Home / server / Questions / 254698
Accepted
Stewie
Asked: 2011-04-02 09:04:49 +0800 CST

Unable to get the SSH access for a new user

  • 772

I created a new user on ubuntu 10 username: codeuser

There is an existing user called "admin". Now, my problem is that I cannot directly connect to the server using the codeuser credentials. But, I can SSH in through "admin" and then su (change the user to codeuser) and it works. How do I get the shell access to the codeuser user ?

This is the output of my files: 

cat /etc/passwd

root:x:0:0:root:/root:/bin/bash
www-data:x:33:33:www-data:/var/www:/bin/bash
admin:x:1000:1000:,,,:/home/admin:/bin/bash
ftp:x:107:65534::/home/ftp:/bin/false
codeuser:x:1004:33::/home/codeuser:/bin/bash


cat /etc/group

root:x:0:
www-data:x:33:
codeuser:x:1005:



iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination          
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql  

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination          

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
linux ubuntu user-management groups

8 Answers

  1. Best Answer

    Check /etc/ssh/sshd_config for allowed users list. If it is OK, the problem is more complex. Try to connect as "ssh codeuser@your-server -v"

    • 11

  2. On Ubuntu 18.04 I had simply neglected to add my client's public key to the authorized keys file (this post got me thinking about the authorized_keys file: https://superuser.com/a/1337741/413936).

    chmod 700 ~/.ssh
cd ~/.ssh
touch authorized_keys
chmod 600 authorized_keys

    Then add your client's public key to authorized_keys file.

    For whatever reason though, I didn't need to add PasswordAuthentication yes to /etc/ssh/sshd_config on Ubuntu 18.04.3 LTS as other people have mentioned. To be clear, mine is commented out like this # PubkeyAuthentication yes and I restarted both ssh and sshd services and was still able to ssh in.

    • 4

  3. Check /var/log/auth.log for any errors. Did you assign codeuser a password using the passwd command?

    • 2

  4. Stumble to this thread after create a new user and cannot SSH to the new user. I managed to fix it after looked for the group and user of .ssh folder and authorized_keys file. They were set to root:root, because I copied them from other user's folder with sudo.

    So I fix it with:

    sudo chown new_user:new_user /home/new_user/.ssh/
sudo chown new_user:new_user /home/new_user/.ssh/authorized_keys

    Hope this helps

    • 2

  5. A quite old post but still valid. Worth checking logs as Marco Ramos mentioned above. In my case with Debian 9 a group must granted with permissions /var/log/auth.log

    Nov 23 23:10:46 AreNAS sshd[6765]: User are from 192.168.0.36 not allowed because none of user's groups are listed in AllowGroups
    • 0

  6. Make sure the public key is correct in this place:

    /home/newUsername/.ssh/authorized_keys
    • 0

  7. Try to check /var/log/auth.log for possible error messages.

    Also, ask the user to try to login with ssh -v, for more verbose output.

    Hope this helps!

    • -1

  8. On new Debian installations (may be even other distributions) you have to enable password login. It started to happen recently. AllowUsers won't help you, PermitRootLogin yes won't help you.

    Default configuration in /etc/ssh/sshd_config is:

    # To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes

    but it won't let you ssh to it with plain text password. You have to uncomment it, restart sshd, insert your ssh key and comment it back or leave it enabled.

    • -2