enabling root over ssh on F11

Hiisi very-cool at rambler.ru
Sat Sep 12 18:37:20 UTC 2009 

> Date: Sat, 12 Sep 2009 18:13:36 +0100
> From: Aaron Gray <aaronngray.lists at googlemail.com>
> Subject: Re: enabling root over ssh on F11
> To: "Community assistance, encouragement,       and advice for using
>        Fedora." <fedora-list at redhat.com>
> Message-ID:
>        <9719867c0909121013q5f9f3a0ejf8adcb3425717708 at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 12/09/2009, Todd Zullinger <tmz at pobox.com> wrote:
>> Aaron Gray wrote:
>>> I need to enable root access via sshd. I will be using certificates and
>>> firewalled access.
>>> I tried remove the suffix " user != root quiet" from /etc/pam.d/gdm.
>>
>> This only affects login via the Gnome Display Manager.
>>
>>> Also added "PermitRootLogin yes" in /etc/ssh/sshd_config.
>>
>> This is, AFAIK, the default.  It doesn't hurt having it, but it should
>> not be required.
>>
>>> Also put SELinux into Permissive mode.
>>>
>>> But still neither root sshd nor login work.
>>
>> I know that root logins via sshd work on F11, and there isn't anything
>> special required to allow it that I am aware of.  I think you should
>> post the details of the failure you are seeing.  Running ssh with -vvv
>> for more verbose output might help.  Also, check /var/log/secure on
>> the server to see if it includes any relevant information.  If you are
>> using key based authentication, you should look for lines indicating
>> that the ownership and permissions on your keys are incorrect.
>
> Its like the password is being rejected but the password works in
> 'su'. I am getting the following:-
>
> ang at Zinc ~]$ ssh -vvv root at 192.168.0.16
> OpenSSH_5.2p1, OpenSSL 0.9.8k-fips 25 Mar 2009
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to 192.168.0.16 [192.168.0.16] port 22.
> debug1: Connection established.
<--skip-->
> debug1: No more authentication methods to try.
> Permission denied (publickey,gssapi-with-mic,password).
>
> Any clues ?
>
> Aaron
>
>
>

Dumb question: are you sure ssh daemon is running on the server? Can
you login as non-root user to it?

-- 
Hiisi.
Registered Linux User #487982. Be counted at: http://counter.li.org/
--
Spandex is a privilege, not a right.
--
SIP: hiisi at ekiga.net
------------------------------
pub   1024D/085B139A 2009-09-11
uid                  Hiisi (Hiisi Troll) <saippua5 at gmail.com>
sub   2048g/F9138A60 2009-09-11

More information about the users mailing list