Re: OpenSSH anomaly

From: Tavis Paquette (
Date: 02/23/04

  • Next message: Benjamin Franz: "Re: OpenSSH anomaly"
    Date: Mon, 23 Feb 2004 05:25:10 -0800

    Benjamin Franz wrote:

    >I'm running a RedHat Enterprise 3 ES server that has been running fairly
    >reliably for a month. This morning we could not remotely login to the
    >server via SSH because openssh would terminate the connection immediately
    >(no delay) after apparently successfully logging in - without giving a
    >prompt. We are current on patches up to Feb 1 with the exception of the
    >kernel which is RHES 2.4.21-4.0.1.ELsmp. A console reboot succeeded in
    >restoring connectivity. We couldn't find any footprints in any log or any
    >suspicious file activity. No record of the failed logins (we attempted
    >using both pubkey and password) were in the logs. The openssh version is
    >RedHat's 3.6.1p2-18.
    >Has anyone else seen something similiar?
    I've encountered behaviour similar to this in an unrelated
    configuration, it involved the use of PAM and the module
    with it you can limit (among other things) the maximum amount of
    concurrent logins for a specific account

    This is how openssh behaves when the limit has been reached, the
    assumption here is that the password has been entered correctly.

    reticent@cynosure| ssh
    Connection to closed by remote host.
    Connection to closed.
    You may want to look at your pam configuration for sshd if indeed your 
    system uses PAM (i'm not a redhat user so i cannot provide references to 
    config file locations)
    Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
    Protect your network with the comprehensive security solution that
    integrates six applications for ease of use and lower TCO.
    Firewall - Virus protection - Spam protection - URL blocking - VPN
    - Wireless security.
    Download 30-day evaluation at:

  • Next message: Benjamin Franz: "Re: OpenSSH anomaly"