@eris,
I tried to login with winscp…
It didn’t work at first time. Please see below the /var/log/auth.log
Jul 9 23:02:40 onlycp sshd[20986]: User admin from X.X.X.X not allowed because none of user's groups are listed in AllowGroups
Jul 9 23:02:40 onlycp sshd[20986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.116.102.90 user=admin
Jul 9 23:02:42 onlycp sshd[20986]: Failed password for invalid user admin from X.X.X.X port 51053 ssh2
Jul 9 23:03:06 onlycp sshd[20986]: Failed password for invalid user admin from X.X.X.X port 51053 ssh2
Jul 9 23:03:11 onlycp sshd[20986]: Connection closed by invalid user admin X.X.X.X port 51053 [preauth]
Jul 9 23:03:11 onlycp sshd[20986]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=X.X.X.X user=admin
Jul 9 23:04:01 onlycp CRON[21000]: pam_unix(cron:session): session opened for user admin by (uid=0)
Jul 9 23:04:01 onlycp sudo: pam_unix(sudo:session): session opened for user root by (uid=0)
Jul 9 23:04:01 onlycp sudo: pam_unix(sudo:session): session closed for user root
Jul 9 23:04:01 onlycp CRON[21000]: pam_unix(cron:session): session closed for user admin
I believe the login on 23:04:01 was by HestiaCP ? !
Any advice ?
This is my setting in /etc/ssh/sshd_config:
AllowGroups sshusers
So I disabled this setting and was able to login. I was able to use FM since it is working now !
Jul 9 23:13:54 onlycp sshd[21865]: Accepted password for admin from X.X.X.X port 51231 ssh2
Jul 9 23:13:54 onlycp sshd[21865]: pam_unix(sshd:session): session opened for user admin by (uid=0)
Jul 9 23:13:54 onlycp systemd-logind[406]: New session 46 of user admin.
So some settings of /etc/ssh/sshd_config could be the reason for any problem.
These are my additional settings on my live server I always use:
AllowGroups sshusers
PermitRootLogin no
Port XXXXX
PasswordAuthentication no
I don’t want to miss them if possible.
Hope it helps to find a working solution for all. Thank you !
Small additional info:
I guess due to setting PasswordAuthentication no I won’t be able to use FM, either, right ?
