[SOLVED] sshd debug mode

Madhu Desai · 10-03-2013, 12:23 PM

Hi All,

Server: CentOS 6.4 x86_64
Client: Ubuntu 13.04

I was trying SFTP Chroot Jail, and while doing so, i ran into some problems. So i wanted to debug ssh connection - to know why i am not able to connect? In the end, i solved the problem. But while searching internet on how to debug sshd, i came across many tutorials like this one 'How can I run Openssh daemon in debug mode?'.

But i am not getting any debug messages at all.

This is what i did: (Pls see attached ScreenShot)

(Left-Top): On Server, issued command '/usr/sbin/sshd -p 12345 -D -d -e', to start ssh daemon in debug mode.
(Left-Bottom): From client, ssh to server as wrong user and also as correct user. I was hoping that debug messages will scroll up on server monitor. But nothing happened... not even cursor moved.
(Right): So, to verify, i opened /var/log/secure file, and everything seems fine. all the right noises are made.

What i'm doing wrong? Am i wrong that i am expecting some messages will scroll on server monitor in debug mode? Where are debug messages shown...

Any help will be much appreciated.

Thanks

jpollard · 10-03-2013, 12:30 PM

Looks to me like you forgot to specify the port in the ssh connection (-p 12345 on the ssh command)

Madhu Desai · 10-03-2013, 12:42 PM

Quote:

Originally Posted by jpollard

Looks to me like you forgot to specify the port in the ssh connection (-p 12345 on the ssh command)

I did try. but it throws error.

Code:

$ ssh -p 12345 madhu@cent
ssh: connect to host cent port 12345: No route to host

$ ssh -p 12345 madhu@192.168.1.50
ssh: connect to host 192.168.1.50 port 12345: No route to host

But if you look at '/var/log/secure' file (right-window), i'm getting response. all three windows are in real-time.

jpollard · 10-03-2013, 03:24 PM

IN the past, when I've done this, sshd does not log to anything but the terminal running sshd in the debug mode.

All the others are using the default port, therefore I would expect those are from the ssh without the port specification.

It is possible for a router/firewall to be blocking access to port 12345 (I have seen some reports where it happens).

corp769 · 10-03-2013, 03:32 PM

+1 to jpollard's post; I had nearly the same exact issue arise on me about two weeks ago, and my firewall on my network was at fault the whole time. Tip: When you are using odd port numbers for ssh, remember to account for that in your firewall

Madhu Desai · 10-03-2013, 03:56 PM

Quote:

Originally Posted by jpollard

It is possible for a router/firewall to be blocking access to port 12345 (I have seen some reports where it happens).

You hit the bull's-eye!!! As corp769 also mentioned, it was iptables blocking it. Stopped iptables to check - Bhoom... server teminal started talking...

Thanks-a-lot

corp769 · 10-03-2013, 03:59 PM

I'm actually quite happy I replied to that post! ... I forgot to finish that server, so I got up off my lazy @ss and finished it. Cheers?

And kudos on getting that working!