SSH Too many authentication failures
When i ssh into a server, i get following error
|
1 2 3 |
Received disconnect from 14.18.58.78: 2: Too many authentication failures root@lab:~# |
I checked server log (/var/log/auth.log) and found following
|
1 2 |
Nov 13 19:06:42 lab sshd[32030]: error: maximum authentication attempts exceeded for root from 188.40.131.92 port 52956 ssh2 [preauth] Nov 13 19:06:42 lab sshd[32030]: Disconnecting: Too many authentication failures [preauth] |
This error happens when you have several SSH keys. When you try to connect to remote server, ssh client try to autenticate to remote server using SSH keys present on your computer. If you have several keys, ssh client make that much login attempts if the keys are valid for remote server you are trying to login.
ssh server deamon have a settings MaxAuthTries. Default value for this settings is 6. If number of invalid login attempt exceeds the value of MaxAuthTries, you will get above error.
You can see all SSH keys on your computer with
|
1 |
ssh-add -l |
If you have many keys, consider removing some of the keys from agent using ssh-add command.
To fix this error edit file
|
1 |
vi /etc/ssh/sshd_config |
Check if the file have entry for MaxAuthTries, if yes, increase its value. If no entry present in the server add it.
|
1 |
MaxAuthTries 8 |
Restart sshd service.
|
1 |
systemctl restart sshd |
You can see how many login attemts you make using ssh -v option (verbose).
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 debug1: Reading configuration data /root/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 174.138.58.78 [174.138.58.78] port 3333. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/identity-cert type -1 debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-sha1 none debug1: kex: client->server aes128-ctr hmac-sha1 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '[174.138.58.78]:3333' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:139 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering public key: /home/boby/.ssh/id_rsa debug1: Authentications that can continue: publickey,password debug1: Offering public key: boby@hon-pc-01 debug1: Authentications that can continue: publickey,password debug1: Offering public key: redbridgefinance-mumbai debug1: Authentications that can continue: publickey,password debug1: Offering public key: aws-eb debug1: Authentications that can continue: publickey,password debug1: Offering public key: aws-austin-boby debug1: Authentications that can continue: publickey,password debug1: Trying private key: /root/.ssh/identity debug1: Offering public key: /root/.ssh/id_rsa Received disconnect from 174.138.58.78: 2: Too many authentication failures root@server12:~# |
See SSH