The Problem
On one of our CloudLinux servers (bdvip1), we encountered a strange SSH issue:
-
Root password was correct.
-
sshd_confighadPasswordAuthentication yesandPermitRootLogin yes. -
Still, SSH login was failing repeatedly with “Permission denied”, even though the credentials were correct.
SSH Debug Output
Running SSH in verbose mode:
Showed this:
Root Cause: pam_imunify.so Was Missing
Upon checking system logs:
We found this error:
What Is pam_imunify.so?
pam_imunify.so is a PAM (Pluggable Authentication Module) used by Imunify360 to monitor login attempts and enforce security controls.
However, in our case:
-
Imunify360 was removed or not installed properly, so
-
the PAM module
pam_imunify.sono longer existed on the server, -
but the PAM configuration files still referenced it.
This caused PAM authentication to fail for all logins, including SSH—even though the password was correct.
The Fix
Step 1: Remove All References to pam_imunify.so
Edit or clean up the following files:
This removes the broken authentication lines:
These two files are included by almost all login systems (SSH, sudo, console login). If they’re misconfigured, no login will work.
Step 2: Restart SSH
Step 3: Test SSH Again
Now the login should work using your root password.
Optional: Want to Reinstall Imunify360?
If you still want to use Imunify360 and its login protection features:
This will properly reinstall Imunify360 and restore the pam_imunify.so module.
Conclusion
This issue was caused by leftover PAM configuration after a partial or broken removal of Imunify360. It shows how sensitive PAM configurations are—even a single missing module can block all logins.