tencent cloud

All product documents
Cloud Virtual Machine
DocumentationCloud Virtual MachineTroubleshootingInstance-Related FailuresLinux Instance Login FailuresVNC or SSH Login Error (Permission Denied)
VNC or SSH Login Error (Permission Denied)
Download PDF
Last updated: 2024-01-06 17:32:18
VNC or SSH Login Error (Permission Denied)
Last updated: 2024-01-06 17:32:18
Download PDF

Error Description

The error message “Permission denied” is reported when I log in using VNC or SSH key.
The VNC login error is shown below:


The SSH login error is shown below:



Possible Reasons

Using the VNC or SSH login will call system-auth for authentication if this module is configured in the /etc/pam.d/login configuration file. By default, the system-auth module introduces the pam_limits.so module. The default system-auth configuration is as shown below:

The pam_limits.so module is mainly used to limit the use of system resources during the user session. Its default configuration file /etc/security/limits.conf specifies the maximum number of files, the maximum number of threads, the maximum memory and other resources that a user can use. See the table below for details.
Parameter
Description
soft nofile
The maximum number of open file descriptors (soft limit)
hard nofile
The maximum number of open file descriptors (hard limit), which cannot be exceeded.
fs.file-max
The maximum number of open file handles (struct file in the kernel) at the system level.
fs.nr_open
The maximum number of file descriptors (fd) assigned to a process
The login failure may be caused by incorrect configurations of the maximum number of open file descriptors for the root account in the /etc/security/limits.conf configuration file. The set value of soft nofile should be no more than hard nofile, and hard nofile should be no more than fs.nr_open.

Solutions

Perform the troubleshooting procedure to correct the relationship configurations of soft nofile, hard nofile and fs.nr_open.

Troubleshooting Procedure

If login succeeded, proceed to the next step.
If login failed, use single user mode.For more information, see Booting into Linux Single User Mode.
2. Check whether the set values meet the relationship soft nofile ≤ hard nofile ≤ fs.nr_open.
Run the following command to obtain the values of soft nofile and hard nofile.
/etc/security/limits.conf
In this example, their values are 3000001 and 3000002 respectively, as shown below.


Run the following command to check the fs.nr_open value.
sysctl -a 2>/dev/null | grep -Ei "file-max|nr_open"
In this example, its value is 1048576, as shown below.


3. Edit the /etc/security/limits.conf file to add or modify the following configurations at the end of the file.
root soft nofile: 100001
root hard nofile: 100002
4. Edit the /etc/sysctl.conf file to add or modify the following configurations at the end of the file.
Note:
This step is optional when the relationship soft nofile ≤ hard nofile ≤ fs.nr_open is met. Perform this step to increase the system limit.
fs.file-max = 2000000
fs.nr_open = 2000000
5. Run the following command for the configuration to take effect immediately. Then you can log in normally.
sysctl -p

Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback

Contact Us

Contact our sales team or business advisors to help your business.

Contact Us
Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

Submit a Ticket
7x24 Phone Support
Hong Kong, China
+852 800 906 020 (Toll Free)
United States
+1 844 606 0804 (Toll Free)
United Kingdom
+44 808 196 4551 (Toll Free)
Canada
+1 888 605 7930 (Toll Free)
Australia
+61 1300 986 386 (Toll Free)
EdgeOne hotline
+852 300 80699
More local hotlines coming soon