LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-04-2011, 03:22 AM   #16
tariq
LQ Newbie
 
Registered: Nov 2011
Posts: 15

Original Poster
Rep: Reputation: Disabled

Quote:
Originally Posted by fukawi1 View Post
Can you post the output of (on the server)
Code:
netstat -tnlp
tariq@ubuntu:~$ netstat -tnlp
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -


and with sudo -

tariq@ubuntu:~$ sudo netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 704/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 942/cupsd
tcp6 0 0 :::22 :::* LISTEN 704/sshd
tcp6 0 0 ::1:631 :::* LISTEN 942/cupsd
 
Old 11-04-2011, 03:25 AM   #17
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
Hi,

from the output of nmap it seems that sshd is really listening on port 22. Please look in /var/log/auth.log for lines from sshd: there should be entries each time you try to ssh. Hopefully this will provide a hint as to why you can't successfully log in. Also, please try to "ssh localhost" on the server.

If you can't find anything helpful in auth.log, try stopping sshd and then manually starting it in debug mode from a terminal. As root do:
Code:
/usr/sbin/sshd -d
Then open another terminal and try to connect
Code:
ssh localhost
The terminal where you started sshd should then contain lots of debug information from sshd. Assuming this works, try again but this time ssh from the other machine (you'll have to reastart sshd -d again since sshd exits after the first connection when run in debug mode).

Cheers,

Evo2.
 
Old 11-04-2011, 03:32 AM   #18
tariq
LQ Newbie
 
Registered: Nov 2011
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by evo2 View Post
Hi,

from the output of nmap it seems that sshd is really listening on port 22. Please look in /var/log/auth.log for lines from sshd: there should be entries each time you try to ssh. Hopefully this will provide a hint as to why you can't successfully log in. Also, please try to "ssh localhost" on the server.

If you can't find anything helpful in auth.log, try stopping sshd and then manually starting it in debug mode from a terminal. As root do:
Code:
/usr/sbin/sshd -d
Then open another terminal and try to connect
Code:
ssh localhost
The terminal where you started sshd should then contain lots of debug information from sshd. Assuming this works, try again but this time ssh from the other machine (you'll have to reastart sshd -d again since sshd exits after the first connection when run in debug mode).

Cheers,

Evo2.
Hello Evo2,

This is the log entry i have got when i ssh the localhot -

Nov 4 12:59:19 ubuntu sshd[2879]: Accepted publickey for tariq from 127.0.0.1 port 40145 ssh2
Nov 4 12:59:20 ubuntu sshd[2879]: pam_unix(sshd:session): session opened for user tariq by (uid=0)
 
Old 11-04-2011, 04:45 AM   #19
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Blog Entries: 4

Rep: Reputation: 221Reputation: 221Reputation: 221
Post your sshd_config file

Code:
#cat /etc/ssh/sshd_config
 
Old 11-04-2011, 05:14 AM   #20
tariq
LQ Newbie
 
Registered: Nov 2011
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by deep27ak View Post
Post your sshd_config file

Code:
#cat /etc/ssh/sshd_config
tariq@ubuntu:~$ cat /etc/ssh/sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
 
Old 11-04-2011, 05:21 AM   #21
fukawi1
Member
 
Registered: Apr 2009
Location: Melbourne
Distribution: Fedora & CentOS
Posts: 854

Rep: Reputation: 190Reputation: 190
Are you trying to connect with keys? or password?

On the server, can you ssh localhost?
 
Old 11-04-2011, 05:29 AM   #22
tariq
LQ Newbie
 
Registered: Nov 2011
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by fukawi1 View Post
Are you trying to connect with keys? or password?

On the server, can you ssh localhost?
I am using passphraseless ssh and I can ssh to localhost on both the machines..Even if I am trying to copy the public key to the remote host I am facing this connection time out problem
 
Old 11-04-2011, 05:30 AM   #23
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Blog Entries: 4

Rep: Reputation: 221Reputation: 221Reputation: 221
Everything seems fine except

Code:
#IgnoreUserKnownHosts yes

it should be "no"

IgnoreUserKnownHosts no
Code:
#service sshd restart
and evo2 asked you to do

Code:
#ssh localhost 22
try this and let me know are you able to do ssh successfully to localhost
 
Old 11-04-2011, 05:32 AM   #24
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Blog Entries: 4

Rep: Reputation: 221Reputation: 221Reputation: 221
Quote:
Originally Posted by tariq View Post
I am using passphraseless ssh and I can ssh to localhost on both the machines..Even if I am trying to copy the public key to the remote host I am facing this connection time out problem
It means you are not using any RSA right?

this connection timed out happens after entering the password or you don't get a prompt for password as well?

can you take a snapshot and attach here
 
Old 11-04-2011, 05:44 AM   #25
fukawi1
Member
 
Registered: Apr 2009
Location: Melbourne
Distribution: Fedora & CentOS
Posts: 854

Rep: Reputation: 190Reputation: 190
Quote:
Originally Posted by tariq View Post
I am using passphraseless ssh and I can ssh to localhost on both the machines..Even if I am trying to copy the public key to the remote host I am facing this connection time out problem
If the key isn't on the server, you wont be able to connect using keys until the public key is in known_hosts

you have PasswordAuthentication set to "yes" by default (commented options are default values), so can you connect using a password?
 
Old 11-04-2011, 05:49 AM   #26
tariq
LQ Newbie
 
Registered: Nov 2011
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by deep27ak View Post
It means you are not using any RSA right?

this connection timed out happens after entering the password or you don't get a prompt for password as well?

can you take a snapshot and attach here
No, i am using rsa but ..I have used the fllowing command- ssh-keygen -t rsa -P ""
And yes, i am not even able to reach the login screen.
Here is the snapshot -
Attached Thumbnails
Click image for larger version

Name:	snapshot1.png
Views:	19
Size:	29.8 KB
ID:	8297  
 
Old 11-04-2011, 05:52 AM   #27
tariq
LQ Newbie
 
Registered: Nov 2011
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by fukawi1 View Post
If the key isn't on the server, you wont be able to connect using keys until the public key is in known_hosts

you have PasswordAuthentication set to "yes" by default (commented options are default values), so can you connect using a password?
I have already copied the key in ~/.ssh/authorizes_keys on the remote host.
As far as I know I can connect using password.But I am not even able to reach the password screen.Please let me know if I am doing something wrong here.
 
Old 11-04-2011, 06:02 AM   #28
deep27ak
Senior Member
 
Registered: Aug 2011
Location: Bangalore, India
Distribution: RHEL 7.x, SLES 11 SP2/3/4
Posts: 1,195
Blog Entries: 4

Rep: Reputation: 221Reputation: 221Reputation: 221
Quote:
Originally Posted by tariq View Post
I have already copied the key in ~/.ssh/authorizes_keys on the remote host.
As far as I know I can connect using password.But I am not even able to reach the password screen.Please let me know if I am doing something wrong here.
the file name should be authorized_keys, I hope it is just a spelling mistake on this blog and not on your client machine

and once you go for RSA you won't be prompted for password

try this on client machine and server machine

Code:
RSAAuthentication no
PubkeyAuthentication no
Code:
#service sshd restart
If still doesn't works then take a backup of authorized_keys and clear the file and save.
Code:
#cp ~/.ssh/authorized_keys /authorized_keys.orig
#vi authorized_keys
(clear everything and save on client)
and do the same for
Code:
#cp ~/.ssh/known_hosts /known_hosts.orig
#vi known_hosts
(clear everything and save on client)
 
Old 11-04-2011, 06:02 AM   #29
tariq
LQ Newbie
 
Registered: Nov 2011
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by deep27ak View Post
Everything seems fine except

Code:
#IgnoreUserKnownHosts yes

it should be "no"

IgnoreUserKnownHosts no
Code:
#service sshd restart
and evo2 asked you to do

Code:
#ssh localhost 22
try this and let me know are you able to do ssh successfully to localhost
I can ssh to localhost after the change as well
 
Old 11-04-2011, 06:04 AM   #30
tariq
LQ Newbie
 
Registered: Nov 2011
Posts: 15

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by deep27ak View Post
the file name should be authorized_keys, I hope it is just a spelling mistake on this blog and not on your client machine

and once you go for RSA you won't be prompted for password

try this on client machine and server machine

Code:
RSAAuthentication no
PubkeyAuthentication no
Code:
#service sshd restart
If still doesn't works then take a backup of authorized_keys and clear the file and save.
Code:
#cp ~/.ssh/authorized_keys /authorized_keys.orig
#vi authorized_keys
(clear everything and save on client)
and do the same for
Code:
#cp ~/.ssh/known_hosts /known_hosts.orig
#vi known_hosts
(clear everything and save on client)
Sorry for the typo..I'll do the changes and let you know
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh can not connect remote host crazy6 Linux - Newbie 2 03-04-2011 08:28 PM
telnet: Unable to connect to remote host: No route to host grob115 Linux - Networking 3 07-30-2010 11:18 AM
Fedora 10/unable to ssh out from box to remote host (SSH within LAN ok) huskeypm Linux - Networking 3 04-14-2009 08:37 PM
telnet: Unable to connect to remote host: Connection refused stuckz Fedora 6 06-21-2007 03:36 AM
how 2 connect 2 remote host using SSH fhameed Linux - Networking 2 09-08-2004 09:42 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:39 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration