Hello Jerrey, Thank you for taking out time to file a bug and making the Ubuntu server better.
It's a bit upsetting that you're hitting this bug. Can you share your entire conf, please? This would help me better analyze the problem and help me reproduce it. While at it, could you also help me provide steps to reproduce this easily? I can make out the issue but having straightforward steps written will help me debug this fast enough. That said, I found a link to stack exchange that might help: https://unix.stackexchange.com/questions/218034/disabling-ssh-password-authentication-does-not-work-on-my-debian-vps Let me know if it helps? Also, does restarting sshd help? I am marking this bug as "Incomplete" for now. Once you provide the necessary details, please mark it back to "New" and then we can take a look and help debug further. Thanks! :) ** Changed in: openssh (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1922212 Title: SSHD does not honor configuration files Status in openssh package in Ubuntu: Incomplete Bug description: I'm working on Ubuntu 20, x86_64, fully patched. # lsb_release -a Distributor ID: Ubuntu Description: Ubuntu 20.04.2 LTS ... We are seeing reports of failed password-based logins using root: jounralctl -xe ... Apr 01 09:08:21 localhost sshd[239302]: Failed password for root from 49.88.112.77 port 36206 ssh2 Apr 01 09:08:21 localhost sshd[239302]: Failed password for root from 49.88.112.77 port 36206 ssh2 ... There are three attempts every second or two (literally): # journalctl -xe | grep -i -c 'Failed password for root' 324 Our OpenSSH server is configured with both no-password based logins and no-root logins. # ls /etc/ssh/sshd_config.d/ 10_pubkey_auth.conf 20_disable_root_login.conf # cat /etc/ssh/sshd_config.d/10_pubkey_auth.conf # Disable passwords PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no # Enable public key PubkeyAuthentication yes # cat /etc/ssh/sshd_config.d/20_disable_root_login.conf PermitRootLogin no The config files are included last in our /etc/ssh/sshd_config file: # tail -n 3 /etc/ssh/sshd_config # For some reason OpenSSH does not include additional conf files by default. Include /etc/ssh/sshd_config.d/*.conf I dislike modifying /etc/ssh/sshd_config since it will be overwritten by the distro. With that said, I modified it without success. It really annoys me that we can't secure this service. Something looks very broken here. ----- # apt-cache show openssh-server Package: openssh-server Architecture: amd64 Version: 1:8.2p1-4ubuntu0.2 Multi-Arch: foreign Priority: optional Section: net Source: openssh Origin: Ubuntu Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Original-Maintainer: Debian OpenSSH Maintainers <debian-...@lists.debian.org> Bugs: https://bugs.launchpad.net/ubuntu/+filebug To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1922212/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
