I don't know how .
How can I setup the server ?
With command lines ?
What command lines ?
How can I make a connection ( if ssh terminates ... )?
Would you kindly provide some more detailed directions ?

I am very thankful for your help but I really don't know how to apply your directions .
Please support me with steps to apply them if you can.

Thanks

It is hard to supply more instructions. You already did it once. You just didn't make a connection needed for sshd to create a log of.

do you mean,
# service sshd stop
then
# /usr/sbin/sshd -d -e
??
I posted the output here without a connection ?
how can i make the connection then ?
I think I told you that I am using the server to make a remote-access on the server itself .
then what connections do you mean ?
How Can I connect the server to itself ?

If within lan, there's no need to stop the current sshd process (smart cause if your existing ones dies you're unable to connect)

will cause a new sshd process to attach to port 2000

once that has started and you see logging info such as (listening on port 2000, etc)
then run this command

The sshd debug server should then spout out info about the connection. That is the relevant information.

This may help explain as well.
http://www.linuxquestions.org/questi...7/#post5378041

1 members found this post helpful.

as a user ,
$ /usr/sbin/sshd -d -p 2000
I got :
/etc/sshd/sshd_config : Permission denied

So, I logged in as root ( to be able to access /usr/sbin/sshd directory
# service sshd stop
#/usr/sbin/sshd -d -p 2000

I got a log until I found ( Server listening on :: port 2000)
Then I pressed Ctrl+C to be able to enter the next command line

# ssh -vvv -p 2000 user@host

I got :
[
OpenSSH_5.3p1, OpenSSL 1.0e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: connecting to master [192.168.0.200] port 2000.
debug1: connect to address 192.168.0.200] port 2000: connection refused
ssh: connect to host master port 2000: connection refused
]

Can you figure out where the problem is and how to solve it ?

Many thanks for your help

#ssh -v user@host

gives the following output :

OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to master [192.168.0.200] port 22.
debug1: Connection established
debug1: permenantly_set_uid: 0/0
debug1: identity file /home/em/.ssh/identity type -1
debug1: identity file /home/em/.ssh/identity-cert type -1
debug1: identity file /home/em/.ssh/id_rsa type -1
debug1: identity file /home/em/.ssh/id rsa-sert type -1
debug1: identity file /home/em/.ssh/id_dsa type -1
debug1: identity file /home/em/.ssh/id_dsa_cert type -1
debug1: identity file /home/em/.ssh/id_ecdsa type -1
debug1: identity file /home/em/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server-> client aes128-ctr hmac-md5 none
debug1: kex: client-> server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT_SENT
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host"master" is known and matches the RAS host key.
debug1: Found key in /root/.ssh/known_hosts:6
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey, gssapi-keyex,gssapi-with-mic,password
debug1: Nest authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Next authentication method: password
user@host's password:
Terminated
]


#iptables -L -n

gives :
[ Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
]

Can someone help please ?
A problem with ( password authentication method )
causes ssh to terminate ?
how to solve ?

Thanks

does
/etc/ssh/ssh_config
or
/etc//ssh/sshd_config files
need to be checked ?
What shall they have or what may need to be changed ?
Do you think some part of the file is causing the problems ?

I suppose I wasn't clear.

You started the debug server correctly which should be run server side

Then on client side you should run the ssh -vvv user@host command.

From what I read, you started the debug server, then killed the server, then tried to connect to it - all from the same computer.
You'll need two terminal windows for this.
One for starting the sshd server when connected to the server (or doing it locally on the server)
and one for the client connecting to that debug sshd process. The info when the client connects to the server (both client (ssh-vvv) and server side (sshd) is what is needed.)

We don't know why the server is terminating after the connection. I rather doubt there is anything wrong with the configuration files. For one thing, the default configuration files only document what the tools are compiled with for defaults, so normally, they would be all commented out. Only those entries that might be different are uncommented - and those might be the language used, address listened on, the port used, where sftp are, and which authentications to use (either by being disabled, or enabled).

If the configurations were really bad, sshd won't even start.

I was trying to use the same computer as a server and as client .
I am using the server to make a local connection on the server itself . ( not on another client )
I am using the " ssh " on the server to make connection on the same server ( now acting as a client )
do you think that this process is impossible ?

Thanks for your help

Well , I think you meant opening two terminal windows on the same computer .
on The first terminal I typed :
# /usr/sbin/sshd -d -p 2000
got a debug until ( Server listening on port 0.0.0.0 port 2000)
Then I opened a new terminal window ,
Typed:
#ssh -vvv -p 2000 user@host
got a long debug until I was asked for the user's password and when I typed it I got a debug list on both the server side and the client side ( side == terminal window )
On the client side :

debug3: packet_send2: adding 64 ( len 49 padlen 15 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug3: wrote 144 bytes for a total of 1421
debug1: Authentication succeeded ( password)
debug1: channel 0: new [client_session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session
debug3: wrote 128 bytes for a total of 1549
debug2: callback start
debug2: client_session_setup: id 0
debug2: channel 0 : request pty-req confirm 1
debug1: sending enviroment
debug3: Ignored env ORBIT_SOCKETDIR
debug3: Ignored env SSH_AGENT_PID
debug3: Ignored env HOSTNAME
debug3: Ignored env TERM
debug3: Ignored env SHELL
debug3: Ignored env HISTSIZE
debug3: Ignored env XDG_SESSION_COOKIE
debug3: Ignored env GTK_RC_FILES
debug3: Ignored env WINDOWID
debug3: Ignored env QTDIR
debug3: Ignored env QTINC
debug3: Ignored env ANT_HOME
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env GNOME_KEYRING_SOCKET
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env SESSION_MANAGER
debug3: Ignored env PATH
debug3: Ignored env MAIL
debug3: Ignored env PWD
debug3: Ignored env JAVA_HOME
debug1: Sending env LANG= en_US.UTF-8
debug2: Channel 0: request env confirm 0
debug3: Ignored env KDE_IS_PRELINKED
debug3: Ignored env KDEDIRS
debug3: Ignored env SSH_ASKPASS
debug3: Ignored env HISTCONTROL
debug3: Ignored env HOME
debug3: Ignored env SHLVL
debug3: Ignored env GNOME_DESKTOP_SESSION_ID
debug3: Ignored env LOGNAME
debug3: Ignored env QTLIB
debug3: Ignored env CVS_RSG
debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
debug3: Ignored env CLASSPATH
debug3: Ignored env LESSOPEN
debug3: Ignored env WINDOWPATH
debug3: Ignored env DISPLAY
debug3: Ignored env G_BROKEN_FILENAMES
debug3: Ignored env COLORTERM
debug3: Ignored env XAUTHORITY
debug3: Ignored env_
debug2: channel 0: request shell confirm 1
debug2: fd3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: Wrote 448 bytes for a total of 1997
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Enviroment:
LANG=en_US.UTF-8
USER=em
LOGNAME=em
HOME=/home/em
PATH=/usr/local/bin"/bin:/usr/bin
MAIL=/var/mail/em
SHELL=/bin/bash
SSH_CLIENT=192.168.0.200 35706 2000
SSH_CONNECTION= 192.168.0.200 35706 192.168.0.200 2000
SSH_TTY=/dev/pts/3
TERM=xterm
SELINUX_ROLE_REQUESTED=
SELINUX_LEVEL_REQUESTED=
SELINUX_USE_CURRENT_RANGE=
[em@master ~] $ debug2: client_check_window_change: changed
debug2: channel 0: request window-change confirm 0
debug3: wrote 64 bytes for a total of 2061

According to that it worked.

What was the other side?

on The server side :
[

Server listening on 0.0.0.0 port 2000
debug1: Bind to port 2000 on ::.
Server listening on port 2000.
debug1: Server will not fork when running in debugging mode
debug1: rexec start in 5 out 5 newsock 5 pipe 0l sock 8
debug1: inetd sockets after dupping: 3,3
connection form 192.168.0.200 port 35706
debug1: Client protocol version 2.0; Client software version OpenSSH_5.3
debug1: match: openSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: permenantly_set_uid: 74/74
debug1: list_hostkey_types: ssh-rsa, ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client -> server aes128-ctr hmac-md5 none
debug1: kex: server -> client aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user em service ssh-connection method none
debug1: attempt 0 failures 0
debug1: PAM: initializibg for "em"
debug1: PAM: setting PAM_RHOST to "master"
debug1: PAM: setting PAM_TTY to "ssh"
debug1: userauth-request for user em service ssh connection method password
debug1: attempt 1 failures 0
debug1: PAM: password authentication accepted for em
debug1: do_pam_account: called
Accepted password for em from 192.168.0.200 port 35706 ssh2
debug1: monitor_child_preauth: em has been authenticated by privileged process
debug1: temporarily_use_uid: 506/506 (e=0/0)
debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism
debug1: restore_uid: 0/0
debug1: SELinux support enabled
debug1: PAM: establishing credentials
debug1: temporarily_use_uid: 506/506 (e=0/0)
debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism
debug1: restore_uid: 0/0
User child is on pid 31226
debug1: PAM: establishing credentials
debug1: permanently_use_uid: 506/506
debug1: Entering interactive session for SSH2
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_global_request: rtype no-more-sessions@openssh.com want_reply 0
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty_req
debug1: allocating pty.
debug1: session_new: session 0
lastlog_openseek: /var/log/lastlog is not a file or directory!
lastlog_openseek: /var/log/lastlog is not a file or directory!
debug1: session_pty_req: session 0 alloc /dev/pts/3
debug1: server_input_channel_req: session 0 req env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug1: setting controlling tty using TIOCSCTTY.
debug1: server_input_channel_req: channel 0 request window-change reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req window_change

then waiting waiting waiting ....

]

Did you observe that it worked?

It might be a good idea to check on "lastlog_openseek: /var/log/lastlog is not a file or directory!". It is possible that it doesn't exist. This is not a fatal error.

a file named ( last log) does exists in the directory /var/log.