Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[MX] Unable to log in as root using SSH

0

0

Article ID: KB37542 KB Last Updated: 11 Oct 2021Version: 1.0
Summary:

Users may find that they are unable to log in as the root user on MX Series devices. This article recommends checking whether the root user has been denied SSH access in the device configuration before troubleshooting further.

Symptoms:

The root user login is not working. The following logs are seen:

Sep 18 13:48:10.039  JUNIPER_DEVICE  login: Login attempt for user root from host [unknown]
Sep 18 13:48:13.314  JUNIPER_DEVICE  : LOGIN_PAM_AUTHENTICATION_ERROR: Failed password for user root
Sep 18 13:48:13.314 JUNIPER_DEVICE  : LOGIN_FAILED: Login failed for user root from host ttyu0
Sep 18 13:48:16.251  JUNIPER_DEVICE  : Login attempt for user root from host [unknown]
Sep 18 13:48:18.302  JUNIPER_DEVICE  : LOGIN_PAM_AUTHENTICATION_ERROR: Failed password for user root
Sep 18 13:48:18.302  JUNIPER_DEVICE  ]: LOGIN_FAILED: Login failed for user root from host ttyu0
Cause:

One of the reasons for the above problem may be configuration restriction for the root user from outside of the router/switch/firewall.

Solution:

Some customers might have the following configuration, which restricts SSH for the root user. However, admins should be able to log in as the root user to the router shell directly than trying from a remote device.

  1. Check whether the following configuration exists in your device, which restricts the root user from using the SSH service.

services {
        ssh {
            root-login deny;
            
        }
  1. Check for the following message logs in the device if you cannot view a specific configuration due to your login profile view permissions.

Sep 18 13:48:10.039  JUNIPER_DEVICE  login: Login attempt for user root from host [unknown]
Sep 18 13:48:13.314  JUNIPER_DEVICE  : LOGIN_PAM_AUTHENTICATION_ERROR: Failed password for user root
Sep 18 13:48:13.314 JUNIPER_DEVICE  : LOGIN_FAILED: Login failed for user root from host ttyu0
Sep 18 13:48:16.251  JUNIPER_DEVICE  : Login attempt for user root from host [unknown]
Sep 18 13:48:18.302  JUNIPER_DEVICE  : LOGIN_PAM_AUTHENTICATION_ERROR: Failed password for user root
Sep 18 13:48:18.302  JUNIPER_DEVICE  ]: LOGIN_FAILED: Login failed for user root from host ttyu0
  1. If the problem is due to root-login being set to deny, perform the following to allow the connection:

set system services ssh root-login ?
Possible completions:
  allow                Allow root access via ssh
  deny                 Do not allow root access via ssh

If you find that the root-login deny configuration is not the cause for this problem, the event would need further investigation. Contact Support for troubleshooting further.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search