LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 10-22-2007, 06:35 AM   #1
gabsik
Member
 
Registered: Dec 2005
Location: This planet
Distribution: Debian,Xubuntu
Posts: 545

Rep: Reputation: 30
Exclamation sshd issue


I have a linux box as gateway firewall for a lan with 6 machines connected to it by a switch on its eth1 interface.From the gateway i can connect to any host in lan by key exchange with no fuss at all , the problem is connecting from the lan machines to the gateway .This is the output i get from the client trying to connect to the sshd on the gateway machine:
Code:
gabrix@www:~$ scp -P 666 -vv .ssh/id_dsa.pub gabrix@argo:/home/gabrix
Executing: program /usr/bin/ssh host argo, user gabrix, command scp -v -t /home/gabrix
OpenSSH_4.3p2 Debian-9, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to argo [192.168.1.2] port 666.
debug1: Connection established.
debug1: identity file /home/gabrix/.ssh/identity type -1
debug1: identity file /home/gabrix/.ssh/id_rsa type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/gabrix/.ssh/id_dsa type 2
ssh_exchange_identification: Connection closed by remote host
lost connection
On the sshd gateway logs there is no particolar log to look at also because i can't conect to it.Any clue on what is going on will be of great help !
I run a Debian Etch stable 2.6.18-5-686
Thanks !

Last edited by gabsik; 10-22-2007 at 06:38 AM.
 
Old 10-22-2007, 08:04 AM   #2
rjlee
Senior Member
 
Registered: Jul 2004
Distribution: Ubuntu 7.04
Posts: 1,990

Rep: Reputation: 67
It seems from this log that you are successfully connecting to the SSH server, but not authenticating properly. Are you sure that there is nothing in /var/log/messages, /var/log/secure, /var/log/sshd or any similar file?

Code:
key_type_from_name: unknown key type '-----BEGIN'
This like looks like the start of a public or private keyfile, and the error seems to indicate that the file format is wrong. This looks to be a similar message to some other reports of keys generated with old/incompatible versions of the keygen program (http://www.linuxquestions.org/questi...y-type-277341/).

It seems likely that the public key on the server matches the private keys on the other machines, but not the other way around. Try taking a look at the ~/.ssh/id_?sa files on each machine and make sure that the formats look to be the same.

If not, you may need to regenerate the keys to fix this.

The other thing to check is the configuration of the SSHD server on the machine you can't connect to. Make sure that logins are not disabled for the user you are logging in as (gabrix) and that you can actually log in as this user on the console.

Not exactly a solution, but I hope that helps you to find some more information about the problem.

—Robert J Lee
 
Old 10-22-2007, 08:09 AM   #3
wolfperkins
Member
 
Registered: Oct 2007
Location: Val-des-Monts, Québec, Canada
Distribution: CentOS, RHEL, Fedora
Posts: 109

Rep: Reputation: 16
What are the permissions on the gateway folders/files:
$ chmod 700 $HOME/.ssh
$ chmod 600 $HOME/.ssh/authorized_keys

I get this symptom all the time whenever I forget to reset permissions after I setup a new box. Nothing in the server logs indicating that permissions are wrong but still...

Good luck
 
Old 10-23-2007, 05:03 AM   #4
gabsik
Member
 
Registered: Dec 2005
Location: This planet
Distribution: Debian,Xubuntu
Posts: 545

Original Poster
Rep: Reputation: 30
I have formatted the gateway machines permissions are as follow : 700 on .ssh 600 on .ssh/id_dsa* and .ssh/known_hosts . .ssh/authorized_keys is not up yet if hosts can't connect to the gateway it will never be .
The debug output when i try to connect to the gateway is as before:
Quote:
gabrix@mail:~$ ssh -p 666 -vv gabrix@ns1
OpenSSH_4.3p2 Debian-9, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to ns1 [10.0.0.1] port 666.
debug1: Connection established.
debug1: identity file /home/gabrix/.ssh/identity type -1
debug1: identity file /home/gabrix/.ssh/id_rsa type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/gabrix/.ssh/id_dsa type 2
ssh_exchange_identification: Connection closed by remote host
ssh_config is as follows:
Quote:
Host *
# ForwardAgent no
# ForwardX11 no
# ForwardX11Trusted yes
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials no
it's an issue i can't figure out where it comes from and how ,i have reinstalled the openssh packages lot and deleted the .ssh dir on all machines and i still can't connect to my sshd on the gateway , any other help ? please !
 
Old 10-24-2007, 09:28 AM   #5
wolfperkins
Member
 
Registered: Oct 2007
Location: Val-des-Monts, Québec, Canada
Distribution: CentOS, RHEL, Fedora
Posts: 109

Rep: Reputation: 16
For keys to be used you must have the authorized_keys files set up on the gateway.

Can you get to the gateway with password authentication?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
FC4-Starting sshd: Privilege separation user sshd does not exist FAILED kiranherekar Fedora 5 12-29-2005 02:22 PM
Issue with sshd (openssh 3.5p1-6) eid Linux - Security 3 11-21-2005 07:10 AM
sshd (openssh) issue. The_mystiC Linux - Software 3 11-03-2005 08:06 AM
SuSE 8.2 sshd/networking issue.. silasm Linux - Networking 0 03-31-2004 06:20 PM


All times are GMT -5. The time now is 10:22 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration