User created via the GUI cannot log in via SSH on Security Analytics

book

Article ID: 168580

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

When creating a user in the Security Analytics GUI, the user is not able to log in via SSH even though the user has full rights to log in via SSH.  When looking at the /var/log/messages file, the following error messages can be seen:

sshd[XXXXX]: input_userauth_request; invalid user username
sshd[XXXXX]: pam_succeed_if(sshd:auth): requirement "user notingroup otp_users" was met by user "username"
sshd[XXXXX]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=x.x.x.x user=username
sshd[XXXXX]: Failed password fo rinvalid user username from x.x.x.x port XXXXX ssh2


 

Cause

RADIUS authentication is enabled and the user is missing 'solera' as their primary group.  You can see what the primary group is by going to the CLI and running the following command:

groups username

Typical output should be:

username : solera

If the primary group shows something like 'capture' instead, SSH login will fail.

Resolution

Disable RADIUS authentication from the Settings > Authentication page and then try to create the user again.

This is a problem in version of Security Analytics 7.1.6 and earlier.  This has been resolved in Security Analytics version 7.1.7.

Workaround

Disable RADIUS authentication temporarily while you create the user.