[Nix-dev] Can't SSH into a root account
Andreas Herrmann
andreash87 at gmx.ch
Fri Aug 22 13:28:14 CEST 2014
Dear Mateusz,
Isn't SSH default configured to only accept public-key login for root?
First thing I found on google about it: http://askubuntu.com/questions/449364/what-does-without-password-mean-in-sshd-config-file
The option `permitRootLogin` should fix it:
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/networking/ssh/sshd.nix#L117
Or have you tried that already?
Best, Andreas
On Friday 22 August 2014 11:22:13 Mateusz Kowalczyk wrote:
> Hi,
>
> I while ago I put NixOS on another computer. I set it all up and it's
> great except for one problem: I can't SSH into the root account on it.
> See below for some attempts: I want to SSH from @lenalee to @yuuki. It
> just keeps rejecting my password even know I know it's correct: I
> demonstrate that by SSHing into a regular user on that box and then
> using ‘su’. This also shows that it's not a problem with SSH access in
> general, just to that user. The only thing I'm not showing here is
> SSHing into root at yuuki from regular user @lenalee because I set up
> login with a public key for convenience. This also that I can actually
> log into the user, just not with the password.
>
> I hoped that this would go away after I stopped messing with the users
> at install time but it has now been weeks and multiple reboots &c and
> the problem persists.
>
> Below is an annotated session dump. I especially point your attention to
> the last part.
>
> ##
> -- Try logging into the root user, fail.
> [root at lenalee:/home/shana]# ssh root at yuuki
> Password:
> Password:
> ^C
>
> [root at lenalee:/home/shana]# exit
>
> -- Log into the regular user there.
> [shana at lenalee:~]$ ssh shana at yuuki
> Password:
> Last login: Fri Aug 22 11:10:18 2014 from lenalee
>
> -- …and switch to the root that way…
> [shana at yuuki:~]$ su
> Password:
>
> -- …which works so the password is correct.
> [root at yuuki:/home/shana]# exit
>
> [shana at yuuki:~]$ logout
> Connection to yuuki closed.
>
> [shana at lenalee:~]$ su
> Password:
>
> -- Keep trying, keep failing. That second way of failure and prompting
> -- makes me suspicious.
> [root at lenalee:/home/shana]# ssh root at yuuki
> Password:
> Password:
> Password:
> root at yuuki's password:
> Permission denied, please try again.
> root at yuuki's password:
> Permission denied, please try again.
> root at yuuki's password:
>
> [root at lenalee:/home/shana]# exit
> ##
>
> It'd be great if someone could offer some advice.
>
>
More information about the nix-dev
mailing list