Please make sure you have followed the recommended setup in Logging in to the HPC's before troubleshooting.
Notes to new command line users:
- Most terminals do not give an indication of how many characters have been typed when entering a password.
- Paste is not usually bound to ctrl + v
Repeatedly asking for First and Second Factor.
In addition to using an incorrect First/Second factor there are several other issues that will cause a similar looking failure to log in.
First Factor: Second Factor (optional): First Factor: Second Factor (optional): First Factor: Second Factor (optional):
Login Password (First Factor): Authenticator Code (Second Factor): Login Password (First Factor): Authenticator Code (Second Factor): Login Password (First Factor): Authenticator Code (Second Factor):
1. Try log in to
You can test what part of your connection has failed by first running:
If this succeeds: Run the following:
If this fails: Contact NeSI Support.
If this succeeds: If you are using a bash terminal confirm your .ssh config is set up correctly.
If you are using a ssh client like MobaXterm or WinSCP make sure your session is set up correctly.
2. Check you are a member of an active project.
If you are not a member of an active project, or your project has no active allocation. You should be able to find this information here.
3. Confirm login credentials.
The most common cause of login failure is using incorrect login details. Make sure you are using your NeSI Linux Username and the password you set when first logging into the Lander node.
4. Check Second Factor device time.
If the device you are using to generate your second factor token is not using NZST/NZDT the second factor generated will be invalid.
5. Ensure Second Factor token is not being re-used.
Login will fail if the same six figure token is used in consecutive login attempts (or if optionally used accessing the login node). If in doubt, wait 30 seconds for a new token to be generated.
6. Ensure correct Second Factor token is being used.
2FA is becoming a common security measure, many people have multiple tokens occasionally get them mixed up.
7. Wait 4 hours.
Six failed login attempts within 5 minutes will enact a 4 hour lockout. Users experiencing login issues can inadvertently trigger the lockout, making diagnosing the original issue much more difficult.
Connection closed by .... (MobaXterm)
1. Skip password prompts.
There is a known bug with MobaXterm where the user will be prompted multiple times for 'password' before being prompted for their 'First Factor' (The only time a user should be prompted for a 'password' is if they have no Second Factor set up)
These initial prompts can be skipped through by pressing 'Enter', any input will cause the login to fail.
The expected processes is as follows:
ssh <user>@lander.nesi.org.nz <user>@lander.nesi.org.nz's password: <Enter> <user>@lander.nesi.org.nz's password: <Enter> <user>@lander.nesi.org.nz's password: <Enter> Login Password (First Factor): Authenticator Code (Second Factor):
Note: Sometimes MobaXterm will prompt with a dialogue box.
2. Update client.
Occasionally an outdated client can cause errors.
MobaXterm can be updated through: 'help>check for updates'
3. Reinstall client.
Asked for 'Password' instead of 'First Factor'
1. Check the MyNeSI portal and confirm you have a second factor set.
2. See above.
Authentication token manipulation error
This occurs when your Second Factor token falls out of sync. You will have to reset your token though the myNeSI portal.
Nothing here help?
Helpful things to include
- The client you are using (MobaXterm, Mac terminal, Linux).
- The nature of the problem.
- Have you had access before, if so when.
- What have you tried so far.
- Are you on NIWA network/VPN.