Looking for some ideas on this weird problem.  I have a single profile (my profile actually) that fails logging in with its password via SSH.  This happens only on one of our partitions.  We have another partition that the same userid/password works fine to log in via SSH.

Has anyone experienced such an issue?

Thanks, Scott

Looking for some ideas on this weird problem.  I have a single profile (my profile actually) that fails logging in with its password via SSH.  This happens only on one of our partitions.  We have another partition that the same userid/password works fine to log in via SSH.

Has anyone experienced such an issue?

Thanks, Scott

Looking for some ideas on this weird problem.  I have a single profile (my profile actually) that fails logging in with its password via SSH.  This happens only on one of our partitions.  We have another partition that the same userid/password works fine to log in via SSH.

Has anyone experienced such an issue?

Thanks, Scott

Thanks Andreu and James - your advice to start a separate sshd in debug mode is what ultimately led me to the real problem.

It turned out not to be permissions on ~/.ssh or authorized_keys, and not an sshd_config restriction. The debug output showed:

User <profile> not allowed because shell /QOpenSys/QIBM/ProdData/OPS/tools/bin/bash does not existFailed password for invalid user ...

So sshd was rejecting the profile itself because the PASE shell path stored for that user pointed to an old 5733-OPS bash executable that no longer exists on that LPAR. I'm not sure how it got set like that.  It was the only profile on the LPAR that had such a path set.

I confirmed it with:

SELECT AUTHORIZATION_NAME, PASE_SHELL_PATHFROM QSYS2.USER_INFO;

and fixed it by updating the shell to a valid one:

CALL QSYS2.SET_PASE_SHELL_INFO(    '<USER>',    '/QOpenSys/pkgs/bin/bash');

After correcting the shell path, the user could authenticate normally and VS Code's Code for IBM i extension also worked again.

Thanks again, Scott

------------------------------
Scott Schollenberger

Original Message:
Sent: Wed December 03, 2025 11:12 AM
From: Scott Schollenberger
Subject: SSH sign-on fails with "Access denied" for a single profile when others work fine

Looking for some ideas on this weird problem.  I have a single profile (my profile actually) that fails logging in with its password via SSH.  This happens only on one of our partitions.  We have another partition that the same userid/password works fine to log in via SSH.

Has anyone experienced such an issue?

Thanks, Scott

------------------------------
Scott Schollenberger
------------------------------

For further reference: https://ibmi-oss-docs.readthedocs.io/en/latest/troubleshooting/SETTING_BASH.html.

------------------------------
Sylvain Manceau
Blue

Original Message:
Sent: Wed December 03, 2025 04:08 PM
From: Scott Schollenberger
Subject: SSH sign-on fails with "Access denied" for a single profile when others work fine

Thanks Andreu and James - your advice to start a separate sshd in debug mode is what ultimately led me to the real problem.

It turned out not to be permissions on ~/.ssh or authorized_keys, and not an sshd_config restriction. The debug output showed:

User <profile> not allowed because shell /QOpenSys/QIBM/ProdData/OPS/tools/bin/bash does not existFailed password for invalid user ...

So sshd was rejecting the profile itself because the PASE shell path stored for that user pointed to an old 5733-OPS bash executable that no longer exists on that LPAR. I'm not sure how it got set like that.  It was the only profile on the LPAR that had such a path set.

I confirmed it with:

SELECT AUTHORIZATION_NAME, PASE_SHELL_PATHFROM QSYS2.USER_INFO;

and fixed it by updating the shell to a valid one:

CALL QSYS2.SET_PASE_SHELL_INFO(    '<USER>',    '/QOpenSys/pkgs/bin/bash');

After correcting the shell path, the user could authenticate normally and VS Code's Code for IBM i extension also worked again.

Thanks again, Scott

------------------------------
Scott Schollenberger

Original Message:
Sent: Wed December 03, 2025 11:12 AM
From: Scott Schollenberger
Subject: SSH sign-on fails with "Access denied" for a single profile when others work fine

Looking for some ideas on this weird problem.  I have a single profile (my profile actually) that fails logging in with its password via SSH.  This happens only on one of our partitions.  We have another partition that the same userid/password works fine to log in via SSH.

Has anyone experienced such an issue?

Thanks, Scott

------------------------------
Scott Schollenberger
------------------------------