LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 02-22-2008, 06:07 AM   #1
apulu
Member
 
Registered: Feb 2008
Posts: 40

Rep: Reputation: 15
sshd server not listening to port 22


I want to ssh to server.

In server,sshd was listening to port 22 before.after that I did something..I dont know what I did..

Now when I give command ,

[root@INNOVATE /]$netstat -tanpl
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:37 0.0.0.0:* LISTEN 36/inetd
tcp 0 0 0.0.0.0:9 0.0.0.0:* LISTEN 36/inetd
tcp 0 0 0.0.0.0:13 0.0.0.0:* LISTEN 36/inetd
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 65/Xhyper255
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN 36/inetd
tcp 0 0 192.168.1.50:23 192.168.1.60:43145 ESTABLISHED 70/in.telnetd

If sshd not listening to port 22 then I cant ssh to server rt??

can anyone help me??

Thanks in advance..

Last edited by apulu; 02-22-2008 at 06:08 AM.
 
Old 02-22-2008, 06:26 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
well have you even tried restarting the ssh service?
 
Old 02-22-2008, 06:50 AM   #3
apulu
Member
 
Registered: Feb 2008
Posts: 40

Original Poster
Rep: Reputation: 15
ohh..
when I run sshd with command

[root@INNOVATE /]$sshd
Privilege separation user sshd does not exist

What is this mean??

Thanks..
 
Old 02-22-2008, 06:54 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
No idea, did you ask google? http://www.google.co.uk/search?q=Pri...does+not+exist
[reads]
ok, so that looks you just have no dedicated sshd user. but you shouldn't just run sshd itself, you have a formal service script you should be running which may take care of that issue depending on how it handles the service setup.

Last edited by acid_kewpie; 02-22-2008 at 06:56 AM.
 
Old 02-22-2008, 07:02 AM   #5
apulu
Member
 
Registered: Feb 2008
Posts: 40

Original Poster
Rep: Reputation: 15
You mean to say I have to run foll command rt??
But I got like this..

[root@INNOVATE /etc]$/etc/init.d/ssh start
bash: /etc/init.d/ssh: No such file or directory

init.d file is not present in /etc

I will see google also now..

Thanks..
 
Old 02-22-2008, 07:11 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
it's normally /etc/init.d/sshd you should ideally already be comfortable with tools like ls or even general gui file manager to be able to look in a given directory for a file name in situations like that.
 
Old 02-22-2008, 07:11 AM   #7
apulu
Member
 
Registered: Feb 2008
Posts: 40

Original Poster
Rep: Reputation: 15
Hey..I have added follow line to /etc/passwd

sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin

Now when I use command netstat I can see sshd listening port 22..

Thank you for your help..

But is it necessory to use command "/etc/init.d/sshd start" ??
(Because I am still not able to do ssh)

Thanks a lot..

Last edited by apulu; 02-22-2008 at 07:12 AM.
 
Old 02-22-2008, 07:16 AM   #8
apulu
Member
 
Registered: Feb 2008
Posts: 40

Original Poster
Rep: Reputation: 15
Another thing is ..can you tel me why I am getting so many sshd running when I use follw command..??

Is this is giving problem??

[root@INNOVATE /etc]$ps -ef | grep sshd
root 228 1 ? STIME 0,0 00:00:00 [sshd]
root 232 228 ? STIME 0,0 00:00:00 [sshd]
root 233 232 ? STIME 0,0 00:00:00 [sshd]
root 235 228 ? STIME 0,0 00:00:00 [sshd]
root 236 235 ? STIME 0,0 00:00:00 [sshd]
root 238 1 ? STIME 0,0 00:00:00 [sshd]

Thanks..

Last edited by apulu; 02-22-2008 at 07:45 AM.
 
Old 02-22-2008, 07:43 AM   #9
apulu
Member
 
Registered: Feb 2008
Posts: 40

Original Poster
Rep: Reputation: 15
I started this thread with one prob..that is solved..

Dont mind..I am starting to ask new problems now..

When I start ssh,it hangs like follow..

[root@INNOVATE .ssh]$ssh -vvv 192.168.1.50
OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.50 [192.168.1.50] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.7.1p2
debug1: match: OpenSSH_3.7.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2
debug3: RNG is ready, skipping seeding
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
-----------------------------------------------
and also I saw in google for WARNING: Privilege separation user sshd does not exist..
someone told like..

this situation you should create a sshd user and group:
- add a "sshd" group with GID 22
- add a "sshd" user with UID 22, with shell "nologin" and home dir /var/empty.


Is there any relation between this solution and where I am hanging while doing ssh..??

Thank you..

Last edited by apulu; 02-22-2008 at 07:44 AM.
 
Old 02-22-2008, 10:53 PM   #10
apulu
Member
 
Registered: Feb 2008
Posts: 40

Original Poster
Rep: Reputation: 15
Can anyone help me to resolve this??

Thank you..
 
Old 02-23-2008, 03:00 AM   #11
apulu
Member
 
Registered: Feb 2008
Posts: 40

Original Poster
Rep: Reputation: 15
Hey..I got sshd debug information like this..

[root@INNOVATE /]$sshd -d
debug3: RNG is ready, skipping seeding
debug2: read_server_config: filename /etc/ssh/sshd_config
debug1: sshd version OpenSSH_3.7.1p2
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Bind to port 22 on 0.0.0.0 failed: Address already in use.
Cannot bind any address.

What is this mean??

What I can do to resolve this??

Thank you..
 
Old 02-23-2008, 03:35 AM   #12
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
i've twice said you need to use the proper service scripts. you can't just start sshd in itself and have a healthy system. as you've not heeded that advice you appear to have manaully hacked in an sshd user and all sorts which is really bad system management. use the sysvinit script correctly.
 
Old 02-25-2008, 04:02 AM   #13
apulu
Member
 
Registered: Feb 2008
Posts: 40

Original Poster
Rep: Reputation: 15
I am new to this..
service command and sysvinit script are not installed in my system..

Thank you..
 
Old 02-25-2008, 04:24 AM   #14
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
I'm sure they are. did you install ssh yourself from source? if not they will be there. From you're perspective, you're probably best looking for a service control gui tool in your desktop menus, but you probably do have /etc/init.d/sshd to use to gracefully and correctly stop and start services.
 
Old 02-25-2008, 04:39 AM   #15
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,005
Blog Entries: 11

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
Out of curiosity: which distro are you using apulu?


That may hint us in the right direction with helpful suggestions.



Cheers,
Tink
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
sshd listening on 80 Xeratul Linux - Software 8 05-28-2007 03:29 PM
Find the port on which Apache server is listening sharathkv Programming 5 04-14-2007 03:11 PM
server listening on port 22 and attempted logins from an unauthorized user kevinlyfellow Linux - Networking 2 03-24-2005 11:41 PM
How to change listening port of echo server [RH9]? immer Linux - Networking 5 11-29-2003 05:30 PM
X server crashing - port listening time112852 Linux - Software 9 10-06-2003 01:20 PM


All times are GMT -5. The time now is 08:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration