Enabling SSH for cPanel Account Not Working

the_Dsigner

Well-Known Member
Jan 2, 2014
48
1
8
Montreal, Canada
cPanel Access Level
Website Owner
I have a dedicated server running CentOS 6.9 with WHM 70.0.48.

So I have tried to get the SSH to work awhile ago for one of my Cpanel accounts with no luck and gave up. I once gain tried this afternoon and again after many hours the same result..."Server has refused your key".

I"m not sure what i'm doing wrong. I have read the WHM faq section, blog posts, and yt how-to vids. I have gone into my WHM and verified SSH is turned on under accounts, and set to normal SSH.

I create a new public/private key in the Cpanel account in question. Key has been authorized, I convert the public key to ppk format for use in putty, download key. In putty I load the key in the SSH/Auth section. I have tried a combination of using the:

  1. Server IP that I use for SSH root to the WHM (which works fine) then logging in under the cpanel username. Not accepted.
  2. Cpanel domain with the auto-login in the Connection/Data tab of putty as the account username. Not accepted.
  3. Tried creating a key with PuttyGen then importing into Cpanel SSH. Not accepted.
I can SSH with putty into the WHM as root, but for an individual Cpanel account I can't get it working. What am I doing wrong here?

Thanks
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,227
463
Hello @the_Dsigner,

Can you monitor the /var/log/secure log file when you attempt to login as the individual user via SSH and let us know the output? EX:

Code:
tail -f /var/log/secure
Ensure to replace any identifying information with examples.

Thank you.
 

the_Dsigner

Well-Known Member
Jan 2, 2014
48
1
8
Montreal, Canada
cPanel Access Level
Website Owner
ok took a look in the log and found this after doing another attempt...

Jun 7 14:54:51 ADMIN01 sshd[14301]: User USER01 from 196.000.00.00 not allowed because not listed in AllowUsers
Jun 7 14:54:51 ADMIN01 sshd[14302]: input_userauth_request: invalid user USER01
 

Jcats

Well-Known Member
PartnerNOC
May 25, 2011
806
156
168
New Jersey
cPanel Access Level
DataCenter Provider
Seems like you are using

AllowUsers in ssh

Code:
grep -i AllowUsers /etc/ssh/sshd_config
You will want to add that range like so

Code:
*@196.0.0.0/8
just add it to the end of the

AllowUsers line separating it from the previous CIDR with a space.

Also.. *@196.0.0.0/8 allows that entire range, so you may want to specify a smaller range or just define the actual IP address.

Once done restart ssh:

Code:
/scripts/restartsrv_sshd
 

Jcats

Well-Known Member
PartnerNOC
May 25, 2011
806
156
168
New Jersey
cPanel Access Level
DataCenter Provider
Nope, that is not a default option, its not even mentioned in the config by default.

If you don't need/want it, just comment it out but comment out similar lines as well like

DenyUsers, AllowUsers, DenyGroups, AllowGroups
 
  • Like
Reactions: the_Dsigner

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,227
463
Just took a look in my CentOS directory and there is only the ssh_config file, no sshd_config file in /ect/ssh/
Hello @the_Dsigner,

The /etc/sshd_config file should exist. Are you logged in via SSH as root when browsing to the /etc/ directory?

Thank you.