User modify failed Cannot modify user on this node: Authentication by ssh key failed

1. The error 'User modify failed Cannot modify user on this node: Authentication by ssh key failed' would occur when the ezeelogin installed node has its public key missing in /root/.ssh/authorized_keys. To add the key, execute the following command

cat /usr/local/etc/ezlogin/id_clkey.pub >> /root/.ssh/authorized_keys

Check if the key is back in the file.

cat /root/.ssh/authorized_keys

2. Also, make sure that the port sshd is listening on the servers is given as the gateway port in Settings->General->Miscellaneous->Gateway SSH port

3. Also, make sure PubkeyAuthentication is set to 'YES' in you sshd_config (sshd configuration) file. In Centos/RHEL/Fedora it would be

vi /etc/ssh/sshd_config

#set PubkeyAuthentication to yes

PubkeyAuthentication yes

service sshd restart

3. Also, make sure root login is permitted on the gateway server.

You can check this by doing

ssh root@localhost

and it should log you in else edit /etc/ssh/sshd_config and set  PermitRootLogin yes

vi /etc/ssh/sshd_config

#Add the following lines to the end of  /etc/ssh/sshd_config to allow root login from localhost only

 Match Address 127.0.0.1

 PermitRootLogin yes

 service sshd restart

and make sure you are able to authenticate with the the command
ssh root@localhost
Make sure you are able to login after entering the password.
4. Also, make sure that the webuser(apache,nobody.etc) that the webserver(apache/nginx) runs as is able to read the keys in the dir /usr/local/etc/ezlogin.
  Make sure to grant the read privileges to

chmod o+r /usr/local/etc/ezlogin/id_clkey
chmod o+r /usr/local/etc/ezlogin/id_clkey.pub
or
usermod -G <current_groupname_of_id_clkey_files> <webserver_user>

5. Check the log file /var/log/secure

       tail  /var/log/secure

 

0 (0)
Article Rating (No Votes)
Rate this article
    Attached Files
    There are no attachments for this article.