When creating a user in the Security Analytics GUI, the user is not able to log in via SSH even though the user has full rights to log in via SSH. When looking at the /var/log/messages file, the following error messages can be seen:
sshd[XXXXX]: input_userauth_request; invalid user username
sshd[XXXXX]: pam_succeed_if(sshd:auth): requirement "user notingroup otp_users" was met by user "username"
sshd[XXXXX]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=x.x.x.x user=username
sshd[XXXXX]: Failed password fo rinvalid user username from x.x.x.x port XXXXX ssh2
RADIUS authentication is enabled and the user is missing 'solera' as their primary group. You can see what the primary group is by going to the CLI and running the following command:
Typical output should be:
username : solera
If the primary group shows something like 'capture' instead, SSH login will fail.
Disable RADIUS authentication from the Settings > Authentication page and then try to create the user again.
This is a problem in version of Security Analytics 7.1.6 and earlier. This has been resolved in Security Analytics version 7.1.7.