sshpiper not showing DeniedGroup Banner
We ran the role in rabbitmq_agents#164 to add ssh denied groups to gpfs5 login node for hold and certification state but the message is not showing while connecting via sshpiper.
Designs
- rabbitmq_agents #164
Activity
added Backlog label
marked this issue as related to rabbitmq_agents#164
The author have a workaround in the issue: https://github.com/tg123/sshpiper/issues/532
added Sprint 25-06 label and removed Backlog label
assigned to @atlurie
-
The latest PR tg123/sshpiper#548 enable this, tested build in my dev cluster. But seems like it will retry until fail2ban kicks in:
# The user is in hold state $ ssh -l diedpigs@gmail.com 138.26.49.27 Your account is currently on hold.\n Please reach out to administrator to clear your account.\n Your account has expired; please contact your system administrator account expired 2 days ago Your account is currently on hold.\n Please reach out to administrator to clear your account.\n Your account has expired; please contact your system administrator account expired 2 days ago Your account is currently on hold.\n Please reach out to administrator to clear your account.\n Your account has expired; please contact your system administrator account expired 2 days ago Your account is currently on hold.\n Please reach out to administrator to clear your account.\n Your account has expired; please contact your system administrator account expired 2 days ago Your account is currently on hold.\n Please reach out to administrator to clear your account.\n Your account has expired; please contact your system administrator account expired 2 days ago Your account is currently on hold.\n Please reach out to administrator to clear your account.\n Your account has expired; please contact your system administrator account expired 2 days ago Your account is currently on hold.\n Please reach out to administrator to clear your account.\n Your account has expired; please contact your system administrator account expired 2 days ago diedpigs@gmail.com@138.26.49.27: Permission denied (publickey). $ ssh -l diedpigs@gmail.com 138.26.49.27 Connection closed by 138.26.49.27 port 22 # Change the user to certification state $ ssh -l diedpigs@gmail.com 138.26.49.27 Account certification is required.\n Please reach out to administrator to clear your account.\n Account certification is required.\n Please reach out to administrator to clear your account.\n Account certification is required.\n Please reach out to administrator to clear your account.\n Account certification is required.\n Please reach out to administrator to clear your account.\n Account certification is required.\n Please reach out to administrator to clear your account.\n Account certification is required.\n Please reach out to administrator to clear your account.\n Account certification is required.\n Please reach out to administrator to clear your account.\n diedpigs@gmail.com@138.26.49.27: Permission denied (publickey).Edited by Bo-Chun Chen added Sprint 25-07 label and removed Sprint 25-06 label
added Sprint 25-08 label and removed Sprint 25-07 label
added Sprint 25-09 label and removed Sprint 25-08 label
added Sprint 25-10 label and removed Sprint 25-09 label