Not sure if there is some missing config bits in the toolsbeta case.
When trying to ssh as my user:
Jun 7 13:21:28 toolsbeta-arturo-k8s-etcd-1 sshd[19279]: Starting session: shell on pts/0 for root from 172.16.1.135 port 51022 id 0 Jun 7 13:21:46 toolsbeta-arturo-k8s-etcd-1 sshd[19329]: Connection from 172.16.1.135 port 51028 on 172.16.0.24 port 22 Jun 7 13:21:47 toolsbeta-arturo-k8s-etcd-1 sshd[19329]: Postponed publickey for aborrero from 172.16.1.135 port 51028 ssh2 [preauth] Jun 7 13:21:48 toolsbeta-arturo-k8s-etcd-1 sshd[19329]: pam_access(sshd:account): access denied for user `aborrero' from `bastion-restricted-eqiad1-01.bastion.eqiad.wmflabs' Jun 7 13:21:48 toolsbeta-arturo-k8s-etcd-1 sshd[19329]: Failed publickey for aborrero from 172.16.1.135 port 51028 ssh2: ED25519 SHA256:V1QNhG5BIXIOwTXNmr8N5YJckL1StLoDuQj5b3Fozsc Jun 7 13:21:48 toolsbeta-arturo-k8s-etcd-1 sshd[19329]: fatal: Access denied for user aborrero by PAM account configuration [preauth]