In reply to rockxk:
>Yup, the password is being rejected... (have tried retyping it obvs)
>Dec 10 17:10:55 localhost sshd[24367]: Failed password for root from x.x.x.x port 40932 ssh2
I've just tried logging into one of my boxes as root, when I know that sshd disallows it, and get the same message as you.
# grep -i root /etc/ssh/sshd_config
PermitRootLogin no
/var/log/secure
unix_chkpwd[4122]: password check failed for user (root)
...
sshd[4113]: Failed password for root from x.x.x.x port 50177 ssh2
When I try to log in as a user with the wrong passwd I get
Failed password for ...
When I try logging in as a user with the correct password, but /bin/false as a shell it, accepts the password, then kicks me out.
Accepted password for ...
...
pam_unix(sshd:session): session closed for user ...
When you say:
>there is an open ssh session as root and to confirm: PermitRootLogin yes
How are you seeing that? Is that by typing: who or w ?
Also if you just changed the PermitRootLogin line, you need to restart sshd, with: service sshd restart.
Restarting ssh wont drop your session.
You might want to check selinux config
cat /etc/selinux/config
You're looking for the SELINUX= bit. If it says enforcing, then you may need to disable selinux, which you can do as root with:
echo 0 >/selinux/enforce
Depending on if you can gain physical access to the box, you can always reset the root passwd at boot time. Might be an issue if it's on the other side of the world though ...