LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
LinkBack Search this Thread
Old 02-05-2013, 11:49 PM   #1
zousheng
LQ Newbie
 
Registered: Feb 2013
Location: China
Posts: 27

Rep: Reputation: Disabled
ssh hanging after login authentication succeeded


When I try to login the remote server CentOS,use
ssh -v user@server, after inputing the password, it is hanging

.............................
debug1: authentication succeeded (password)
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
, also checked the /var/log/secure, it indicates authentication succeeded, and the traceroute and ping command confirmed the no packet loss during the transimition. Any idea?
 
Old 02-06-2013, 12:17 AM   #2
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,778
Blog Entries: 4

Rep: Reputation: 282Reputation: 282Reputation: 282
No need to use -v option with ssh. It stands for verbose mode, and causes ssh to print debugging messages about its progress.
Instead use either no option or just -l, as:-
Code:
~$ ssh user@server
OR
~$ ssh -l user server
So once try it. If it does not help, then the problem could be in user's profile on remote CentOS server.
 
Old 02-06-2013, 12:53 AM   #3
zousheng
LQ Newbie
 
Registered: Feb 2013
Location: China
Posts: 27

Original Poster
Rep: Reputation: Disabled
yes, i used the -v just want to see the log information,(I tried the method u mentioned, not working) I just found another information in /var/log/message

Feb 5 19:39:16 auditd[2977]: Audit daemon rotating log files
Feb 6 02:47:46 sudo: pam_ldap: error trying to bind as user "uid=****" (Invalid credentials)
Feb 6 04:37:28 auditd[2977]: Audit daemon rotating log files
, I am gussing it's about the ldap issue, but not sure
any idea?
 
Old 02-06-2013, 01:31 AM   #4
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,778
Blog Entries: 4

Rep: Reputation: 282Reputation: 282Reputation: 282
After entering password and waiting, can you enter inside the session?

It sounds problem with your authentication server/services.
Can you ping the directory server i.e. ldap server or can make a search on that server from some other server? Also check if directory services are up and running properly on ldap server.

For testing ldap services, you can ask someone else to login on the remote CentOS server. If he can login without any problem, then issue will be with your username only. Otherwise, it will be an issue with ldap authentication.

However, these cmds should work fine:-
Code:
~$ ssh user@server
~$ ssh -l user server
 
Old 02-06-2013, 02:25 AM   #5
zousheng
LQ Newbie
 
Registered: Feb 2013
Location: China
Posts: 27

Original Poster
Rep: Reputation: Disabled
Thanks very much, I can login the server, and see the ldap process is running ,and also run the command ldapsearch -x -LLL -u -t "(uid=xyz)" in the ldap server, it can show my ifnormation. Still confused.
???
 
Old 02-06-2013, 03:15 AM   #6
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,778
Blog Entries: 4

Rep: Reputation: 282Reputation: 282Reputation: 282
Quote:
Originally Posted by zousheng View Post
Thanks very much, I can login the server, and see the ldap process is running ,and also run the command ldapsearch -x -LLL -u -t "(uid=xyz)" in the ldap server, it can show my ifnormation. Still confused.
???
Which server - ldap or your CentOS? Ldapsearch cmd is running ok means ldap server/services are up and running.
I had asked that can you login into your session on CentOS server after entering your password?

But still you have to check:

1) Are you sure that your CentOS server authenticates users through Ldap OR it consults any local or NIS passwd file?

2) If login is successful in CentOS, but it's slow in loading your shell, then problem is with your own user profile (could be with .bashrc, .cshrc, .profile. or .login).

3) If after entering password, it cannot go inside your session and cannot load your shell, then problem might be with authentication process. You will also need to check your password on different machines, so you can make sure that your password is ok.
 
Old 02-06-2013, 03:54 AM   #7
zousheng
LQ Newbie
 
Registered: Feb 2013
Location: China
Posts: 27

Original Poster
Rep: Reputation: Disabled
I mean i can login the LDAP server and check the ldap, not the server A (let's say)i am trying to connect. I can login server A from other site (Let's say USA server B, i can login B first, then ssh to A,and login the session can run any commands, if i ssh to A directly from my local laptop, it's not working). thx
 
Old 02-09-2013, 06:25 PM   #8
zousheng
LQ Newbie
 
Registered: Feb 2013
Location: China
Posts: 27

Original Poster
Rep: Reputation: Disabled
Any update? this maybe the firewall or some other issue, but can't be identified so far.
 
Old 02-09-2013, 08:16 PM   #9
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,524
Blog Entries: 51

Rep: Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601
Quote:
Originally Posted by zousheng View Post
Any update? this maybe the firewall or some other issue, but can't be identified so far.
HUh? Updates should come from you I'd think. You're the one who's able to log in to machine A and check its SSH daemon log file, firewall and so on...
 
Old 02-10-2013, 01:17 AM   #10
fortran
Member
 
Registered: Nov 2011
Location: Cairo, Egypt
Distribution: CentOS, RHEL, Fedora
Posts: 265
Blog Entries: 2

Rep: Reputation: 48
As you said u have tried shivaa`s first post solution but it is not working 4 u.
Have you tried to connect server using other host. If it is connected through other system of same lan then it is ur system's fault.
Connect ur server with other system and save your ssh public file (id_dsa.pub or id_rsa.pub) in ssh directory of server as filename `authorized_keys`.now it will not ask password for your system.now try once does it still hang?
 
Old 02-10-2013, 01:18 AM   #11
zousheng
LQ Newbie
 
Registered: Feb 2013
Location: China
Posts: 27

Original Poster
Rep: Reputation: Disabled
Actually, i can only see the logs, for firewall, i have no access. these 2 machine are located in different country and use vpn to connect, we have got touch with our network security team, they proved it's ok in firewall, the packet is right, no policy block the packet, then we are stuck here. We tried to create a local account in that machine, and ssh to that server with that local account, but still failed. ping is ok,no packet loss.

Last edited by zousheng; 02-10-2013 at 01:19 AM.
 
Old 02-10-2013, 01:23 AM   #12
zousheng
LQ Newbie
 
Registered: Feb 2013
Location: China
Posts: 27

Original Poster
Rep: Reputation: Disabled
My laptop is win7, use putty to connect the server, guess no need to install ssh in win7, right? I can login to that server in US server (login us server successfully, then ssh to that server), but not working in our country.
 
Old 02-10-2013, 01:42 AM   #13
zousheng
LQ Newbie
 
Registered: Feb 2013
Location: China
Posts: 27

Original Poster
Rep: Reputation: Disabled
I tried to upload my ssh public key (my win7 has a centos VM, i just create ssh key pair), i logined that server via US server, and uploaded my public key to the server .ssh/authorized_keys, still not working, from the debug information, we can see the password authentication has succeeded, still hanging there. Ctrl + c doesn't work either.

Last edited by zousheng; 02-10-2013 at 01:44 AM.
 
Old 02-10-2013, 01:51 AM   #14
fortran
Member
 
Registered: Nov 2011
Location: Cairo, Egypt
Distribution: CentOS, RHEL, Fedora
Posts: 265
Blog Entries: 2

Rep: Reputation: 48
That info u have shared first time. Yes u r right no need to install ssh in windows seven.
If it is asking for password it means you will be logged into user's home directory.
I havent used password to loginto serrver.generally people use .pem file to login so they will be jailed in particular directory for using only given directory.do u not have pem file of srrver? So using ssh -i u can log in.
 
Old 02-10-2013, 02:15 AM   #15
smbhandary
LQ Newbie
 
Registered: Jan 2013
Distribution: RHEL and AIX ( sort of )
Posts: 18

Rep: Reputation: Disabled
based on my understanding of the problem statement :

suggested checks to be done sequentially ie if step 1 dont work, fix it before going to the next step.

1. Get clear about authentication method used whether local / nis / ldap.
2. Get clear about the impact area ie is only one user impacted or is it impacting all users .
3. If the problem is impacting all users then focus on the authentication service and the services it depends
4. If nis / ldap , validate or confirm that the authentication method is working as designed.
5. If the users home directory is automounted, ensure nfs , automount and portmap services are working as designed.
6. If the problem is impacting a single user, then validate / check the users profile.
7. Check on the ownership and permissions of the users home directory. Linux is finicky about permissions on an ids home.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Is ssh keys authentication more secure than password authentication? GrepAwkSed Linux - Security 6 03-17-2012 08:25 PM
configure ssh authentication using password file and sftp/scp authentication using ld cameliab Linux - Software 1 08-29-2011 03:28 AM
clogin automated login with key-based ssh authentication m4rtin Programming 4 01-25-2010 12:06 PM
pam_mount Authentication and SSH Password-Less Login MailleMan Linux - Software 3 07-22-2009 04:06 PM
Login Hanging????? suseuser Linux - Software 1 06-21-2004 03:38 PM


All times are GMT -5. The time now is 10:33 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration