Unable to log in via SSH

Yesterday I installed Webmin, and in the process, I installed the Authen::PAM module required for it to run. I believe this is relevant to my current situation but I may be wrong.

I was also having trouble with Proftpd authentication, so I executed "authconfig", and though I thought I exited without making any changes, it could be the case that I screwed something up by going in there.

Today, I rebooted my Linode, and now I can no longer SSH into the box. The SSH daemon is up (it asks for a password) but it rejects my root password or any of the other accounts in the system that were working fine until the reboot.

I am able to log in via Lish, but when I do so, and attempt to get a screen shell (pressing ENTER a few times), all I get is the following prompt

li13-155 login:

Which does not accept any username or password I give it. I know the host is up, and I have access to it via Webmin. I am fairly certain that I have screwed something up related to Authentication and possibly to do with the PAM module, so no SSH login is allowed.

A line that caught my eye from the boot log via lish:

/sbin/mkkerneldoth: line 23: /boot/kernel.h: No such file or directory

(not sure if that is even related to my problem)

What should I try next in order to fix this?

7 Replies

I have experienced this issue in the past. If you have a lish console session active during a reboot it might do this. I have fixed this by closing my lish session, rebooting and do not open the lish session until the boot process has completed.

Thanks for the tip, but it seems that my problem might be related to something else. I did just reboot without any lish sessions open, and I am still unable to log in via SSH.

To be perfectly clear, the password prompt comes up, but it rejects my password (the same root password that works just fine via Webmin) leading me to think that it is some sort of authentication module issue.

umm check ur /etc/sshd_config type file and check that permitrootlogin isnt set to no after an update or so :) i had that problem ages ago where id started to secure my system but forgot to restart ssh. so then when ssh restarted due to me rebooting i couldnt log in via root and couldnt for the life of me work out why :)

hope that helps

Cheers

internat

But if he's coming in through lish, that's bypassing his SSH completely. That's why it looks like this is some more fundamental authentication problem. I wish I could help more than that!

I'd start out by launching finnix and mount your / partition, check and make sure your /etc/shadow and /etc/passwd files are still intact and something didn't set them back to defaults or some such. Then I'd check my authentication config files and make sure they're ok. (don't ask me which ones, though, I'm not sure off the top of my head :P)

Thanks for all the tips, guys.

I have checked to make sure the SSH configuration is in order (via Webmin) , and it does allow root login. I am also pretty sure that /etc/password et all are working, since I can log into webmin using any of the Unix user accounts I set up originally.

I was able to find the SSH logs in webmin, and I noticed something that seems very likely to be related to the problem I have:

Apr  9 12:58:30 li13-155 sshd[4866]: PAM unable to dlopen(/lib/security/$ISA/pam_env.so)
Apr  9 12:58:30 li13-155 sshd[4866]: PAM [dlerror: /lib/security/$ISA/pam_env.so: cannot open shared object file: No such file or directory]
Apr  9 12:58:30 li13-155 sshd[4866]: PAM adding faulty module: /lib/security/$ISA/pam_env.so
Apr  9 12:58:30 li13-155 sshd[4866]: PAM unable to dlopen(/lib/security/$ISA/pam_unix.so)
Apr  9 12:58:30 li13-155 sshd[4866]: PAM [dlerror: /lib/security/$ISA/pam_unix.so: cannot open shared object file: No such file or directory]
Apr  9 12:58:30 li13-155 sshd[4866]: PAM adding faulty module: /lib/security/$ISA/pam_unix.so
Apr  9 12:58:30 li13-155 sshd[4866]: PAM unable to dlopen(/lib/security/$ISA/pam_deny.so)
Apr  9 12:58:30 li13-155 sshd[4866]: PAM [dlerror: /lib/security/$ISA/pam_deny.so: cannot open shared object file: No such file or directory]
Apr  9 12:58:30 li13-155 sshd[4866]: PAM adding faulty module: /lib/security/$ISA/pam_deny.so
Apr  9 12:58:30 li13-155 sshd[4866]: PAM unable to dlopen(/lib/security/$ISA/pam_cracklib.so)
Apr  9 12:58:30 li13-155 sshd[4866]: PAM [dlerror: /lib/security/$ISA/pam_cracklib.so: cannot open shared object file: No such file or directory]
Apr  9 12:58:30 li13-155 sshd[4866]: PAM adding faulty module: /lib/security/$ISA/pam_cracklib.so
Apr  9 12:58:30 li13-155 sshd[4866]: PAM unable to dlopen(/lib/security/$ISA/pam_limits.so)
Apr  9 12:58:30 li13-155 sshd[4866]: PAM [dlerror: /lib/security/$ISA/pam_limits.so: cannot open shared object file: No such file or directory]
Apr  9 12:58:30 li13-155 sshd[4866]: PAM adding faulty module: /lib/security/$ISA/pam_limits.so
Apr  9 12:58:30 li13-155 sshd[4866]: Failed password for web from ::ffff:71.227.0.0 port 63149 ssh2
Apr  9 12:58:39 li13-155 last message repeated 2 times
Apr  9 12:59:48 li13-155 webmin[4874]: Non-existent login as web from 71.227.0.0
Apr  9 13:00:02 li13-155 webmin[4876]: Non-existent login as ghurtado from 71.227.0.0 
Apr  9 13:00:11 li13-155 webmin[4878]: Successful login as root from 71.227.0.0

So it looks like SSHD is attempting to use PAM for authentication but it can't load the PAM modules. Does anyone know if I can change the SSH config to use regular Unix authentication?

Thanks again.

Garcia

Just wanted to give an update to this, even though I never fully understood what happened, I was able to log in via Lish after rebooting into runlevel 1 from the Linode admin site.

I decided to take the easy route and reinstalled the distro, I am using Debian now and so far I like it a lot more than RedHat. :wink:

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct