LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page unable to ssh remote server (firewall turn off)
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 06-27-2011, 07:31 AM   #1
ankitsagwekar
LQ Newbie
 
Registered: Feb 2007
Posts: 19

Rep: Reputation: 0
unable to ssh remote server (firewall turn off)

i m unable to ssh my one centos 5.6 remote server from my one server

plz check below output

Code:
ssh -v root@sxyz.abc.com
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to xxx.abc.com [xx.xx.xx.xx] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: loaded 3 keys
i even turn off all firewall rules on both server

i can able to ssh from my home or any other pc to remote pc so i don't think there is any problem in target pc
 
Old 06-27-2011, 01:09 PM   #2
aysheaia
LQ Newbie
 
Registered: Jun 2011
Distribution: Ubuntu
Posts: 26

Rep: Reputation: Disabled
Normally, after "loaded 3 keys", you should have something like :
Code:
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
[...]
i.e., it is the beginning of the dialog between the local machine and the remote machine.


In order to have more information, you could, for example, increase the level of verbosity in for remote ssh daemon.

Another solution for having more information, but this time on the client side, is to catch all systems calls launched during the execution of the ssh command :
Code:
strace ssh -v remoteuser@remotehost &>/tmp/ssh.out
If, after this command, your terminal gets unusable (it often happens after this kind os test), it' not a problem. Type blindly the reset command :
Code:
reset
File /tmp/ssh.out could give you some hints about the problem.

On my system, thanks to strace, I see what happens after the "debug1: loaded 3 keys" message :
- loading of local file /etc/passwd
- reading of the line of root in the local file /etc/passwd
- reading of the SSHD banner sent by the remote machine ; here : SSH-2.0-OpenSSH_4.3
- ...
 
Old 06-27-2011, 01:40 PM   #3
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,278

Rep: Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694
Code:
ssh -vvvvvvv root@1.1.1.1
post that output.
 
Old 06-27-2011, 09:06 PM   #4
frankbell
LQ Guru
Contributing Member
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,321
Blog Entries: 28

Rep: Reputation: 6141Reputation: 6141Reputation: 6141Reputation: 6141Reputation: 6141Reputation: 6141Reputation: 6141Reputation: 6141Reputation: 6141Reputation: 6141Reputation: 6141
Is the ssh server daemon running on the target computer?
 
Old 06-28-2011, 12:54 AM   #5
ankitsagwekar
LQ Newbie
 
Registered: Feb 2007
Posts: 19

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by szboardstretcher View Post
Code:
ssh -vvvvvvv root@1.1.1.1
post that output.
Code:
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to abc.xyz.com [xx.xx.xx.xxx] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug3: Not a RSA1 key file /root/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: loaded 3 keys
Quote:
Originally Posted by frankbell View Post
Is the ssh server daemon running on the target computer?
yes it's running. i m able to connect from other pc
 
Old 06-28-2011, 02:19 AM   #6
manyrootsofallevil
Member
 
Registered: Dec 2010
Distribution: Red Hat, Kubuntu
Posts: 130

Rep: Reputation: 14
Quote:
Originally Posted by szboardstretcher View Post
Code:
ssh -vvvvvvv root@1.1.1.1
post that output.
There are only 3 debug levels, anything above the third v will get ignored.

ankitsagwekar

It looks like an issue with the root rsa key in the client PC. try to log in with a different user to your client PC and then ssh root@abc.xyz.com
 
Old 06-28-2011, 04:25 AM   #7
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125

Rep: Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781
ankitsagwekar, this is slightly off topic of the question you are asking, you might want to have a look at this thread: http://www.linuxquestions.org/questi...erences-45261/ At the bottom, in post 7, there are several links and tips on how to properly secure your SSH server once you have it running.
 
Old 06-28-2011, 05:24 AM   #8
ankitsagwekar
LQ Newbie
 
Registered: Feb 2007
Posts: 19

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by manyrootsofallevil View Post
There are only 3 debug levels, anything above the third v will get ignored.

ankitsagwekar

It looks like an issue with the root rsa key in the client PC. try to log in with a different user to your client PC and then ssh root@abc.xyz.com
i try from different user still same result

Quote:
Originally Posted by Noway2 View Post
ankitsagwekar, this is slightly off topic of the question you are asking, you might want to have a look at this thread: http://www.linuxquestions.org/questi...erences-45261/ At the bottom, in post 7, there are several links and tips on how to properly secure your SSH server once you have it running.
i don't want to secure my server. my problem is i m not able to ssh to remote server from one specific client ssh from rest of the pc is working fine
Last edited by ankitsagwekar; 06-28-2011 at 05:26 AM.
 
Old 06-28-2011, 02:28 PM   #9
aysheaia
LQ Newbie
 
Registered: Jun 2011
Distribution: Ubuntu
Posts: 26

Rep: Reputation: Disabled
The debug messages below
Quote:
Originally Posted by ankitsagwekar View Post
Code:
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
[...]
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: loaded 3 keys
are exactly identical to the messages one can get when successfully connecting to a CentOS server from a user root having a /root/.ssh/id_rsa file (generated with ssh-keygen). So, at least on the client side, these debug messages give no additional hints.

If the problem is on the local machine, strace may give some hints.
If the problem is between the local machine and the distant machine, tcpdump on either side may give some hints.
 
Old 06-28-2011, 11:47 PM   #10
hhh123
Member
 
Registered: Jul 2009
Location: /
Distribution: centos
Posts: 47

Rep: Reputation: 1
Hi Ankit, I'll suggest to check /etc/hosts.deny and /etc/hosts.allow from remote server and also check you /var/log/secure.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Installed "ipkungfu" firewall onto Headless Server and am unable to ssh into it! JustinUbuntuUser Linux - Server 3 02-28-2011 09:39 PM
Fedora 10/unable to ssh out from box to remote host (SSH within LAN ok) huskeypm Linux - Networking 3 04-14-2009 07:37 PM
I am unable to exit my script that uses ssh to login to a remote server jtbinuya Linux - Newbie 2 06-12-2008 10:17 PM
Reverse SSH to remote client behind a firewall metallica1973 Linux - Networking 7 06-09-2007 10:51 PM
Remote server, unable to SSH anymore Keiser Linux - Newbie 1 05-06-2005 10:13 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:10 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration