No supported authentication methods available<br></div>
<div>May 11 12:29:11 vslaw sshd[7254]: Set /proc/self/oom_score_adj to 0<br></div>
<div>May 11 12:29:11 vslaw sshd[7254]: Connection from 107.132.57.128 port 1478<br></div>
<div>May 11 12:29:12 vslaw sshd[7254]: Found matching RSA key: f1:9e:10:c8:3a:ba:73:97:47:d7:e1:b6:f3:69:14:bc<br></div>
<div>May 11 12:29:12 vslaw sshd[7255]: Postponed publickey for root from 107.132.57.128 port 1478 ssh2<br></div>
<div>May 11 12:29:13 vslaw sshd[7254]: Found matching RSA key: f1:9e:10:c8:3a:ba:73:97:47:d7:e1:b6:f3:69:14:bc<br></div>
<div>May 11 12:29:13 vslaw sshd[7254]: Accepted publickey for root from 107.132.57.128 port 1478 ssh2<br></div>
<div>May 11 12:29:13 vslaw sshd[7254]: pam_unix(sshd:session): session opened for user root by (uid=0)<br></div>
<div>=======================================<br></div>
<div> </div>
<div> </div>
<div>On Mon, May 11, 2015, at 00:07, Chris Punches wrote:<br></div>
<div>Can you please provide the sshd.conf being used?<br></div>
<div> </div>
<div>Also could you set sshd.conf to verbose logging, generate a few login attempts, and paste /var/log/auth.log or equivalent of that log for your distro?<br></div>
<div> </div>
<div>-Chris Punches<br></div>
</body>
</html>