Results 1 to 8 of 8

Thread: No Supported Authentication methods available when using SSH client

  1. #1
    Registered Member
    Join Date
    Nov 2011
    Posts
    80
    cPanel/WHM Access Level

    Root Administrator

    Default No Supported Authentication methods available when using SSH client

    I have just disabled Password Authentication and created a root SSH key.
    Using WinSCP, I can SSH in perfectly using the root account.

    I thought I would make an account called "user" followed the same steps.
    When I try to connect to this account, I get the error "No Supported Authentication methods available".
    The root account still works though...

    The only change I have made to the config is changing the port in /etc/ssh/sshd_config.
    Any ideas?

  2. #2
    cPanel Staff cPanelTristan's Avatar
    Join Date
    Oct 2010
    Location
    somewhere over the rainbow
    Posts
    7,609
    cPanel/WHM Access Level

    Root Administrator

    Default Re: No Supported Authentication methods available when using SSH client

    Is the additional user listed in /etc/ssh/sshd_config file via the option "AllowUsers username1 username2" directive?

    If you would like to post your /etc/ssh/sshd_config file contents, we could let you know if we see anything wrong with it:

    Code:
    cat /etc/ssh/sshd_config
    cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
    -- Tristan, Technical Analyst III, Forums Specialist, cPanel Tech Support

    Submit a ticket | Check an existing ticket

  3. #3
    Registered Member
    Join Date
    Nov 2011
    Posts
    80
    cPanel/WHM Access Level

    Root Administrator

    Default Re: No Supported Authentication methods available when using SSH client

    Tristan

    I checked the sshd_config file an did not find the option "AllowUsers username1 username2" directive?
    I can see that the necessary keys have been created in /root/.ssh/
    Here is the file:

    Code:
    #	$OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
    
    # This is the sshd server system-wide configuration file.  See
    # sshd_config(5) for more information.
    
    # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
    
    # The strategy used for options in the default sshd_config shipped with
    # OpenSSH is to specify options with their default value where
    # possible, but leave them commented.  Uncommented options change a
    # default value.
    
    Port XXXX #Changed MH
    #Protocol 2,1
    Protocol 2
    #AddressFamily any
    #ListenAddress 0.0.0.0
    #ListenAddress ::
    
    # HostKey for protocol version 1
    #HostKey /etc/ssh/ssh_host_key
    # HostKeys for protocol version 2
    #HostKey /etc/ssh/ssh_host_rsa_key
    #HostKey /etc/ssh/ssh_host_dsa_key
    
    # Lifetime and size of ephemeral version 1 server key
    #KeyRegenerationInterval 1h
    #ServerKeyBits 768
    
    # Logging
    # obsoletes QuietMode and FascistLogging
    #SyslogFacility AUTH
    SyslogFacility AUTHPRIV
    #LogLevel INFO
    
    # Authentication:
    
    #LoginGraceTime 2m
    #PermitRootLogin yes
    #StrictModes yes
    #MaxAuthTries 6
    
    #RSAAuthentication yes
    #PubkeyAuthentication yes
    #AuthorizedKeysFile	.ssh/authorized_keys
    
    # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
    #RhostsRSAAuthentication no
    # similar for protocol version 2
    #HostbasedAuthentication no
    # Change to yes if you don't trust ~/.ssh/known_hosts for
    # RhostsRSAAuthentication and HostbasedAuthentication
    #IgnoreUserKnownHosts no
    # Don't read the user's ~/.rhosts and ~/.shosts files
    #IgnoreRhosts yes
    
    # To disable tunneled clear text passwords, change to no here!
    #PasswordAuthentication yes
    #PermitEmptyPasswords no
    PasswordAuthentication	no
    
    # Change to no to disable s/key passwords
    #ChallengeResponseAuthentication yes
    ChallengeResponseAuthentication	no
    
    # Kerberos options
    #KerberosAuthentication no
    #KerberosOrLocalPasswd yes
    #KerberosTicketCleanup yes
    #KerberosGetAFSToken no
    
    # GSSAPI options
    #GSSAPIAuthentication no
    GSSAPIAuthentication yes
    #GSSAPICleanupCredentials yes
    GSSAPICleanupCredentials yes
    
    # Set this to 'yes' to enable PAM authentication, account processing, 
    # and session processing. If this is enabled, PAM authentication will 
    # be allowed through the ChallengeResponseAuthentication mechanism. 
    # Depending on your PAM configuration, this may bypass the setting of 
    # PasswordAuthentication, PermitEmptyPasswords, and 
    # "PermitRootLogin without-password". If you just want the PAM account and 
    # session checks to run without PAM authentication, then enable this but set 
    # ChallengeResponseAuthentication=no
    #UsePAM no
    UsePAM	yes
    
    # Accept locale-related environment variables
    AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES 
    AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT 
    AcceptEnv LC_IDENTIFICATION LC_ALL
    #AllowTcpForwarding yes
    #GatewayPorts no
    #X11Forwarding no
    X11Forwarding yes
    #X11DisplayOffset 10
    #X11UseLocalhost yes
    #PrintMotd yes
    #PrintLastLog yes
    #TCPKeepAlive yes
    #UseLogin no
    #UsePrivilegeSeparation yes
    #PermitUserEnvironment no
    #Compression delayed
    #ClientAliveInterval 0
    #ClientAliveCountMax 3
    #ShowPatchLevel no
    #UseDNS yes
    #PidFile /var/run/sshd.pid
    #MaxStartups 10
    #PermitTunnel no
    #ChrootDirectory none
    
    # no default banner path
    #Banner /some/path
    
    # override default of no subsystems
    Subsystem	sftp	/usr/libexec/openssh/sftp-server

  4. #4
    cPanel Staff cPanelTristan's Avatar
    Join Date
    Oct 2010
    Location
    somewhere over the rainbow
    Posts
    7,609
    cPanel/WHM Access Level

    Root Administrator

    Default Re: No Supported Authentication methods available when using SSH client

    Can you please run the following command when trying to log in as that user?

    Code:
    ssh username@servername -v
    The -v option provides verbose logging for the SSH command.
    cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
    -- Tristan, Technical Analyst III, Forums Specialist, cPanel Tech Support

    Submit a ticket | Check an existing ticket

  5. #5
    Registered Member
    Join Date
    Nov 2011
    Posts
    80
    cPanel/WHM Access Level

    Root Administrator

    Default Re: No Supported Authentication methods available when using SSH client

    After creating the second account "user", I can no longer log into either account so I can't run the code:

    Code:
    ssh username@servername -v
    I get the following error logging in:

    "Disconnected: No supported authentication methods avaliable (server sent: publickey, gssapi-with-mic)"

    Even restarting SSh doesn't help.
    The only way I can any SSH access is to delete all the SSH keys remake them.
    It seems that the action of creating the second key is causing the system to fail.

  6. #6
    cPanel Staff cPanelTristan's Avatar
    Join Date
    Oct 2010
    Location
    somewhere over the rainbow
    Posts
    7,609
    cPanel/WHM Access Level

    Root Administrator

    Default Re: No Supported Authentication methods available when using SSH client

    I don't understand how you would receive an SSH denied message yet be unable to run the command I indicated, which is the command to SSH itself. How precisely are you SSHing into the system if you are not using a command to do so?
    cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
    -- Tristan, Technical Analyst III, Forums Specialist, cPanel Tech Support

    Submit a ticket | Check an existing ticket

  7. #7
    Registered Member
    Join Date
    Nov 2011
    Posts
    80
    cPanel/WHM Access Level

    Root Administrator

    Default Re: No Supported Authentication methods available when using SSH client

    Tristan

    The problem has been that after I create the second user, SSH dies and I lose access altogether. However, today I was able to run your command:

    Code:
    ssh username@servername -v
    Here is the output:

    Code:
    /root$ ssh user@myserver -v
    OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
    Pseudo-terminal will not be allocated because stdin is not a terminal.
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Connecting to myserver [xxx.xxx.xxx.xxx] port 22.
    debug1: Connection established.
    debug1: permanently_set_uid: 0/0
    debug1: identity file /root/.ssh/identity type -1
    debug1: identity file /root/.ssh/id_rsa type -1
    debug1: identity file /root/.ssh/id_dsa type -1
    debug1: loaded 3 keys
    debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
    debug1: match: OpenSSH_4.3 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.3
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: read_passphrase: can't open /dev/tty: No such device or address
    Host key verification failed.
    Last edited by monkey64; 01-10-2012 at 02:41 AM.

  8. #8
    cPanel Staff cPanelTristan's Avatar
    Join Date
    Oct 2010
    Location
    somewhere over the rainbow
    Posts
    7,609
    cPanel/WHM Access Level

    Root Administrator

    Default Re: No Supported Authentication methods available when using SSH client

    Part of the issue might be this portion:

    Code:
    debug1: permanently_set_uid: 0/0
    It seems it is setting the uid to 0 which is root. It is also looking for the key on /root/.ssh location.
    cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
    -- Tristan, Technical Analyst III, Forums Specialist, cPanel Tech Support

    Submit a ticket | Check an existing ticket

Similar Threads

  1. no supported authentication methods available
    By incognio in forum New User Questions
    Replies: 3
    Last Post: 04-16-2010, 04:56 PM
  2. No Supported Authentication methods
    By pucker22 in forum cPanel & WHM Discussions
    Replies: 1
    Last Post: 11-27-2007, 05:37 PM
  3. Client Certificates for Authentication
    By noahnelson in forum New User Questions
    Replies: 3
    Last Post: 11-23-2007, 09:44 AM
  4. mySQL 4.1 client authentication
    By sHORTYWZ in forum cPanel & WHM Discussions
    Replies: 23
    Last Post: 07-20-2005, 01:07 PM
  5. Custom ssh port for CPanel SSH client
    By yaax in forum cPanel & WHM Discussions
    Replies: 13
    Last Post: 10-24-2004, 12:22 PM
bargain