PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : ssh nicht mehr möglich



byron1778
28.02.08, 13:05
Hallo Forum,

leider weiss ich nciht mehr weiter.

Ich kann mich nicht mehr auf eine bestimmte Maschine verbinden von allen anderen aus !
Auch ein direktes verbinden ist nicht mehr möglich, d. h. ein verbinden indem man es direkt ueber putty zB. versucht.

Es öffnet sich fuer eine hundertstel Sekunde die Conosole der Maschine, auf die man sich verbinden will und dann schliesst er sie sofort wieder.
Man bekommt aber keine Fehlermeldung noch sonst irgendwas.

Ein dmesg hat auch nichts gebracht, ebenso wenig ein Neustart des ssh - Daemons.
Ein svcadm disable und enable wirkte auch nicht.
Der ssh - Daemon wird mit dem Hochfahren des Servers mitgestartet.

Das Ganze ist nach dem Neustart eines Servers passiert.

Weiters habe ich den LogLevel vom ssh erhöht auf DEBUG3, dann noch sshd -ddd gestartet und die Ausgabe sieht dabei so aus:




debug1: sshd version Sun_SSH_1.1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 10.101.7.3 port 4780
debug1: Client protocol version 2.0; client software version PuTTY_Release_0.60
debug1: no match: PuTTY_Release_0.60
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: en-US,i-default
debug2: kex_parse_kexinit: en-US,i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent
debug3: kex_reset_dispatch -- should we dispatch_set(KEXINIT) here? 0 && !0
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: en-US,i-default
debug2: kex_parse_kexinit: en-US,i-default
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug2: mac_init: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: Peer sent proposed langtags, ctos:
debug1: Peer sent proposed langtags, stoc:
debug1: We proposed langtags, ctos: en-US,i-default
debug1: We proposed langtags, stoc: en-US,i-default
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 162/320
debug1: bits set: 516/1024
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 525/1024
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug2: kex_derive_keys
debug3: kex_reset_dispatch -- should we dispatch_set(KEXINIT) here? 0 && !0
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user radmin service ssh-connection method none
debug1: attempt 0 initial attempt 0 failures 0 initial failures 0
debug2: input_userauth_request: setting up authctxt for radmin
debug2: input_userauth_request: try method none
Failed none for radmin from 10.101.7.3 port 4780 ssh2
debug1: userauth-request for user radmin service ssh-connection method keyboard-interactive
debug1: attempt 1 initial attempt 0 failures 1 initial failures 0
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug2: Starting PAM service sshd-kbdint for method keyboard-interactive
debug3: Trying to reverse map address 10.101.7.3.
debug2: Calling pam_authenticate()
debug2: PAM echo off prompt: Password:
debug2: Nesting dispatch_run loop
debug1: got 1 responses
debug2: Nested dispatch_run loop exited
debug1: PAM conv function returns PAM_SUCCESS
debug2: kbd-int: pam_authenticate() succeeded
debug2: kbd-int: success (pam->state == 7)
Accepted keyboard-interactive for radmin from 10.101.7.3 port 4780 ssh2
debug2: Waiting for monitor
debug2: Monitor pid 9781, unprivileged child pid 9784
debug2: Monitor signalled readiness
debug3: Setting handler to forward re-key packets to monitor
debug2: Unprivileged server process dropping privileges
debug1: permanently_set_uid: 10001/10001
debug2: Monitor started
monitor debug3: Recording SSHv2 session login in wtmpx
monitor debug3: not writing utmpx entry
monitor debug1: Entering monitor loop.
monitor debug1: fd 4 setting O_NONBLOCK
monitor debug1: fd 10 setting O_NONBLOCK
debug1: Entering interactive session for SSH2.
debug1: fd 7 setting O_NONBLOCK
debug1: fd 9 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug3: server_init_dispatch_20 -- should we dispatch_set(KEXINIT) here? 1 && !0
debug3: server_init_dispatch_20 -- skipping dispatch_set(KEXINIT) in unpriv proc
debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/pts/2
debug3: tty_parse_modes: SSH2 n_bytes 16
debug3: tty_parse_modes: 3 127
debug3: tty_parse_modes: ispeed 38400
debug3: tty_parse_modes: ospeed 38400
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug1: fd 4 setting TCP_NODELAY
debug1: fd 11 setting O_NONBLOCK
debug2: fd 10 is O_NONBLOCK
debug3: channel_set_wait_for_exit 0, 1 (type: 4)
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 9786
debug1: session_exit_message: session 0 channel 0 pid 9786
debug1: channel request 0: exit-status
debug3: channel_set_wait_for_exit 0, 0 (type: 4)
debug1: session_exit_message: release channel 0
debug1: channel 0: write failed
debug1: channel 0: close_write
debug1: channel 0: output open -> closed
debug1: session_close: session 0 pid 9786
debug1: session_pty_cleanup: session 0 release /dev/pts/2
debug3: Recording SSHv2 channel login in utmpx/wtmpx
debug2: notify_done: reading
debug1: channel 0: read<=0 rfd 11 len 0
debug1: channel 0: read failed
debug1: channel 0: close_read
debug1: channel 0: input open -> drain
debug1: channel 0: ibuf empty
debug1: channel 0: send eof
debug1: channel 0: input drain -> closed
debug1: channel 0: send close
debug3: channel 0: will not send data after close
debug1: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug1: channel 0: is dead
debug1: channel 0: garbage collecting
debug1: channel_free: channel 0: server-session, nchannels 1
debug3: channel_free: status: The following connections are open:
#0 server-session (t4 r256 i3/0 o3/0 fd -1/-1)

debug3: channel_close_fds: channel 0: r -1 w -1 e -1
Connection closed by 10.101.7.3
Closing connection to 10.101.7.3
monitor debug1: Monitor received SIGCHLD.
monitor debug3: Recording SSHv2 session logout in wtmpx
monitor debug3: not writing utmpx entry



Weiss jemand vll an was das liegen kann ?

Es wurde nichts in der Config verändert, sondern nur ein Neustart der Maschine gemacht !

Wenn mir jemand vll einen Tipp geben könnte woran das Problem liegt ?

Danke vielmals

mfG
Byron

Enone
28.02.08, 15:40
Hi,

schonmal nachgeguckt ob der User mit dem du dich einloggen willst in der /etc/passwd richtig gesetzt ist ?
Es öffnet sich fuer eine hundertstel Sekunde die Conosole der Maschine, auf die man sich verbinden will und dann schliesst er sie sofort wieder. <-- klingt als wäre der user auf /bin/false gesetzt oder so.

Gruß