Re: Auto configuration failed
- From: Uwe Seher <red.buell@xxxxxxxxxxxxxx>
- Date: Wed, 15 Sep 2010 13:20:59 +0200
Hi!
Nico Kadel-Garcia schrieb:
On Sep 13, 10:30 am, Uwe Seher <red.bu...@xxxxxxxxxxxxxx> wrote:
Hello group!
i get a strange error when i try to start an sshd (v5.4) on an opensuse
11.3 machine. It is installed by the packetmanager. The first time it
worked, but when i did some configuration the daemon suddenly refused to
restart.
By "some configuration", what do you mean? Could you have added an
error in /etc/ssh/sshd_config that is confusing the daemon?
Nothing strange done. Just disabled pw-authentication aund enabled
public/private-key authentificatiion. And set the listen-address. All
the configuration is runnung on another suse-machine.
Revert your changes, or back up your changes, rip out the package and
re-install it to compare the config files.
Just done. No effect, The error appear also in the standard configuration.
Now when i try to start the daemon, by startscript, manual or at
boottime the message below shows up and the daemon doesnt start.
Auto configuration failed
140472990594728:error:0200100D:system library:fopen:Permission
denied:bss_file.c:126:fopen('/etc/ssl/openssl.cnf','rb')
What in the? OK, what did you do to /etc/ssl/openssl.conf? Have you
been trying to replace or overwrite your OpenSSL components? That
would be.... begging to introduce incompatibilities with other tools,
if you didn't use RPM deployment for them.
Nope, i did nothing with/to the openssl-components ;) I never touched
them, they are in original configuration.
140472990594728:error:2006D002:BIO routines:BIO_new_file:system
lib:bss_file.c:131:
140472990594728:error:0E078002:configuration file
routines:DEF_LOAD:system lib:conf_def.c:199:
The konfiguration doesnt matter, it doesnt work with original setup nor
with a working configutration. Logfile entries (in /var/log/messages)
are not written.
As a workaround i downloaded and compiled the v5.6-openssh, which works
without problem, with the same konfiguration and the same settings like
the opensuse-version. Has someone a hint for me, what produces this
strange error? Aunt Google seems also a little bit clueless in this case...
OpenSuSE is its own unique environment, and gods only know what
manually installing a new OpenSSH overlaid on top of your old one. Set
aside the manually compiled one, as much as possible, and use 'rpm -V
openssh' or 'rpm -V openssh-server', or whatever it is called for
OpenSuSE, to see what configurations you changed.
It isnt installed above the old one it runs aside, the suse-version is
disabled. I do this with other services too, which i dont want to be
touched by the system.
This is rpm -V for open ssh: the only files changed are the configfile
and the initskript.
S.5....T. c /etc/init.d/sshd
.......... c /etc/pam.d/sshd
.......... /etc/slp.reg.d
.......... c /etc/slp.reg.d/ssh.reg
.......... /etc/ssh
.......... c /etc/ssh/moduli
.......... c /etc/ssh/ssh_config
S.5....T. c /etc/ssh/sshd_config
.......... c /etc/sysconfig/SuSEfirewall2.d/services/sshd
.......... /usr/bin/scp
.......... /usr/bin/sftp
.......... /usr/bin/slogin
.......... /usr/bin/ssh
.......... /usr/bin/ssh-add
.......... /usr/bin/ssh-agent
.......... /usr/bin/ssh-copy-id
.......... /usr/bin/ssh-keyconverter
.......... /usr/bin/ssh-keygen
.......... /usr/bin/ssh-keyscan
.......... /usr/lib64/ssh
.......... /usr/lib64/ssh/sftp-server
.......... /usr/lib64/ssh/ssh-keysign
.......... /usr/lib64/ssh/ssh-pkcs11-helper
.......... /usr/sbin/rcsshd
.......... /usr/sbin/sshd
.......... /usr/share/doc/packages/openssh
.......... d /usr/share/doc/packages/openssh/CREDITS
.......... d /usr/share/doc/packages/openssh/ChangeLog
.......... d /usr/share/doc/packages/openssh/LICENCE
.......... d /usr/share/doc/packages/openssh/OVERVIEW
.......... d /usr/share/doc/packages/openssh/README
.......... d /usr/share/doc/packages/openssh/README.SuSE
.......... d /usr/share/doc/packages/openssh/README.kerberos
.......... d /usr/share/doc/packages/openssh/TODO
.......... d /usr/share/man/man1/scp.1.gz
.......... d /usr/share/man/man1/sftp.1.gz
.......... d /usr/share/man/man1/slogin.1.gz
.......... d /usr/share/man/man1/ssh-add.1.gz
.......... d /usr/share/man/man1/ssh-agent.1.gz
.......... d /usr/share/man/man1/ssh-copy-id.1.gz
.......... d /usr/share/man/man1/ssh-keyconverter.1.gz
.......... d /usr/share/man/man1/ssh-keygen.1.gz
.......... d /usr/share/man/man1/ssh-keyscan.1.gz
.......... d /usr/share/man/man1/ssh.1.gz
.......... d /usr/share/man/man5/moduli.5.gz
.......... d /usr/share/man/man5/ssh_config.5.gz
.......... d /usr/share/man/man5/sshd_config.5.gz
.......... d /usr/share/man/man8/sftp-server.8.gz
.......... d /usr/share/man/man8/ssh-keysign.8.gz
.......... d /usr/share/man/man8/ssh-pkcs11-helper.8.gz
.......... d /usr/share/man/man8/sshd.8.gz
.......... /var/adm/fillup-templates/sysconfig.ssh
.......... /var/lib/sshd
For completeness, this is for openssl:
......... /etc/ssl
.......... /etc/ssl/certs
.......... /etc/ssl/certs/README.RootCerts
.......... /etc/ssl/certs/demo
.......... /etc/ssl/certs/demo/ca-cert.pem
.......... /etc/ssl/certs/demo/dsa-ca.pem
.......... /etc/ssl/certs/demo/dsa-pca.pem
.......... /etc/ssl/certs/demo/pca-cert.pem
.......... /etc/ssl/certs/expired
.......... /etc/ssl/certs/expired/ICE.crl
.......... c /etc/ssl/openssl.cnf
.......... /etc/ssl/private
.......... /usr/bin/c_rehash
.......... /usr/bin/openssl
.......... /usr/share/doc/packages/openssl
.......... d /usr/share/doc/packages/openssl/AVAILABLE_CIPHERS
.......... d /usr/share/doc/packages/openssl/CHANGES
.......... d /usr/share/doc/packages/openssl/CHANGES.SSLeay
.......... d /usr/share/doc/packages/openssl/INSTALL
.......... d /usr/share/doc/packages/openssl/INSTALL.DJGPP
.......... d /usr/share/doc/packages/openssl/INSTALL.MacOS
.......... d /usr/share/doc/packages/openssl/INSTALL.NW
.......... d /usr/share/doc/packages/openssl/INSTALL.OS2
.......... d /usr/share/doc/packages/openssl/INSTALL.VMS
.......... d /usr/share/doc/packages/openssl/INSTALL.W32
.......... d /usr/share/doc/packages/openssl/INSTALL.W64
.......... d /usr/share/doc/packages/openssl/INSTALL.WCE
.......... d /usr/share/doc/packages/openssl/LICENSE
.......... d /usr/share/doc/packages/openssl/NEWS
.......... d /usr/share/doc/packages/openssl/README
.......... d /usr/share/doc/packages/openssl/README.SuSE
.......... d /usr/share/man/man1/asn1parse.1ssl.gz
.......... d /usr/share/man/man1/ca.1ssl.gz
.......... d /usr/share/man/man1/crl.1ssl.gz
.......... d /usr/share/man/man1/crl2pkcs7.1ssl.gz
.......... d /usr/share/man/man1/dgst.1ssl.gz
.......... d /usr/share/man/man1/dhparam.1ssl.gz
.......... d /usr/share/man/man1/dsa.1ssl.gz
.......... d /usr/share/man/man1/dsaparam.1ssl.gz
.......... d /usr/share/man/man1/enc.1ssl.gz
.......... d /usr/share/man/man1/gendsa.1ssl.gz
.......... d /usr/share/man/man1/genrsa.1ssl.gz
.......... d /usr/share/man/man1/nseq.1ssl.gz
.......... d /usr/share/man/man1/openssl.1ssl.gz
.......... d /usr/share/man/man1/passwd.1ssl.gz
.......... d /usr/share/man/man1/pkcs12.1ssl.gz
.......... d /usr/share/man/man1/pkcs7.1ssl.gz
.......... d /usr/share/man/man1/pkcs8.1ssl.gz
.......... d /usr/share/man/man1/rand.1ssl.gz
.......... d /usr/share/man/man1/req.1ssl.gz
.......... d /usr/share/man/man1/rsa.1ssl.gz
.......... d /usr/share/man/man1/rsautl.1ssl.gz
.......... d /usr/share/man/man1/s_client.1ssl.gz
.......... d /usr/share/man/man1/s_server.1ssl.gz
.......... d /usr/share/man/man1/smime.1ssl.gz
.......... d /usr/share/man/man1/spkac.1ssl.gz
.......... d /usr/share/man/man1/verify.1ssl.gz
.......... d /usr/share/man/man1/version.1ssl.gz
.......... d /usr/share/man/man1/x509.1ssl.gz
.......... d /usr/share/man/man3/crypto.3ssl.gz
.......... d /usr/share/man/man3/dsa.3ssl.gz
.......... d /usr/share/man/man3/rand.3ssl.gz
.......... d /usr/share/man/man3/rsa.3ssl.gz
.......... d /usr/share/man/man3/ssl.3ssl.gz
.......... d /usr/share/man/man3/x509.3ssl.gz
.......... d /usr/share/man/man5/config.5ssl.gz
.......... /usr/share/ssl
.......... /usr/share/ssl/misc
.......... /usr/share/ssl/misc/CA.pl
.......... /usr/share/ssl/misc/CA.sh
.......... /usr/share/ssl/misc/c_hash
.......... /usr/share/ssl/misc/c_info
.......... /usr/share/ssl/misc/c_issuer
.......... /usr/share/ssl/misc/c_name
.......... /usr/share/ssl/misc/tsget
I can see where Google might have issues finding this: I think you've
managed to accidentally muck up sshd_config, and that's a fairly
unusual issue, different everytime it happens.
I cannot believe that the config-file ist broken.
These are the only lines i changed, everything else is on default.
ListenAddress 192.168.1.3
Protocol 2
PermitRootLogin no
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
PasswordAuthentication no
Thank you
Uwe Seher
Thanks again
Uwe
.
- Follow-Ups:
- Re: Auto configuration failed
- From: Scott
- Re: Auto configuration failed
- References:
- Auto configuration failed
- From: Uwe Seher
- Re: Auto configuration failed
- From: Nico Kadel-Garcia
- Auto configuration failed
- Prev by Date: Re: Auto configuration failed
- Next by Date: PuTTY question
- Previous by thread: Re: Auto configuration failed
- Next by thread: Re: Auto configuration failed
- Index(es):
Relevant Pages
|
