How do I determine the cause of an SSH error?


I've done a bit of searching and I cannot determine the cause of the following error:

Nov  5 00:31:05 www sshd[1707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=  user=r
Nov  5 00:31:07 www sshd[1705]: error: PAM: Authentication failure for root from

I have searched in the SSHD and PAM config files and I cannot determine what is preventing me from logging in to my linode server besides using the lish console. It does not matter which user I attempt to login with as the results are the same. Does anyone how I can go about resolving this? Thank you for your time.

5 Replies

Try ssh in verbose mode, and see what errors turn up:

ssh -v hostname

Is this a default configuration, or have you recently edited some files (e.g. sshd_config) ? Without wanting to state the obvious, are you sure you're allowing (or even want to allow) root to log in directly via ssh ?

Thank you for your response.

Here is the output:

OpenSSH_5.2p1, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to [] port 22.
debug1: Connection established.
debug1: identity file /Users/tavella/.ssh/identity type -1
debug1: identity file /Users/tavella/.ssh/id_rsa type -1
debug1: identity file /Users/tavella/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_5.1p1 Debian-8
debug1: match: OpenSSH_5.1p1 Debian-8 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '' is known and matches the RSA host key.
debug1: Found key in /Users/tavella/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/tavella/.ssh/identity
debug1: Trying private key: /Users/tavella/.ssh/id_rsa
debug1: Trying private key: /Users/tavella/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive

Am I missing the ssh keys or something to that effect on this computer? I've been using Windows and Putty until recently as I purchased a Mac and I'm using terminal to try and ssh.

I also have my hosts.allow and hosts.deny file pretty well secured. I'm sure someone in my area could possibly try to obtain access but the root access is only open while I try and remove a few gigs of pictures using scp.

Yes, it loooks like your local ssh client cannot find any usable keys on your mac. Do you have them in a directory named .ssh/ within your home directory ?

The directory and private keys should be read/writable only by yourself, incidentally, if you're about to copy them in…

I've never used the keys before since I guess Putty automated the process. The keys are not in the home directories on my linode box. I'll research key generation and get them on my Mac one way or another. Thank you for your help.

Odd. Looks like ssh can't find the key on your mac, and isn't trying password auth. It sounds like you haven't used keys before (if you haven't had to generate them, which would have required a bit of work if using putty on windows), and password authentication is disabled on your linode (if it is skipping this and going straight to keyboard-interactive).

How were you wanting to log in ?

You may also want to paste your sshd_config.


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct