Troubleshooting - Remote Access
Overview
Access to the department’s computing systems relies on Active Directory, which uses the same credentials (user ids and passwords) that are used by faculty and students to access other Rhodes systems (via OneLogin). In most cases, login issues are the result of incorrect user ids and passwords. However, configuration issues can occasionally occur that require the intervention of a system administrator.
This guide is intended to assist students and faculty in working through remote access issues.
Suggestions for Students
Password Authentication Failures
If you were prompted by your remote login program (for example, SSH) to enter a password and it returned an error message saying “Permission Denied” then the following steps may help you resolve your remote access issue.
Check Your User Id
The user id you need to use for remote access to the CS computing servers is the same as your email id. For example, if your email address is abcde-27@rhodes.edu, then your user id will be abcde-27.
Check Your Password
Many of the utilities (such as SSH) that we use to access the CS computing servers remotely do not display (echo) our passwords on our screens when we type them. While this is a best practice for security reasons, it can make typing our passwords correctly much more difficult because we do not receive any feedback as we type. For this reason, it is important that you type your password slowly and carefully when prompted.
If you have failed to login to the remote system several time, try typing your password into a text editor and then copy-paste your password into your terminal when prompted.
When doing this, make sure that you are not in a public location where your password might be compromised.
Check the Remote Server’s Hostname/IP Address
Verify that you are trying to access the correct remote computing system. Your instructor should have given you a hostname (e.g., cslogin.arc.rhodes.edu). Make sure you are typing this correctly when issuing your command.
Reset Your OneLogin Password and Retry Login
If you feel certain that you are typing your password correctly, you may want to reset your OneLogin password and try again with the new value. This will help rule out the possibility that you are using the incorrect password.
Contact Your Course Instructor
If you have tried all of the above and are still unable to access the remote server, then you may need to contact your instructor for help.
Provide screenshots that demonstrate your login issues, and clearly state what you have already tried to resolve the issue yourself.
Suggestions for Faculty
Password Authentication Failures
If you have been contacted by a student that is reporting password authentication issues, you can take the following steps to help determine the root cause. Note that many of the commands suggested below require privileged access (e.g., sudo access) to those remote servers.
Verify User ID Exists
To check that the student’s userid is recognized on a remote Linux server, you can execute the following command from your shell (replacing <userid>
with the userid of the student in question).
getent passwd <userid>
If successful, you should see something like the following:
userid:*:26999:2001:LastName_FirstName:/home/userid:/usr/bin/zsh
If nothing is returned after executing this command, then that user’s userid may not be configured properly for Active Directory authentication.
Additional Information about User’s Authentication Configuration [Sudo Access Required]
To gather additional information about a student’s authentication configuration, you can execute the following command from your shell (replacing <userid>
with the userid of the student in question).
sudo sssctl user-checks <userid>
If the user’s account is not configured properly for Active Directory authentication, then you may see something like this:
user: userid
action: acct
service: system-auth
sss_getpwnam_r failed with [0].
User name lookup with [userid] failed.
InfoPipe User lookup with [userid] failed.
testing pam_acct_mgmt
pam_acct_mgmt: Authentication failure
Check the System Logs [Sudo Access Required]
Finally, you can check the system’s authentication logs.
sudo grep userid /var/log/auth.log
For example, if the user’s userid is not recognized by the system, you may see something like the following:
On the other hand, if the student’s userid is recognized, but the password given by the student was invalid, you may see something like the following:
Contact Technical Support
If you’ve taken the above steps and you believe that a user’s account has not been setup properly, then you should create a new helpdesk ticket (send an email to help@rhodes.edu) requesting that the user’s account be configured for Active Directory authentication from the remote server in question.