LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 05-04-2004, 06:58 PM   #1
nixel
Member
 
Registered: Apr 2004
Location: USA
Distribution: Slackware 9.1
Posts: 71

Rep: Reputation: 15
ssh setup slack 9.1


im having trouble setting up my ssh daemon. the documentation i read assumes you basically know how ssh works. i dont. the daemon isnt starting when i boot and i get an error.

"Privilege separation user sshd does not exist"

what does this mean?

ive searched this forum and found nothing helpful in slackware to setup an ssh daemon. most say that sshd runs on a fresh install. yes..this was the case. but somewhere between the fresh install (6 hrs ago) and now, ssh is no longer seen on netstat -l and everytime i try to start/restart it i get the "Privilege separation user sshd does not exist" error. once this is done im still lost? any have the time to walk me through the basics?
 
Old 05-04-2004, 07:09 PM   #2
ringwraith
Senior Member
 
Registered: Sep 2003
Location: Indiana
Distribution: Slackware-current
Posts: 1,244

Rep: Reputation: 47
Did you choose to make ssh run as a service (which makes it executable). You can check it with pkgtool.

Did you install your own kernel, was ssh working until that point. In which case perhaps a compile option maybe. I see the 2.6.5 in your sig.
 
Old 05-04-2004, 10:11 PM   #3
Cerbere
Member
 
Registered: Dec 2002
Location: California
Distribution: Slackware & LFS
Posts: 799

Rep: Reputation: 33
It'll be a lot easier for readers to help you if you can tell us what changes you've made in those six hours, since one or more of those changes apparently borked sshd.

In the meantime, look through the file /etc/passwd to see if there's a user named 'sshd'

Enjoy!
--- Cerbere
 
Old 05-04-2004, 10:15 PM   #4
shilo
Senior Member
 
Registered: Nov 2002
Location: Stockton, CA
Distribution: Slackware 11 - kernel 2.6.19.1 - Dropline Gnome 2.16.2
Posts: 1,132

Rep: Reputation: 49
Yeah, I think ringwraith is on to something, there. So sshd was working just fine after your frsh install. Six hours later, it doesn't work any more. What did you do in the last six hours?

Post up some specifics, and someone can probably help you out. Of everything I run on my computer, sshd has given me the least amount of trouble. I'm guessing the same as ringwraith, probably a kernel compilation error. Of course it's a total shot in the dark, since all we really know is that you are trying to run sshd( though we have a pretty good idea that you are running Slackware, probably 9.1, and probably with the 2.6.5 kernel).

Does the user sshd exist on your computer (look in /etc/passwd)?

Check out his site, maybe there is some help there: http://www.citi.umich.edu/u/provos/ssh/privsep-faq.html

Kinda confusing? This one seemed more to the point: http://www.unixguide.net/comments/su...shtml/37.shtml

Hope this helps,

Shilo
 
Old 05-04-2004, 10:18 PM   #5
shilo
Senior Member
 
Registered: Nov 2002
Location: Stockton, CA
Distribution: Slackware 11 - kernel 2.6.19.1 - Dropline Gnome 2.16.2
Posts: 1,132

Rep: Reputation: 49
Cerbere, you are apparently a much faster typist than me!!!
 
Old 05-05-2004, 04:25 AM   #6
nixel
Member
 
Registered: Apr 2004
Location: USA
Distribution: Slackware 9.1
Posts: 71

Original Poster
Rep: Reputation: 15
thanks for the replies guys. i restored my old passwd file and now i dont have that error. now for the setup part?
Code:
$ ssh -l user 127.0.0.1 -c 3des
You don't exist, go away!
$ su
Password: 
# ssh -l user 127.0.0.1 -c 3des
user@127.0.0.1's password:
why does this only work for root? i did some searching but couldnt find how to set it up. where do i add users? how can i test it locally?

Last edited by nixel; 05-05-2004 at 04:27 AM.
 
Old 05-05-2004, 06:02 AM   #7
Cerbere
Member
 
Registered: Dec 2002
Location: California
Distribution: Slackware & LFS
Posts: 799

Rep: Reputation: 33
I've never seen this before:
Quote:
You don't exist, go away!
And it seems like a security hole. Why would you want to tell an unauthorized user that the username he tried does not exist? It makes it that much easier to run a script that tries different usernames until that message is not returned, then he knows that he has found a valid username.

Currently, my sshd (Slackware 9.0) will accept any username and then issue the password challenge, then it gives a generic message of 'Permission denied, please try again.' until the third attempted password, whereupon it gives the nearly as generic message 'Permission denied (publickey,password,keyboard-interactive).' and disconnects. This way the person doesn't know which is incorrect, the username or password or both.

I'd advise you to change this behavior if you can. Unfortunately, I'm afraid I can't tell you how to accomplish this, since it was the default behavior for my install. I can suggest that you read through /etc/ssh/sshd_config, as well as through the various files in /usr/doc/openssh-*/ and, while you're at it, 'man ssh' and 'man sshd'.

As for adding users, root can add a user with the command 'adduser'.

Enjoy!
--- Cerbere
 
Old 05-05-2004, 07:25 AM   #8
frandalla
Member
 
Registered: Oct 2003
Location: Tokyo - Japan
Distribution: Slackware
Posts: 348
Blog Entries: 1

Rep: Reputation: 37
I guess he did a lot of tweaking in that system... My 9.1 works just fine...
 
Old 05-05-2004, 08:18 AM   #9
ringwraith
Senior Member
 
Registered: Sep 2003
Location: Indiana
Distribution: Slackware-current
Posts: 1,244

Rep: Reputation: 47
Yeah, he still hasn't answered the question... did you install a custom kernel, did you install a firewall script, did you mess with iptables ....... what happened after the install.
 
Old 05-05-2004, 10:26 AM   #10
shilo
Senior Member
 
Registered: Nov 2002
Location: Stockton, CA
Distribution: Slackware 11 - kernel 2.6.19.1 - Dropline Gnome 2.16.2
Posts: 1,132

Rep: Reputation: 49
Quote:
$ ssh -l user 127.0.0.1 -c 3des
You don't exist, go away!
$ su
Password:
# ssh -l user 127.0.0.1 -c 3des
user@127.0.0.1's password:
HMM... I never go to that much trouble to use ssh. I just check it out on my local computer with something simple, like:

Code:
shh localhost
I add users with the cryptic command:

Code:
adduser
Try those out. I think I answered your questions, just in reverse order.

I just tried your command on my computer. Here's what I got.
Code:
shilo@shilo:~$ ssh -l user 127.0.0.1 -c 3des
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
RSA key fingerprint is 6b:94:c4:06:f6:1f:aa:00:81:11:1c:af:98:f4:b6:b7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '127.0.0.1' (RSA) to the list of known hosts.
user@127.0.0.1's password:
Permission denied, please try again.
user@127.0.0.1's password:
Permission denied, please try again.
user@127.0.0.1's password:
Permission denied (publickey,password,keyboard-interactive).
Of course, I don't have a user named 'user' on my system, so I don't have a password.

Last edited by shilo; 05-05-2004 at 10:32 AM.
 
Old 05-05-2004, 11:45 AM   #11
nixel
Member
 
Registered: Apr 2004
Location: USA
Distribution: Slackware 9.1
Posts: 71

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by ringwraith
Yeah, he still hasn't answered the question... did you install a custom kernel, did you install a firewall script, did you mess with iptables ....... what happened after the install.
just a custom kernel 2.6.5. no firewall script no iptables. all i did was compile the 2.6.5 kernel, change a few styles in flux set up netscape to my liking. thats about it.
 
Old 05-05-2004, 01:23 PM   #12
shilo
Senior Member
 
Registered: Nov 2002
Location: Stockton, CA
Distribution: Slackware 11 - kernel 2.6.19.1 - Dropline Gnome 2.16.2
Posts: 1,132

Rep: Reputation: 49
Think you have probably done more than that. You say you had to restore your old /etc/passwd file , which indicates that you also edited your /etc/passwd file . We are all left wondering what else you've done. I think the reason everyone is wondering is because most of us, and I could be wrong, here did one of the following in order to get sshd going.

1) Nothing

or

(This will start up sshd at boot time & get it started for you right now, without a reboot)
2)
Code:
chmod +x /etc/rc.d/rc.sshd
/etc/rc.d/rc.sshd start
Which one depends on if you chose to run sshd at start up when you were installing Slackware.

As for users, like I said before, just add the user to your box, they automatically are a ssh user with the same password.

As for testing locally, like I said, just
Code:
ssh localhost
Then, try it remotely. The only heads up is if you are using a router/ firewall. You'll need to make sure you open up the ssh port.

Hope this helps,

Last edited by shilo; 05-05-2004 at 01:26 PM.
 
Old 05-05-2004, 02:37 PM   #13
nixel
Member
 
Registered: Apr 2004
Location: USA
Distribution: Slackware 9.1
Posts: 71

Original Poster
Rep: Reputation: 15
the rc.sshd script is already executable and it already boots up when i turn on computer. the only reason i edit the file was just to delete the other entries that were not users..but i fully restored that.
Code:
$ ssh localhost
You don't exist, go away!
and if everyone must know the details these are the files i edited after kernel compile:
/etc/lilo.conf
~/.vimrc
/etc/DIR_COLORS
/etc/profile
/etc/X11/XF86Config-4
/etc/inetd.conf

as far as installing things i installed the artwiz fonts and aterm. nothing else was changed.
 
Old 05-05-2004, 02:44 PM   #14
shilo
Senior Member
 
Registered: Nov 2002
Location: Stockton, CA
Distribution: Slackware 11 - kernel 2.6.19.1 - Dropline Gnome 2.16.2
Posts: 1,132

Rep: Reputation: 49
WHat happens when you type
Code:
ssh localhost
 
Old 05-05-2004, 03:17 PM   #15
nixel
Member
 
Registered: Apr 2004
Location: USA
Distribution: Slackware 9.1
Posts: 71

Original Poster
Rep: Reputation: 15
Code:
$ ssh localhost
You don't exist, go away!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Trying to setup up SSH ice1000 Linux - Networking 8 02-23-2005 09:17 PM
ssh/2.6.3/slack Ryouko Linux - Networking 10 03-10-2004 12:49 PM
Setup SSH? zigmund555 Slackware 2 02-13-2004 01:06 PM
SSH Setup Gramo Linux - General 3 07-15-2003 07:06 PM
How to setup SSH... Graanco Linux - Newbie 2 06-10-2001 04:03 PM


All times are GMT -5. The time now is 05:53 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration