SSH RSYNC and Syslog Authentication Errors

From: David Nickel (dnickel_at_aug.edu)
Date: 06/20/03

  • Next message: Filipi D. Vianna: "sftponly"
    Date: Fri, 20 Jun 2003 09:13:34 -0400
    To: secureshell@securityfocus.com
    
    

    I am using rsync over ssh to backup my web server. The servers authenticate
    with null password public keys. The process is ran as perl cron job with
    numerous system calls to rsync over ssh, scp and the ssh command. The
    problem is every time ssh,scp or rsync over ssh is evoked from one server
    to the other, the ssh daemon sends authentication error messages to the
    destination servers syslog causing my log monitor to email me. I believe
    that sshd is trying different authentication methods before it trys public
    keys. Here is a snippet of ssh -vvv server:

    debug1: service_accept: ssh-userauth
    debug1: got SSH2_MSG_SERVICE_ACCEPT
    debug1: authentications that can continue:
    publickey,password,keyboard-interactive
    debug3: start over, passed a different list
    publickey,password,keyboard-interactive
    debug3: preferred publickey
    debug3: authmethod_lookup publickey
    debug3: remaining preferred:
    debug3: authmethod_is_enabled publickey
    debug1: next auth method to try is publickey
    debug1: try privkey: /rsyncd/.ssh/identity
    debug3: no such identity: /rsyncd/.ssh/identity
    debug1: try privkey: /rsyncd/.ssh/id_dsa
    debug3: no such identity: /rsyncd/.ssh/id_dsa
    debug1: try pubkey: /rsyncd/.ssh/id_rsa
    debug3: send_pubkey_test
    debug2: we sent a publickey packet, wait for reply
    debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x808fe58 hint 2
    debug2: input_userauth_pk_ok: fp [removed for security]5:4b:26
    debug3: sign_and_send_pubkey
    debug1: read PEM private key done: type RSA
    debug1: ssh-userauth2 successful: method publickey
    debug1: channel 0: new [client-session]
    debug3: ssh_session2_open: channel_new: 0
    debug1: send channel open 0
    debug1: Entering interactive session.
    debug2: callback start
    debug1: ssh_session2_setup: id 0

    This is what is printed to syslog on the destination server:
    Jun 20 00:13:51 web1 sshd(pam_unix)[22771]: authentication failure;
    logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=server[removed for
    security] user=rsyncd

    Thanks,

    David

    ------------------------
    David Nickel
    Network Specialist II
    Augusta State University
    Office:(706)737-1484
    ------------------------


  • Next message: Filipi D. Vianna: "sftponly"

    Relevant Pages

    • Re: SSH cant connect
      ... I can ssh to any of my laptops on my local lan but not across the internet. ... Starting sshd: debug1: sshd version OpenSSH_5.4p1 ... Server listening on 0.0.0.0 port 22. ...
      (Fedora)
    • Re: SSH cant connect
      ... I can ssh to any of my laptops on my local lan but not across the internet. ... Starting sshd: debug1: sshd version OpenSSH_5.4p1 ... Server listening on 0.0.0.0 port 22. ...
      (Fedora)
    • ssh connect problems (ubuntu feisty client, ubuntu dapper server)
      ... After feisty-upgrade the ssh connect to a dapper server is becoming ... Connection to server closed. ... debug1: Connecting to server port 22. ... debug2: fd 3 setting O_NONBLOCK ...
      (SSH)
    • Re: Using/Configuring SSH on Solaris 9 08/03
      ... >>Is there someplace where I can find info on getting SSH to work on a Solaris ... debug1: sshd version Sun_SSH_1.0 ... debug1: load_private_key_autodetect: type 2 DSA ... Server listening on:: port 22. ...
      (comp.unix.solaris)
    • Login and ssh hang after password, before logging
      ... I have a nice new server, ... I was able to log in through the console and ssh fine ... results for password authentication and public-key authentication: ... debug1: read PEM private key done: type DSA ...
      (alt.linux)