Connection issues

Support for security such as Firewalls and securing linux
Post Reply
afernandezody
Posts: 50
Joined: 2019/06/25 13:10:33

Connection issues

Post by afernandezody » 2019/09/25 16:29:27

Hello,
I'm running into a weird problem when creating user accounts and connecting to AWS instances. The process involves starting two instances, one with CentOS and the other with AmazonLinux2, and creating another user (the full steps are described at https://docs.aws.amazon.com/AWSEC2/late ... users.html) with the commands:

Code: Select all

sudo adduser monica
sudo su - monica
mkdir .ssh
chmod 700 .ssh
touch .ssh/authorized_keys
vi .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
Nothing out of ordinary. However, and when I try to connect to the instance as the new user (e.g. 'monica'), the ssh connection works seamlessly for the AmazonLinux2 instance but doesn't work for the CentOS instance. The error message is the well-known:

Code: Select all

login as: monica
Server refused our key
I'm trying to figure out why of the different response and the root of the problem for CentOS. Any suggestion would be greatly appreciated.
Thank you,
Arturo

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Connection issues

Post by TrevorH » 2019/09/25 20:51:09

Try restorecon -RFv $USER/.ssh
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

afernandezody
Posts: 50
Joined: 2019/06/25 13:10:33

Re: Connection issues

Post by afernandezody » 2019/09/25 21:25:11

Hi @TrevorH,
Thanks. It didn't work, it's still refusing the connection. The putty window is outputting: Disconnected: No supported authentication methods available (server sent: publickey,gssapi-keyex,gssapi-with-mic).

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Connection issues

Post by TrevorH » 2019/09/25 21:27:19

Then you need to read /var/log/secure on the server to find out why it's doing this.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

afernandezody
Posts: 50
Joined: 2019/06/25 13:10:33

Re: Connection issues

Post by afernandezody » 2019/09/25 22:58:45

I still cannot figure out why it's failing in one OS but not in the other. The secure file in CentOS is not providing any specifics:

Code: Select all

Sep 25 22:23:15 ip-172-31-22-38 sshd[1685]: error: Received disconnect from 73.214.236.221 port 51253:14: No supported authentication methods available [preauth]
Sep 25 22:23:15 ip-172-31-22-38 sshd[1685]: Disconnected from 73.214.236.221 port 51253 [preauth]
However, the same procedure works in ALinux2:

Code: Select all

Sep 25 22:50:58 ip-172-31-23-183 sshd[3535]: Accepted publickey for monica from 73.214.236.221 port 51852 ssh2: RSA SHA256:2k9zgOzGS5N1t661sTesoF0xpRDTCC7O/M7wI5mZlXg
Sep 25 22:50:58 ip-172-31-23-183 sshd[3535]: pam_unix(sshd:session): session opened for user monica by (uid=0)
The only noticeable difference is the port (51253 vs. 51852) but I wouldn't think that to cause the failure.

stevemowbray
Posts: 519
Joined: 2012/06/26 14:20:47

Re: Connection issues

Post by stevemowbray » 2019/09/26 13:23:57

Look for diferences between the sshd configs (/etc/ssh/sshd_config) on the two instances.

afernandezody
Posts: 50
Joined: 2019/06/25 13:10:33

Re: Connection issues

Post by afernandezody » 2019/09/26 13:47:16

Hi @stevemowbray,
Thanks for your answer. The files are quite different! The CentOS one is warning me that it was created with Chef and shouldn't be modified manually. Before testing any changes, I'll have to study up on this config file as I'm unfamiliar with its syntax & parameters.

Post Reply