If we are just allowing both on AllowUsers in file
/etc/ssh/sshd_config, new users won’t be allowed to access the server.
So!, lets edit it a add the new user. Find AllowUser line and add it there.
sudo nano /etc/ssh/sshd_config
This should look something like
AllowUsers bofh newuser
Save and Exit!
service ssh restart
Now the user!
addgroup --system filetransf
usermod -G filetransf username
chown root:root /home/username
chmod 755 /home/username
chown username:filetransf *
One of my clients was trying to connect, for the first time, on his brand new server..
Somehow he wasn’t able to connect….
He showed me the following *log/report*…
Status: Waiting to retry...
Status: Connecting to 37.XX.XX.XX...
Response: fzSftp started
Command: open "[email protected]" 22
Error: Server unexpectedly closed network connection
Error: Could not connect to server
and this is the auth.log on the server…
fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server [email protected],hmac-sha2-256-$
Update the SFTP client – in this case filezilla -.
I was trying to access via SFTP and SSH to a host, and I was getting some strange errors…
yesterday it was okay….
ssh [email protected]
[email protected]'s password:
Write failed: Broken pipe
I’v sshed with other user and changed to a root user.
Had to read the auth.log file to figure out what was going on.
[email protected]:/home/mike# tail -f /var/log/auth.log
So… this is what I got.
May 28 13:45:31 sd-11111 sshd: Accepted password for mike from 22.214.171.124 port 59004 ssh2
May 28 13:45:31 sd-11111 sshd: pam_unix(sshd:session): session opened for user mike by (uid=0)
May 28 13:45:31 sd-11111 systemd-logind: Removed session 4.
May 28 13:45:31 sd-11111 systemd-logind: New session 5 of user mike.
May 28 13:45:32 sd-11111 sshd: fatal: bad ownership or modes for chroot directory "/home/mike"
May 28 13:45:32 sd-11111 sshd: pam_unix(sshd:session): session closed for user mike
The solution was to do the following…
[email protected]:/home# sudo chown root:root /home/mike/
[email protected]:/home# sudo chmod 755 /home/mike/
Create the user and their home
useradd -d /home/username -M -N -g users username
sudo chown root:root /home/username
sudo chmod 755 /home/username
Search for “lib/openssh/sftp-server” and make it like
#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
Add the following lines bellow it…
Match User username
service ssh restart