[Nix-dev] Can't SSH into a root account

Andreas Herrmann andreash87 at gmx.ch
Fri Aug 22 13:28:14 CEST 2014


Dear Mateusz,

Isn't SSH default configured to only accept public-key login for root?

First thing I found on google about it: http://askubuntu.com/questions/449364/what-does-without-password-mean-in-sshd-config-file

The option `permitRootLogin` should fix it:
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/networking/ssh/sshd.nix#L117

Or have you tried that already?

Best, Andreas


On Friday 22 August 2014 11:22:13 Mateusz Kowalczyk wrote:
> Hi,
> 
> I while ago I put NixOS on another computer. I set it all up and it's
> great except for one problem: I can't SSH into the root account on it.
> See below for some attempts: I want to SSH from @lenalee to @yuuki. It
> just keeps rejecting my password even know I know it's correct: I
> demonstrate that by SSHing into a regular user on that box and then
> using ‘su’. This also shows that it's not a problem with SSH access in
> general, just to that user. The only thing I'm not showing here is
> SSHing into root at yuuki from regular user @lenalee because I  set up
> login with a public key for convenience. This also that I can actually
> log into the user, just not with the password.
> 
> I hoped that this would go away after I stopped messing with the users
> at install time but it has now been weeks and multiple reboots &c and
> the problem persists.
> 
> Below is an annotated session dump. I especially point your attention to
> the last part.
> 
> ##
> -- Try logging into the root user, fail.
> [root at lenalee:/home/shana]# ssh root at yuuki
> Password:
> Password:
> ^C
> 
> [root at lenalee:/home/shana]# exit
> 
> -- Log into the regular user there.
> [shana at lenalee:~]$ ssh shana at yuuki
> Password:
> Last login: Fri Aug 22 11:10:18 2014 from lenalee
> 
> -- …and switch to the root that way…
> [shana at yuuki:~]$ su
> Password:
> 
> -- …which works so the password is correct.
> [root at yuuki:/home/shana]# exit
> 
> [shana at yuuki:~]$ logout
> Connection to yuuki closed.
> 
> [shana at lenalee:~]$ su
> Password:
> 
> -- Keep trying, keep failing. That second way of failure and prompting
> -- makes me suspicious.
> [root at lenalee:/home/shana]# ssh root at yuuki
> Password:
> Password:
> Password:
> root at yuuki's password:
> Permission denied, please try again.
> root at yuuki's password:
> Permission denied, please try again.
> root at yuuki's password:
> 
> [root at lenalee:/home/shana]# exit
> ##
> 
> It'd be great if someone could offer some advice.
> 
> 


More information about the nix-dev mailing list