LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (http://www.linuxquestions.org/questions/linux-software-2/)
-   -   SSH/rdesktop - cannot configure SSHD server (http://www.linuxquestions.org/questions/linux-software-2/ssh-rdesktop-cannot-configure-sshd-server-4175459226/)

linuxman2013 04-23-2013 02:07 AM

SSH/rdesktop - cannot configure SSHD server
 
My Ubuntu won't allow SSH connections to the SSH serveron my BT5R2. Putty closes the connections and displays a "Connection reset by peer" err msg. Nmap 192.168.x.x shows that SSHD is active and running on the remote machine, port 22. The cmdline of SSH version doesn't work either.

The instructions I followed are confusing! Can somone explain how to set up a secure SSHD daemon on BT5R2, step by step. The guides recommend using puttygen for the pub key and then saving it to a file, some recommend using openssh.

I can't figure the conf file and pub/private keys. I got vsftp up and running on port 21. Now I want to use rdesktop through a ssh tunnel.

evo2 04-23-2013 06:57 PM

Hi,

you should check the logs on the machine running sshd. Start with looking at /var/log/auth.log. If you don't find the information you need there, then try running an instance of sshd in dbug mode which will output even more information. You may also make more progress using "ssh -vvv localhost" to debug the problem.

Evo2.

PS. When using obscure acronyms (version numbers?) like "BT5R2" it's best to define them.

linuxman2013 04-23-2013 11:42 PM

@evo2 Now I'm even more perplexed! The authlog file shows....

Mar 23 09:39:01 bt CRON[2162]: pam_unix(cron:session): session closed for user root
Mar 23 10:09:01 bt CRON[2395]: pam_unix(cron:account): account root has password changed in future
Mar 23 10:09:01 bt CRON[2395]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 23 10:09:01 bt CRON[2395]: pam_unix(cron:session): session closed for user root
Mar 23 10:17:01 bt CRON[2437]: pam_unix(cron:account): account root has password changed in future
Mar 23 10:17:01 bt CRON[2437]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 23 10:17:01 bt CRON[2437]: pam_unix(cron:session): session closed for user root
Mar 23 10:39:02 bt CRON[2519]: pam_unix(cron:account): account root has password changed in future
Mar 23 10:39:02 bt CRON[2519]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 23 10:39:02 bt CRON[2519]: pam_unix(cron:session): session closed for user root

when I used the -vvv switch on the client end, I got the following:

joe@name-comp-000:~$ ssh -vvv sshuser@192.168.1.27
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.27 [192.168.1.27] port 22.
debug1: connect to address 192.168.1.27 port 22: Connection refused
ssh: connect to host 192.168.1.27 port 22: Connection refused

sshuser exists on the server, the machine running sshd. So, all this leads me to believe that its either a problem with the way its configured or a pub/pri key issue. Anyone know of an easy to follow guide? I don't have access to the GUI version puttygen, btw.

evo2 04-24-2013 12:08 AM

Hi,

you need to look at the lines in auth.log with timestamps that correspond to when you are trying to ssh to that machine. That doesn't seem to be the case with what you have posted.

You could do the following: open open to terminals on 192.168.1.27.

In the first terminal, run
Code:

tail -f /var/log/auth.log
This will output all new lines as they are added to this log file (Ctrl-C to exit).

Then in the second terminal run:
Code:

ssh -vvv sshuser@localhost
Then look at the output in both terminals.

Evo2.

linuxman2013 04-24-2013 06:55 PM

@evo2 It appears that the output on the window load with the tail cmd is the same on BT5R3 (BackTrack5r3). I tried executing the ssh -vvv cmd in a seperate terminal to see if the first window would dynamically update. Every time I invoke the ssh cmd it get a "Connection refused" err msg.

Heres the ouput:

First terminal (load with tail -f)

Code:

root@bt:~# tail -f /var/log/auth.log
Mar 24 06:15:54 bt su[1118]: pam_unix(su:session): session closed for user postgres
Mar 24 06:17:01 bt CRON[1543]: pam_unix(cron:account): account root has password changed in future
Mar 24 06:17:01 bt CRON[1543]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 24 06:17:01 bt CRON[1543]: pam_unix(cron:session): session closed for user root
Mar 24 06:25:01 bt CRON[1556]: pam_unix(cron:account): account root has password changed in future
Mar 24 06:25:01 bt CRON[1556]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 24 06:25:08 bt login[1406]: pam_unix(login:account): account root has password changed in future
Mar 24 06:25:11 bt login[1406]: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Mar 24 06:25:11 bt login[1617]: ROOT LOGIN  on '/dev/tty1'
Mar 24 06:25:20 bt polkitd(authority=local): Registered Authentication Agent for session /org/freedesktop/ConsoleKit/Session3 (system bus name :1.11 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Mar 24 06:39:01 bt CRON[2077]: pam_unix(cron:account): account root has password changed in future
Mar 24 06:39:01 bt CRON[2077]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 24 06:39:01 bt CRON[2077]: pam_unix(cron:session): session closed for user root

Second terminal (ssh -vvv)
Code:

root@bt:~# ssh -vvv sshuser@localhost
OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 22.
debug1: connect to address ::1 port 22: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: connect to address 127.0.0.1 port 22: Connection refused
ssh: connect to host localhost port 22: Connection refused

Any suggestions? I think I might need to re-install ssh and start from sq 1.

evo2 04-24-2013 07:25 PM

Hi,

are you really sure that sshd is running? You should be able to see the process with:
Code:

ps aux|grep sshd
If, it is really running, are you sure it is on port 22? Do you see anything with the following?
Code:

netstat -an | grep LISTEN | grep tcp | grep 22
Evo2.

linuxman2013 04-24-2013 07:59 PM

@evo2 I re-installed ssh and now its like I cannot connect as root or sshuser. Heres what it the logs look like.

First terminal:

Code:

root@bt:~# tail -f /var/log/auth.log
Mar 24 06:15:54 bt su[1118]: pam_unix(su:session): session closed for user postgres
Mar 24 06:17:01 bt CRON[1543]: pam_unix(cron:account): account root has password changed in future
Mar 24 06:17:01 bt CRON[1543]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 24 06:17:01 bt CRON[1543]: pam_unix(cron:session): session closed for user root
Mar 24 06:25:01 bt CRON[1556]: pam_unix(cron:account): account root has password changed in future
Mar 24 06:25:01 bt CRON[1556]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 24 06:25:08 bt login[1406]: pam_unix(login:account): account root has password changed in future
Mar 24 06:25:11 bt login[1406]: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Mar 24 06:25:11 bt login[1617]: ROOT LOGIN  on '/dev/tty1'
Mar 24 06:25:20 bt polkitd(authority=local): Registered Authentication Agent for session /org/freedesktop/ConsoleKit/Session3 (system bus name :1.11 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
Mar 24 06:39:01 bt CRON[2077]: pam_unix(cron:account): account root has password changed in future
Mar 24 06:39:01 bt CRON[2077]: pam_unix(cron:session): session opened for user root by (uid=0)
Mar 24 06:39:01 bt CRON[2077]: pam_unix(cron:session): session closed for user root

Second terminal:

Code:

root@bt:~# ssh -vvv sshuser@localhost
OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 22.
debug1: connect to address ::1 port 22: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: connect to address 127.0.0.1 port 22: Connection refused
ssh: connect to host localhost port 22: Connection refused

Lets see how it looks after the system update...

evo2 04-24-2013 08:18 PM

Hi,

I still don't see anything from sshd in auth.log. Please confirm it is really running as per post #6.

Evo2.

linuxman2013 04-24-2013 09:50 PM

Evo2 yes, its running on port 22. I ran nmap localhost. Post #7 shows the output of ssh -vvv after I re-installed. I cannot login in using the root acnt or sshuser the I created. I'm starting to think I'm better off ditching BT5R3. any suggestions?

evo2 04-24-2013 10:15 PM

Hi,

ok it's strange that we don't see anything from sshd in auth.log (it is also strange to see those messages about the root password being changed in the future, I guess your clock was wrong at some point). If you want to continue to work on this I'd suggest running ssd in debug mode on a higher port and then trying to ssh to it. So, in one terminal:

Code:

/usr/sbin/sshd -p 6666 -d
Then in another terminal
Code:

ssh -p 6666 -vvv localhost
The output in the first terminal should help.

I've never head of BT5R3 (best I've been able to work out from what you've posted is that it appears to be derived from Debian). Best distro depends on what you want to do with it. Debian itself is quite flexible and is often a good choice... other distros are available...

Evo2.

linuxman2013 04-25-2013 01:25 PM

@Evo2 This is what we call a brain fart in the USA. I can't figure it out! I tried executing the cmds using the port settings and debug methods you suggested. Take a look at the output

Frist Terminal (sshd -p 6666)
Code:

root@bt:/usr/sbin# sshd -p 6666 -d
sshd re-exec requires execution with an absolute path
root@bt:/usr/sbin# dir | less
root@bt:/usr/sbin# /usr/sbin/sshd -p 6666 -d
debug1: sshd version OpenSSH_5.3p1 Debian-3ubuntu7
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-p'
debug1: rexec_argv[2]='6666'
debug1: rexec_argv[3]='-d'
debug1: Bind to port 6666 on 0.0.0.0.
Server listening on 0.0.0.0 port 6666.
debug1: Bind to port 6666 on ::.
Server listening on :: port 6666.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
Connection from ::1 port 35275
debug1: Client protocol version 2.0; client software version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7
debug1: permanently_set_uid: 102/65534
debug1: list_hostkey_types:
No supported key exchange algorithms
debug1: do_cleanup
debug1: do_cleanup

Second Terminal (ssh -p 666 -vvv)
Code:

root@bt:~# ssh -p 6666 -vvv localhost
OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 6666.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 792 bytes for a total of 831
Read from socket failed: Connection reset by peer


Yes, the clock on my BT5R3 (BackTrack5r3) is wrong. It's actually a test machine on my network. BackTrack5 is a debian based distro, which is now known as Kali Linux. I have decided to set up a SSHD server on a Windows box to see if I get the same results when connecting to it from my Ubuntu. Any other suggestions? Do you know of any utilities such as sshd? I want to ultimately connect rdesktop through a ssh tunnel....its a lot more complicated that I thought.

linuxman2013 04-25-2013 11:41 PM

@Evo2 I got SSHD working on WinXP. So, now I know its some kind of config issue. BT5R3 isn't accepting the connection...I bet its a simple fix. Unfortunately, the BT5 forum is closed! :( Lets see what google has to say...thanks for trying!

evo2 04-26-2013 12:01 AM

Hi,

the output from sshd indicates that there are no host key files. I think reconfiguring the package should generate them. eg
Code:

dpkg-reconfigure openssh-server
Evo2.

linuxman2013 04-26-2013 01:08 PM

evo2 I knew all along it was trivial. Thats exactly what I had suspected since I never generated keys in the first place. I also noticed that the Win version of Freesshd requires users to generate a "RSA" key. Now it actually works! Thanks to your suggestion. You're awesome Evo2! You're a good friend! Now all I have to do is figure how to tunnel rdesktop through the tunnel...stay tuned....

linuxman2013 04-29-2013 07:02 AM

OK. Everything is in order. Now its time for us to clarify. Evo2, can you please explain the significance of generating keys using openssh's cipher?


All times are GMT -5. The time now is 09:36 AM.