SSL installation
I install the Godaddy certificate in my Linode server. I facing this type of error. And apache web server shutdown with an error.
Mar 30 11:09:31 dbadmin.highintent.io sshd[15959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root
Mar 30 11:09:31 dbadmin.highintent.io sshd[15959]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root"
Mar 30 11:09:33 dbadmin.highintent.io sshd[15959]: Failed password for root from 222.186.180.142 port 27860 ssh2
Mar 30 11:09:33 dbadmin.highintent.io sshd[15959]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root"
Mar 30 11:09:35 dbadmin.highintent.io sshd[15959]: Failed password for root from 222.186.180.142 port 27860 ssh2
Mar 30 11:09:35 dbadmin.highintent.io sshd[15959]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root"
Mar 30 11:09:37 dbadmin.highintent.io sshd[15959]: Failed password for root from 222.186.180.142 port 27860 ssh2
Mar 30 11:09:37 dbadmin.highintent.io sshd[15959]: Received disconnect from 222.186.180.142 port 27860:11: [preauth]
Mar 30 11:09:37 dbadmin.highintent.io sshd[15959]: Disconnected from 222.186.180.142 port 27860 [preauth]
Mar 30 11:09:37 dbadmin.highintent.io sshd[15959]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root
Mar 30 11:09:51 dbadmin.highintent.io polkitd[651]: Registered Authentication Agent for unix-process:15962:1795126 (system bus name :1.750 [/usr/bin/pkttyagent --notify
Mar 30 11:09:51 dbadmin.highintent.io systemd[1]: Stopping The Apache HTTP Server…
-- Subject: Unit httpd.service has begun shutting down
2 Replies
ssh(1) does not use SSL certificates. ssh(1) uses it's own keys:
https://www.howtogeek.com/424510/how-to-create-and-install-ssh-keys-from-the-linux-shell/
-- sw
P.S. Depending on how your sshd(1) daemon is configured, it may disallow remote logins for root. Consult /etc/ssh/sshd_config. The relevant option is
PermitRootLogin no
If it's commented out, uncomment it and set it to yes. If you don't have it, add it and set it to yes (the default is no).
Once you're done doing what you need to do, you should set it back to no. Having it set to yes is a security hole big enough to drive an Abrams tank through. Don't forget to restart sshd(1) after you change this.