SSH Access Denied because Invalid User

Posted on

This is an article which is made to show an alternative for describing on how to solve problems where there is an error generated by SSH utility command which is executed to remote several servers. The error is ‘access denied’ as shown below :

user@hostname:/opt$ ssh - l remoteuser@xxx.xxx.xxx.xxx
Access denied
user@hostname:/opt$  

In order to solve the problem, there are several steps which is taken as described below :

1. Check to content of /var/log/secure

[root@localhost ~]# tail -f /var/log/secure
Feb  8 08:23:17 localhost sudo: adminuser : TTY=pts/0 ; PWD=/home/adminuser ; USER=root ; COMMAND=/bin/su -
Feb  8 08:23:17 localhost su: pam_unix(su-l:session): session opened for user root by adminuser(uid=0)
Feb  8 08:23:30 localhost sshd[36601]: User myuser from xxx.xxx.xxx.xxx not allowed because not listed in AllowUsers
Feb  8 08:23:30 localhost sshd[36601]: input_userauth_request: invalid user myuser [preauth]
Feb  8 08:23:30 localhost unix_chkpwd[36603]: password check failed for user (myuser)
Feb  8 08:23:30 localhost sshd[36601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=xxx.xxx.xxx.xxx  user=myuser
Feb  8 08:23:32 localhost sshd[36601]: Failed password for invalid user myuser from xxx.xxx.xxx.xxx port xxxxxxx ssh2
Feb  8 08:23:50 localhost unix_chkpwd[36604]: password check failed for user (myuser)
Feb  8 08:23:52 localhost sshd[36601]: Failed password for invalid user myuser from xxx.xxx.xxx.xxx port xxxxxxx ssh2
Feb  8 08:23:58 localhost sshd[36605]: refused connect from xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Feb  8 08:24:27 localhost sshd[36601]: Connection closed by xxx.xxx.xxx.xxx [preauth]
Feb  8 08:24:27 localhost sshd[36601]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=xxx.xxx.xxx.xxx  user=myuser

Based on the log written above the most important clue for solving the problem is shown as follows :

Feb  8 08:23:30 localhost sshd[36601]: User myuser from xxx.xxx.xxx.xxx not allowed because not listed in AllowUsers

And another line of the log which is also very helpful for giving another clue :

Feb  8 08:23:30 localhost sshd[36601]: input_userauth_request: invalid user myuser [preauth]

Based on those output above, the main problem exist in the user used in the SSH connection process which is not allowed to be able to connect. So, an alternative solution to solve the problem is by doing the next step :

2. Edit file /etc/ssh/sshd_config
Add the following content :

AllowUsers myuser

Below is how to edit the file using one of text editor exist called ‘vim’ :

[root@localhost ~]# vim /etc/ssh/sshd_config

3. After editing the file above, don’t forget to restart the service so the changes will be implemented and it will have an effect so that the user can remotely connect using SSH connection as shown in the following command :

[root@localhost ~]# systemctl restart sshd.service

4. Finally, check the status of the service whether it is currently active.

[root@localhost ~]# systemctl status sshd.service
 ● sshd.service - OpenSSH server daemon 
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled) 
Active: active (running) since Wed 2017-02-08 08:24:47 WIB; 4s ago Main PID: 36618 (sshd) 
CGroup: /system.slice/sshd.service 
└─36618 /usr/sbin/sshd -D Feb 08 08:24:47 localhost systemd[1]: Started OpenSSH server daemon. Feb 08 08:24:47 localhost systemd[1]: Starting OpenSSH server daemon... Feb 08 08:24:47 localhost sshd[36618]: Server listening on 0.0.0.0 port 22. Feb 08 08:24:47 localhost sshd[36618]: Server listening on :: port 22. Feb 08 08:24:50 localhost sshd[36619]: Accepted password for myuser from xxx.xxx.xxx.xxx port 51474 ssh2

5. Try to reconnect using SSH connection using the previously disallowed user for remotely connect, in the above context it is ‘myuser’.

One thought on “SSH Access Denied because Invalid User

Leave a Reply