Professional Web Applications Themes

can't connect via ssh anymore - Linux Setup, Configuration & Administration

I'm trying to connect to a computer I used to be able to connect to via ssh. Connecting as root works, but not as a normal user. ssh checks the password (if I type a wrong password it says so) but when the password is accepted, I get: Connection to remote_box closed by remote host. Connection to remote_box closed. I checked in /var/log/secure on remote_box: the password was accepted by ssh. Does anyone know what's wrong ? Thank you Nico...

  1. #1

    Default can't connect via ssh anymore

    I'm trying to connect to a computer I used to be able to connect to via
    ssh. Connecting as root works, but not as a normal user.
    ssh checks the password (if I type a wrong password it says so) but when
    the password is accepted, I get:
    Connection to remote_box closed by remote host.
    Connection to remote_box closed.

    I checked in /var/log/secure on remote_box: the password was accepted by
    ssh.

    Does anyone know what's wrong ?
    Thank you

    Nico

    nico Guest

  2. #2

    Default Re: can't connect via ssh anymore

    nico <com> wrote: 
     
     

    Hard to tell with such a little bit info, what happens if you try as root
    'su - <username>', did you try 'chage -l <username>' unsure what pam logs
    if the account has expired, usually you should see that. What does 'ssh -V'
    tell? Did you try connecting with 'ssh -vvv <hostname>'.

    --
    Michael Heiming

    Remove +SIGNS and www. if you expect an answer, sorry for
    inconvenience, but I get tons of SPAM
    Michael Guest

  3. #3

    Default Re: can't connect via ssh anymore

    Michael Heiming wrote: 
    >

    >

    >
    >
    > Hard to tell with such a little bit info, what happens if you try as root
    > 'su - <username>', did you try 'chage -l <username>' unsure what pam logs
    > if the account has expired, usually you should see that. What does 'ssh -V'
    > tell? Did you try connecting with 'ssh -vvv <hostname>'.
    >[/ref]

    The two user accounts I tried to ssh to are still active (passwords
    don't expire). I can login to those account from the console, or having
    ssh-ed as root, su - username.
    This is what ssh -vvv outputs after I enter my password (ssh version:
    OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f) :

    debug1: packet_send2: adding 64 (len 59 padlen 5 extra_pad 64)
    debug2: we sent a password packet, wait for reply
    debug1: ssh-userauth2 successful: method password
    debug3: clear hostkey 0
    debug3: clear hostkey 1
    debug3: clear hostkey 2
    debug1: channel 0: new [client-session]
    debug3: ssh_session2_open: channel_new: 0
    debug1: send channel open 0
    debug1: Entering interactive session.
    debug2: callback start
    debug1: ssh_session2_setup: id 0
    debug1: channel request 0: pty-req
    debug3: tty_make_modes: ospeed 38400
    debug3: tty_make_modes: ispeed 38400
    debug3: tty_make_modes: 1 3
    debug3: tty_make_modes: 2 28
    debug3: tty_make_modes: 3 127
    debug3: tty_make_modes: 4 21
    debug3: tty_make_modes: 5 4
    debug3: tty_make_modes: 6 0
    debug3: tty_make_modes: 7 0
    ..
    ..
    ..
    debug3: tty_make_modes: 91 1
    debug3: tty_make_modes: 92 0
    debug3: tty_make_modes: 93 0
    debug2: x11_get_proto /usr/X11R6/bin/xauth list :0 2>/dev/null
    debug1: Requesting X11 forwarding with authentication spoofing.
    debug1: channel request 0: x11-req
    debug1: channel request 0: shell
    debug1: fd 3 setting TCP_NODELAY
    debug2: callback done
    debug1: channel 0: open confirm rwindow 0 rmax 32768
    debug1: channel_free: channel 0: client-session, nchannels 1
    debug3: channel_free: status: The following connections are open:
    #0 client-session (t4 r0 i0/0 o0/0 fd 4/5)

    debug3: channel_close_fds: channel 0: r 4 w 5 e 6
    Connection to tangor closed by remote host.
    Connection to tangor closed.
    debug1: Transferred: stdin 0, stdout 0, stderr 75 bytes in 0.1 seconds
    debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 1143.5
    debug1: Exit status -1


    nico Guest

  4. #4

    Default Re: can't connect via ssh anymore

    nico <com> wrote:
    .... 

    $ ssh -V
    OpenSSH_3.7.1p2,[..]

    That's the latest version, yours is pretty old and full of security
    problems.

    I'd urge you to upgrade and check if you haven't been cracked and repost
    (if the problem persists) in comp.security.ssh.


    --
    Michael Heiming

    Remove +SIGNS and www. if you expect an answer, sorry for
    inconvenience, but I get tons of SPAM
    Michael Guest

  5. #5

    Default Re: can't connect via ssh anymore

    Le Fri, 31 Oct 2003 19:03:50 -0800, nico a ecrit :
     

    Probably the root login scripts close tghe connexion, or even the system
    does not accept root login from outside of the main keyboard.

    Try:

    $ ssh -n domain /usr/X11R6/bin/xterm

    If that work, it's only a bogus login script (.profile or something like
    this).

    Michel.
    Michel Guest

  6. #6

    Default Re: can't connect via ssh anymore

    Michel Tatoute wrote: 
    >
    >
    > Probably the root login scripts close tghe connexion, or even the system
    > does not accept root login from outside of the main keyboard.
    >
    > Try:
    >
    > $ ssh -n domain /usr/X11R6/bin/xterm
    >[/ref]

    that works, or simply
    ssh domain
    The problem is when I try :
    ssh domain

    I upgraded to a newer version of ssh but the problem is the same.

    nico Guest

  7. #7

    Default Re: can't connect via ssh anymore

    nico <com> wrote:
     
     

    Glad to hear you updated. Now check /etc/profile for anything that
    happens if UID != 0.

    --
    Michael Heiming

    Remove +SIGNS and www. if you expect an answer, sorry for
    inconvenience, but I get tons of SPAM
    Michael Guest

  8. #8

    Default Re: can't connect via ssh anymore


    "Michael Heiming" <michael+heiming.de> wrote in message
    news:heiming.de... 
    >
    > $ ssh -V
    > OpenSSH_3.7.1p2,[..]
    >
    > That's the latest version, yours is pretty old and full of security
    > problems.
    >
    > I'd urge you to upgrade and check if you haven't been cracked and repost
    > (if the problem persists) in comp.security.ssh.[/ref]

    3.1p1, *properly patched* as in the published RedHat RPM's for older 7.x
    RedHat releases, is just hunky-dory. It lacks the "Privilege Separation"
    feature, but that feature introduced a lot of instability to the OpenSSH
    code for platforms other than OpenBSD and hasn't yet proven itself worth the
    trouble it's caused.

    I've been staying away from the bleeding edge on of OpenSSH releases for a
    while, the PrivSep caused just way too much cross-platform fun.


    Nico Guest

  9. #9

    Default Re: can't connect via ssh anymore

    Nico Kadel-Garcia <net> wrote:

    .... 

    I had no problems with recent openssh on various *nix. I don't use the RH
    updates for critical packages. I build my own and can't remember any huge
    problems in the last few years. Only one on a recent Tru64 version with an
    updated utmp format, but then you have the source and it was fixed in a
    minute.;)

    From some past security problems with openssh I can only remember it was
    only exploitable if you had privsep disabled, so it looks like a good thing.

    --
    Michael Heiming

    Remove +SIGNS and www. if you expect an answer, sorry for
    inconvenience, but I get tons of SPAM
    Michael Guest

  10. #10

    Default Re: can't connect via ssh anymore

    Michael Heiming wrote: 
    >

    >
    >
    > Glad to hear you updated. Now check /etc/profile for anything that
    > happens if UID != 0.
    >[/ref]

    The only things that happen if uid=0 are changes to PATH (/sbin added to
    PATH, etc).
    What I forgot to mention is that I just changed the hardware: I put my
    system disk into a new machine. I changed the internet parameters
    (machine name, etc), but I could have forgotten something...

    nico Guest

  11. #11

    Default Re: can't connect via ssh anymore


    "Michael Heiming" <michael+heiming.de> wrote in message
    news:heiming.de... [/ref]
    the 
    >
    > I had no problems with recent openssh on various *nix. I don't use the RH
    > updates for critical packages. I build my own and can't remember any huge
    > problems in the last few years. Only one on a recent Tru64 version with an
    > updated utmp format, but then you have the source and it was fixed in a
    > minute.;)[/ref]

    Oh, man, I did. Solaris, Tru64, and old releases of RedHat. I was very, very
    angry at all the grief, the PrivSep stuff wasn't ready for general use and
    should have not been enabled by default.
     
    thing.

    ??? Don't remember that one specifically, there have been a number of very
    serious breakages with the PrivSep turned on since it got added. They've
    only been been fixed slowly as people get the chance to find them, fix them,
    and get them back to the maintainers of the "p" releases of OpenSSH.

    The OpenSSH release process is odd, but interesting. They develop for
    OpenBSD, and publish all their releases for that platform (such as openSSH
    3.7). A separate group does the portability patches, and creates the "p"
    releases. This helps the original developers ease their lives a lot by
    making them only work with that one, well understood platform. They don't
    have to try and fold back in and make workable all the little patches for
    all the different candidate OS's: that's someone else's job, and they have
    to understand cross-compatibility more thoroughly.

    I like it in general, as I like their tools in general. Just the Privilege
    Separation stuff seemed not ready for prime time....


    Nico Guest

Similar Threads

  1. HTTP 500.100 I don't know anymore
    By Jacques Koorts in forum ASP Database
    Replies: 3
    Last Post: June 21st, 01:02 AM
  2. My OSX-Computer cannot connect to a 8.6-Computer anymore
    By lukashuber@magnet.ch in forum Mac Networking
    Replies: 1
    Last Post: October 22nd, 01:35 PM
  3. can't log in anymore! plz help me!
    By Mark in forum Windows XP/2000/ME
    Replies: 0
    Last Post: July 23rd, 11:34 PM
  4. Cannot connect to WORD and OUTLOOK anymore after upgrade! Please help..
    By Heinrich Braasch in forum ASP.NET Security
    Replies: 1
    Last Post: July 20th, 06:08 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139