Re: Weird SSH issue.



On FreeBSD 7.x (and earlier), I'd see this if the number of groups "user" was in exceeded NGROUPS. FreeBSD 8.x changed this (NGROUPS increased, among other things.)

On an internal distro (based on LFS) of Linux, I'd see this if the user's shell wasn't valid.

Also, "user (uid=0)" is special to SSH... but that shouldn't be a surprise.

--- Richard


On Feb 4, 2011, at 3:18 AM, Alex John wrote:

Hello,

On 3 February 2011 07:48, Darren Tucker <dtucker@xxxxxxxxxx> wrote:
On 3/02/11 12:20 AM, Alex John wrote:

Hello, I'm having trouble connecting to any server outside my local
network since like a week. I could do it without any problems before
that.

Sounds like a network problem, any recent changes?

Yes, well the firewall used to be a caching proxy but the admins have
changed that to something else like a black list (but I still can
telnet to the server, so I don't think its blacklisted). SSH
connections used to be going properly to just about anywhere before
this change.

Here's one possibility:
http://www.snailbook.com/faq/mtu-mismatch.auto.html


On 3 February 2011 03:08, zitstif <zitstif@xxxxxxxxx> wrote:
Alex,
Out of curiosity, have you tried connecting with a different distro? Or even
try using putty?

Yes, I've tried in gentoo/ubuntu/Windows (putty). That's all the
distros I have at the moment.

On 3 February 2011 04:38, zhong ming wu <mr.z.m.wu@xxxxxxxxx> wrote:
That looks like the output from the client

What do u see in server log?

Here's the syslog:

sshd[31757]: Accepted password for user from x.x.x.x port 51435 ssh2
sshd[31757]: pam_unix(sshd:session): session opened for user user by (uid=0)
sshd[31757]: lastlog_filetype: Couldn't stat /var/log/lastlog: No such
file or directory
sshd[31757]: lastlog_openseek: /var/log/lastlog is not a file or directory!
sshd[31757]: lastlog_filetype: Couldn't stat /var/log/lastlog: No such
file or directory
sshd[31757]: lastlog_openseek: /var/log/lastlog is not a file or directory!
sshd[31757]: pam_unix(sshd:session): session closed for user user

Maybe firewall settings changed? It may not block the port but sometimes
firewalls can do some weird port/protocol specific proxying

Yeah, any way to pinpoint what exactly its doing to the connection?

Thanks
Alex