User created via the GUI cannot log in via SSH on Security Analytics
Article ID: 168580
When creating a user in the Security Analytics GUI, the user is not able to log in via SSH even though the user has full rights to log in via SSH. When looking at the /var/log/messages file, the following error messages can be seen:
sshd[XXXXX]: input_userauth_request; invalid user username sshd[XXXXX]: pam_succeed_if(sshd:auth): requirement "user notingroup otp_users" was met by user "username" sshd[XXXXX]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=x.x.x.x user=username sshd[XXXXX]: Failed password fo rinvalid user username from x.x.x.x port XXXXX ssh2
RADIUS authentication is enabled and the user is missing 'solera' as their primary group. You can see what the primary group is by going to the CLI and running the following command:
Typical output should be:
username : solera
If the primary group shows something like 'capture' instead, SSH login will fail.
Disable RADIUS authentication from the Settings > Authentication page and then try to create the user again.
This is a problem in version of Security Analytics 7.1.6 and earlier. This has been resolved in Security Analytics version 7.1.7.
Disable RADIUS authentication temporarily while you create the user.