User created via the GUI cannot log in via SSH on Security Analytics
book
Article ID: 168580
calendar_today
Updated On:
Products
Security Analytics
Issue/Introduction
When creating a user in the Security Analytics GUI, the user is not able to log in via SSH even though the user has full rights to log in via SSH. When looking at the /var/log/messages file, the following error messages can be seen:
sshd[XXXXX]: input_userauth_request; invalid user username sshd[XXXXX]: pam_succeed_if(sshd:auth): requirement "user notingroup otp_users" was met by user "username" sshd[XXXXX]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=##.##.##.## user=username sshd[XXXXX]: Failed password for invalid user username from ##.##.##.## port XXXXX ssh2
Cause
RADIUS authentication is enabled and the user is missing 'solera' as their primary group. You can see what the primary group is by going to the CLI and running the following command:
groups username
Typical output should be:
username : solera
If the primary group shows something like 'capture' instead, SSH login will fail.
Resolution
Disable RADIUS authentication from the Settings > Authentication page and then try to create the user again.
This is a problem in version of Security Analytics 7.1.6 and earlier. This has been resolved in Security Analytics version 7.1.7.
Workaround
Disable RADIUS authentication temporarily while you create the user.