odd ssh problem.
From: Jonathan Crowe (jcrowe_at_sagesys.net)
Date: 07/24/03
- Previous message: Schubert, John [NTWK SVCS]: "RE: getgroup invalid argument in /var/adm/messages"
- Next in thread: Nigel Stepp: "Re: odd ssh problem."
- Reply: Nigel Stepp: "Re: odd ssh problem."
- Reply: Greg Wooledge: "Re: odd ssh problem."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Jul 2003 15:42:29 -0700 To: secureshell@securityfocus.com
I have an odd SSH problem.
I have a server with a stock RH 9 install on it (just installed
yesterday). I am able to SSH to it as both remotely and locally as root
but not as any normal user.
This is the case with both a password login and a public key login.
From looking at /var/log/messages and /var/log/secure it appears that
the system is accepting the login and then disconnecting right away.
These users are able to log in from the console and I am able to su - to
them as root or as another user with no problems. I am stumped as to
what is going on here. Does anyone have any ideas?
I have pasted some debug info below. The bits about port 2222 was me
starting a second sshd with the -d flag to see if I got any other
messages. I didn't.
Thanks for the help.
Jon
---------------------------------------------------------------------------
[root@ultra root]# ssh -v -l jcrowe localhost
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.5p1
debug1: match: OpenSSH_3.5p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.5p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 130/256
debug1: bits set: 1605/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug1: bits set: 1604/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /root/.ssh/identity
debug1: try privkey: /root/.ssh/id_rsa
debug1: try privkey: /root/.ssh/id_dsa
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is password
jcrowe@localhost's password:
debug1: ssh-userauth2 successful: method password
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: ssh_session2_setup: id 0
debug1: channel request 0: pty-req
debug1: channel request 0: shell
debug1: fd 3 setting TCP_NODELAY
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: channel_free: channel 0: client-session, nchannels 1
Connection to localhost closed by remote host.
Connection to localhost closed.
debug1: Transferred: stdin 0, stdout 0, stderr 81 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 11811.1
debug1: Exit status -1
[root@ultra root]#
------------------------------------------------------------------------
[root@ultra root]# tail /var/log/messages
Jul 23 12:31:13 ultra vmnet-dhcpd: Setting vmnet-dhcp IP address:
10.0.10.254
Jul 23 12:31:13 ultra vmnet-dhcpd: Recving on VNet/vmnet1/10.0.10.0
Jul 23 12:31:13 ultra vmnet-dhcpd: Sending on VNet/vmnet1/10.0.10.0
Jul 23 12:35:20 ultra sshd(pam_unix)[2839]: session opened for user root
by (uid=0)
Jul 23 12:35:29 ultra ntpd[2279]: kernel time discipline status change 41
Jul 23 12:35:31 ultra sshd(pam_unix)[2889]: session opened for user
jcrowe by (uid=500)
Jul 23 12:36:34 ultra ntpd[2279]: kernel time discipline status change 1
Jul 23 15:00:20 ultra sshd(pam_unix)[2839]: session [root@ultra root]
---------------------------------------------------------------------------
# tail /var/log/secure
Jul 23 12:06:18 ultra sshd[7472]: Accepted publickey for jcrowe from
65.104.249.147 port 25242 ssh2
Jul 23 12:20:49 ultra sshd[7505]: Server listening on 0.0.0.0 port 2222.
Jul 23 12:22:26 ultra sshd[7514]: Accepted password for root from
127.0.0.1 port 35321 ssh2
Jul 23 12:22:41 ultra sshd[7562]: Accepted password for jcrowe from
127.0.0.1 port 35325 ssh2
Jul 23 12:29:09 ultra sshd[7505]: Received signal 15; terminating.
Jul 23 12:30:58 ultra sshd[2245]: Server listening on 0.0.0.0 port 22.
Jul 23 12:35:20 ultra sshd[2839]: Accepted password for root from
65.104.249.147 port 25382
Jul 23 12:35:31 ultra sshd[2887]: Accepted password for jcrowe from
127.0.0.1 port 32769 ssh2
Jul 23 15:26:23 ultra sshd[3122]: Accepted password for root from
65.104.249.147 port 28269 ssh2
Jul 23 15:26:48 ultra sshd[3168]: Accepted password for jcrowe from
127.0.0.1 port 32771 ssh2
Jul 23 15:26:23 ultra sshd(pam_unix)[3122]: session opened for user root
by (uid=0)
Jul 23 15:26:48 ultra sshd(pam_unix)[3170]: session opened for user
jcrowe by (uid=500)
[root@ultra root]#
----------------------------------------------------------------
[root@ultra root]# su - jcrowe
[jcrowe@ultra jcrowe]$ su - renny
Password:
[renny@ultra renny]$
---------------------------------------------------------------
[root@ultra root]# cat /etc/hosts.allow
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
[root@ultra root]#
--------------------------------------------------------------
[root@ultra root]# cat /etc/hosts.deny
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!
[root@ultra root]#
-------------------------------------------------------------
[root@ultra root]# ssh -V
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
[root@ultra root]#
-------------------------------------------------------------
[root@ultra root]# ident /usr/sbin/sshd
/usr/sbin/sshd:
$OpenBSD: sshd.c,v 1.260 2002/09/27 10:42:09 mickey Exp $
$OpenBSD: auth.c,v 1.45 2002/09/20 18:41:29 stevesk Exp $
$OpenBSD: auth1.c,v 1.44 2002/09/26 11:38:43 markus Exp $
$OpenBSD: auth2.c,v 1.95 2002/08/22 21:33:58 markus Exp $
$OpenBSD: auth2-hostbased.c,v 1.2 2002/05/31 11:35:15 markus Exp $
$OpenBSD: auth2-kbdint.c,v 1.2 2002/05/31 11:35:15 markus Exp $
$OpenBSD: auth2-none.c,v 1.4 2002/06/27 10:35:47 deraadt Exp $
$OpenBSD: auth2-passwd.c,v 1.2 2002/05/31 11:35:15 markus Exp $
$OpenBSD: auth2-pubkey.c,v 1.2 2002/05/31 11:35:15 markus Exp $
$OpenBSD: auth-chall.c,v 1.8 2001/05/18 14:13:28 markus Exp $
$OpenBSD: auth2-chall.c,v 1.20 2002/06/30 21:59:45 deraadt Exp $
$OpenBSD: auth-rhosts.c,v 1.28 2002/05/13 21:26:49 markus Exp $
$OpenBSD: auth-options.c,v 1.26 2002/07/30 17:03:55 markus Exp $
$OpenBSD: auth-krb4.c,v 1.28 2002/09/26 11:38:43 markus Exp $
$OpenBSD: auth-krb5.c,v 1.9 2002/09/09 06:48:06 itojun Exp $
$Id: auth-pam.c,v 1.54 2002/07/28 20:24:08 stevesk Exp $
$Id: auth2-pam.c,v 1.14 2002/06/28 16:48:12 mouring Exp $
$OpenBSD: auth-passwd.c,v 1.27 2002/05/24 16:45:16 stevesk Exp $
$OpenBSD: auth-rsa.c,v 1.56 2002/06/10 16:53:06 stevesk Exp $
$OpenBSD: auth-rh-rsa.c,v 1.34 2002/03/25 09:25:06 markus Exp $
$OpenBSD: sshpty.c,v 1.7 2002/06/24 17:57:20 deraadt Exp $
$OpenBSD: sshlogin.c,v 1.5 2002/08/29 15:57:25 stevesk Exp $
$Id: loginrec.c,v 1.44 2002/09/26 00:38:49 tim Exp $
$OpenBSD: servconf.c,v 1.115 2002/09/04 18:52:42 stevesk Exp $
$OpenBSD: serverloop.c,v 1.104 2002/09/19 16:03:15 stevesk Exp $
$Id: md5crypt.c,v 1.5 2001/02/09 01:55:36 djm Exp $
$OpenBSD: session.c,v 1.150 2002/09/16 19:55:33 stevesk Exp $
$OpenBSD: groupaccess.c,v 1.5 2002/03/04 17:27:39 stevesk Exp $
$OpenBSD: auth-skey.c,v 1.20 2002/06/30 21:59:45 deraadt Exp $
$OpenBSD: auth-bsdauth.c,v 1.5 2002/06/30 21:59:45 deraadt Exp $
$OpenBSD: monitor_mm.c,v 1.8 2002/08/02 14:43:15 millert Exp $
$OpenBSD: monitor.c,v 1.29 2002/09/26 11:38:43 markus Exp $
$OpenBSD: atomicio.c,v 1.10 2001/05/08 22:48:07 markus Exp $
$OpenBSD: authfile.c,v 1.50 2002/06/24 14:55:38 markus Exp $
$OpenBSD: bufaux.c,v 1.27 2002/06/26 08:53:12 markus Exp $
$OpenBSD: buffer.c,v 1.16 2002/06/26 08:54:18 markus Exp $
$OpenBSD: canohost.c,v 1.34 2002/09/23 20:46:27 stevesk Exp $
$OpenBSD: channels.c,v 1.183 2002/09/17 07:47:02 itojun Exp $
$OpenBSD: cipher.c,v 1.61 2002/07/12 15:50:17 markus Exp $
$OpenBSD: compat.c,v 1.65 2002/09/27 10:42:09 mickey Exp $
$OpenBSD: compress.c,v 1.19 2002/03/18 17:31:54 provos Exp $
$OpenBSD: dh.c,v 1.22 2002/06/27 08:49:44 markus Exp $
$OpenBSD: dispatch.c,v 1.15 2002/01/11 13:39:36 markus Exp $
$OpenBSD: fatal.c,v 1.1 2002/02/22 12:20:34 markus Exp $
$OpenBSD: mac.c,v 1.5 2002/05/16 22:02:50 markus Exp $
$OpenBSD: hostfile.c,v 1.30 2002/07/24 16:11:18 markus Exp $
$OpenBSD: key.c,v 1.49 2002/09/09 14:54:14 markus Exp $
$OpenBSD: kex.c,v 1.51 2002/06/24 14:55:38 markus Exp $
$OpenBSD: kexdh.c,v 1.18 2002/03/18 17:50:31 provos Exp $
$OpenBSD: kexgex.c,v 1.22 2002/03/24 17:27:03 stevesk Exp $
$OpenBSD: log.c,v 1.24 2002/07/19 15:43:33 markus Exp $
$OpenBSD: match.c,v 1.19 2002/03/01 13:12:10 markus Exp $
$OpenBSD: misc.c,v 1.19 2002/03/04 17:27:39 stevesk Exp $
$OpenBSD: mpaux.c,v 1.16 2001/02/08 19:30:52 itojun Exp $
$OpenBSD: nchan.c,v 1.47 2002/06/19 00:27:55 deraadt Exp $
$OpenBSD: packet.c,v 1.97 2002/07/04 08:12:15 deraadt Exp $
$Id: entropy.c,v 1.44 2002/06/09 19:41:48 mouring Exp $
$OpenBSD: readpass.c,v 1.27 2002/03/26 15:58:46 markus Exp $
$OpenBSD: rsa.c,v 1.24 2001/12/27 18:22:16 markus Exp $
$OpenBSD: ssh-dss.c,v 1.17 2002/07/04 10:41:47 markus Exp $
$OpenBSD: ssh-rsa.c,v 1.26 2002/08/27 17:13:56 stevesk Exp $
$OpenBSD: tildexpand.c,v 1.13 2002/06/23 03:25:50 deraadt Exp $
$OpenBSD: ttymodes.c,v 1.18 2002/06/19 00:27:55 deraadt Exp $
$OpenBSD: uidswap.c,v 1.23 2002/07/15 17:15:31 stevesk Exp $
$OpenBSD: uuencode.c,v 1.16 2002/09/09 14:54:15 markus Exp $
$OpenBSD: xmalloc.c,v 1.16 2001/07/23 18:21:46 stevesk Exp $
$OpenBSD: monitor_wrap.c,v 1.19 2002/09/26 11:38:43 markus Exp $
$OpenBSD: monitor_fdpass.c,v 1.4 2002/06/26 14:50:04 deraadt Exp $
$OpenBSD: authfd.c,v 1.57 2002/09/11 18:27:26 stevesk Exp $
$OpenBSD: crc32.c,v 1.8 2000/12/19 23:17:56 markus Exp $
$OpenBSD: deattack.c,v 1.18 2002/03/04 17:27:39 stevesk Exp $
$Id: bsd-arc4random.c,v 1.5 2002/05/08 22:57:18 tim Exp $
$Id: bsd-misc.c,v 1.10 2002/07/08 21:09:41 mouring Exp $
[root@ultra root]#
-- Jonathan Crowe System Administrator for Sage Systems, Inc. 425-451-2484 x 3025
- Previous message: Schubert, John [NTWK SVCS]: "RE: getgroup invalid argument in /var/adm/messages"
- Next in thread: Nigel Stepp: "Re: odd ssh problem."
- Reply: Nigel Stepp: "Re: odd ssh problem."
- Reply: Greg Wooledge: "Re: odd ssh problem."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
