-
Title
Access denied when connecting through SSH using Authentication Services -
Description
Trying to login with Active Directory QAS client through ssh or putty and getting access denied. Can connect su - <username> and then entering the password.
-
Cause
Pam was not configured in sshd_config
-
Resolution
1. Ensure that the SSH version you are running is compiled with PAM:
ldd /usr/local/sbin/sshd | grep -i pam
2. Ensure that the configuration file is set to use PAM.In your sshd_config file ensure the following options are set (depending on the version of SSH):
UsePAM yes
ChallengeResponseAuthentication yes
UsePrivilegeSeparation no
* you must restart sshd if the sshd_config was changed
3. Make sure that the user is Unix-enabled
4. Verify PAM configuration files /etc/pam.conf or /etc/pam.d/ includes pam_vas for the sshd service.5. Test restart of sshd fixes the auth issue if happening for multiple accounts.