Ssh into board with new user not working

I am trying to add a new user to an Apalis T30 board then access the board via ssh from another computer. I can add the new user (adduser foo, passwd bar), log out, and log back in with the new user/passwd, and I can ssh into the board using the root user (no password), but when I try logging in using the new user foo, I get a broken pipe:


kenobi@acme:~$ ssh root@
Last login: Sun Oct 21 23:11:07 2018
root@apalis-t30:~# exit
Connection to closed.
kenobi@acme:~$ ssh foo@
packet_write_wait: Connection to port 22: Broken pipe

Here’s the journal entries for sshd per the SSH article:


Oct 21 23:11:22 apalis-t30 systemd[1]: Started OpenSSH Per-Connection Daemon (
Oct 21 23:11:22 apalis-t30 sshd[970]: Accepted none for root from port 55102 ssh2
Oct 21 23:11:22 apalis-t30 sshd[970]: pam_unix(sshd:session): session opened for user root by (uid=0)
Oct 21 23:11:35 apalis-t30 systemd[1]: Started OpenSSH Per-Connection Daemon (
Oct 21 23:11:36 apalis-t30 sshd[979]: [[1;39mpam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=  user=foo[[0m
Oct 21 23:11:40 apalis-t30 sshd[979]: Accepted keyboard-interactive/pam for foo from port 55104 ssh2

I’ve tried all the client-side and host-side fixes normally recommended for broken pipes, i.e. adjusting ServerAliveInterval and/or ClientAliveInterval, etc, but all to no avail. I’ve tried other ciphers per the article, but also to no avail.

FYI, this is the case for either the board I’ve been using extensively for the past several months using v2.7b4 or a fresh board straight from the factory using v2.6b2. I have seen a few google references to issues with some versions of pam_unix, but before I went down that rabbit hole, I wanted to check with the community to see if anyone has other suggestions.


Have you tried this troubleshooting section?
What were the results?


Well, as usually happens when I make an assumption, I find myself being humbled yet once again. Initially, I had this in /etc/ssh/sshd_config:

PasswordAuthentication yes
PermitEmptyPasswords yes

…thinking, surely permitting an empty password wouldn’t somehow disallow the use of a password by another user. Alas, I was wrong, changing it to what the article said verbatim…

PasswordAuthentication yes
#PermitEmptyPasswords yes

…and of course it worked the first time (though disallowing my password-less ssh login as root, which was ill-advised anyway). I’m still flummoxed as to why allowing empty passwords somehow disallows logging in with a password, but such is life in the linux world. Pay heed, all who enter…