# sshd suddenly only allows root logins

## Klavs

Hi guys,

I've had my Gentoo server for quite a while - and I yesterday got to run etc-update (yes I know i'm bad cause I didn't do it all the time) and updated the 99 cfg changes  :Smile: 

After this ( I think - I didn't notice until late same night - and I had the sshd session open all day) I can't login as anything other than root. I even tried adding another user, and that user can't login either. the log just says:

[sshd] Failed password for <username> from <ip> port xxxxx ssh

and I know the password is not incorrect, as I can su to the user, and read my imaps-mail with the same password.

Any ideas, what could cause this? the users are mentioned in AllowUsers in sshd_config.

Any help will be greatly appreciated - I don't want to login as root only  :Sad: 

----------

## Dragon561

If you want to ssh from another user, the only way I found that you can do it is to use a program such as Absolute Telnet or Putty. It is kinda strange that the default user it root, but that is the only way i have done it.

----------

## Klavs

I'm using Openssh.

And I had set 

AllowUsers username1 username2

PermitRootLogin no

Now i had to add root to AllowUsers list, and change PermitRootLogin.

If I didn't have the AllowUsers set, everyone who had a valid shell could login via ssh.

It has worked fine for ages - just suddenly only works for root (ssh root@host) - and not for other users (ssh username1@host)  :Sad:  - it says password failed - but the password is correct.

----------

## rac

There was a change a while ago that tightened up /etc/pam.d/ssh, and doesn't let users without a valid shell log in via ssh any more.  Could you have gotten caught in this?  What's your user's shell?

----------

## nerftoe

 *rac wrote:*   

> There was a change a while ago that tightened up /etc/pam.d/ssh, and doesn't let users without a valid shell log in via ssh any more.  Could you have gotten caught in this?  What's your user's shell?

 

I had the same problem and was browsing the boards trying to find an answer. It seems that the account I was trying to log in with did not have a shell listed in /etc/passwd. I just added a ":/bin/bash" at the end of the user's entry, and I was good to go! Thanks!   :Smile: 

----------

## jflasch

 *nerftoe wrote:*   

> 
> 
> I had the same problem and was browsing the boards trying to find an answer. It seems that the account I was trying to log in with did not have a shell listed in /etc/passwd. I just added a ":/bin/bash" at the end of the user's entry, and I was good to go! Thanks!  

 

I  spent too many hours looking for this one.  Yep added the :/bin/bash and now I can log in using the passwd.  You think ssh could have put out some message ????

----------

## puggy

I had a random problem where the permissions on /etc/passwd had become rw for root only, nobody else had any rights. Can't imagine how it happened. Never touched the file manually. Might be something to check if your having problems.

Puggy

----------

## cybert

I'm pretty much still a noob but did you try...

```
ssh -l user host
```

It was the only way I was able to ssh in as anything without getting a login failure. I rarely ssh anymore but when I do, I always use the -l (lowecase L). 

Just a thought...

----------

