Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
"ssh -vvv ..." (in "[ code ]"... "[ /code ]"
what shall be in [code] ?
The results of the test.
Quote:
It should be drwx ..... and not crwx ?
If it is a "c" as the first character, then it is a device, and not a directory - and DEFINITELY something wrong on your system. Users should never have a device node in their directory.
Quote:
I think it is the server side as I am only using the server to make local connection on the server .
But how to solve this ?
I have seen that error before, but it was a LONG time ago, and I'm having trouble recalling the fix.
Is is possible for you to have access to the console of the server?
I'm asking that because the next step is to run the sshd server in debug mode to see what is going on. This is normally done on the console by first stopping the sshd service, then running it on the console with the command "sshd -d -e". This will run the server attached to the console, with debugging (a single -d is first level, and like the -v of ssh, can be used up to three times for maximum logging), and all messages will be sent to the console (the -e option). It is possible redirect stdout and stderr (where the messages go) to a file that then have the debug trace shown for more analysis.
Once the debug process is started, an ssh session can be attempted - and if the server is having a problem it should record something before it aborts.
I have seen that error before, but it was a LONG time ago, and I'm having trouble recalling the fix.
Is is possible for you to have access to the console of the server?
I'm asking that because the next step is to run the sshd server in debug mode to see what is going on. This is normally done on the console by first stopping the sshd service, then running it on the console with the command "sshd -d -e". This will run the server attached to the console, with debugging (a single -d is first level, and like the -v of ssh, can be used up to three times for maximum logging), and all messages will be sent to the console (the -e option). It is possible redirect stdout and stderr (where the messages go) to a file that then have the debug trace shown for more analysis.
Once the debug process is started, an ssh session can be attempted - and if the server is having a problem it should record something before it aborts.
Yes I have access to the server console.
[ run the sshd server in debug mode ] How ?
you mean I use the terminal on the server itself
and type the following
# service sshd stop
# sshd -d -e
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,671
Rep:
Quote:
Originally Posted by esraam
With another user , I got the following :
[
The authenticity of host 'master (192.168.0.200)' can't be established.
RSA key fingerprint is f0:80:f7:67:23:d4:12:90:f7:c1:a5:bb:a5:bb:c9:16:19:22
Are you sure you want to continue connecting (yes/no)? Terminated
]
I can log in as root and change settings if necessary.
Please tell me what settings need to be changed ?
And How to change them .
Thanks alot
Please use code tags.
I take it you selected yes at this point? This looks like a successful connection but if it then give s the /dev/nul error it may mean that the user account wasn't set up correctly.
Can't the person who created your user account help with this? They should give you instructions of how to log in and tell you which credentials to use.
Please use code tags.
I take it you selected yes at this point? This looks like a successful connection but if it then give s the /dev/nul error it may mean that the user account wasn't set up correctly.
Can't the person who created your user account help with this? They should give you instructions of how to log in and tell you which credentials to use.
Actually, the user account hasn't been started yet - first the user has to accept that the targeted system is the correct one, then ssh will complete the identification exchange and record the systems public key in the known_hosts file. After that the users password (or keys) are tested. Only after the user has finally authenticated to the system will the user account be started (and gives a different error if it is not authorized).
A terminated message can come from several places - a very unlikely one is a resource limitation causes the server to abort. Another is a memory failure causing the socket to be closed. sshd has a number of security features (enabled/disabled whatever) that can also cause issues (such as running sshd in a privilege separated account). Access failures to certain files needed can cause an abort (such as the /dev/null case, but access to the public/private keys--though this one has been passed).
The console log should answer a number of questions and give a better idea of the failure.
# /usr/sbin/sshd -d -e
gives :
[
debug1: sshd version OpenSSH_5.3p1
debug1: read PEM private key done : type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done : type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]= '-d'
debug1: rexec_argv[2]= '-e'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 22 on 0.0.0.0
Server listening on 0.0.0.0 port 22
debug1: Bind to port 22 on ::.
Server listening on :: port 22
]
Then waiting waiting waiting .
It doesn't exit the execution and doesn't change the results for quite long time.
Do you think this helps to find where the error is ?
Great thanks for you help
Do you even understand how a client/server application works?
There are two parts that work together. A client, and a server.
In this case, ssh is the client. sshd is the server.
It is apparent that the client is working. It is also apparent that the server is working... UNTIL the client makes a connection.
The debugging log you showed from the client has shown what the client is interpreting from the server:
Code:
(client)OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
(client)debug1: Reading configuration data /etc/ssh/ssh_config
(client)debug1: Applying options for *
(client)debug2: ssh_connect: needpriv 0
(client)debug1: Connecting to master [192.168.0.200] port 22.
(client)debug1: Connection established
(client)debug1: identity file /home/em/.ssh/identity type -1
(client)debug1: identity file /home/em/.ssh/identity-cert type -1
(client)debug1: identity file /home/em/.ssh/id_rsa type -1
(client)debug1: identity file /home/em/.ssh/id rsa-sert type -1
(client)debug1: identity file /home/em/.ssh/id_dsa type -1
(client)debug1: identity file /home/em/.ssh/id_dsa_cert type -1
(client)debug1: identity file /home/em/.ssh/id_ecdsa type -1
(client)debug1: identity file /home/em/.ssh/id_ecdsa-cert type -1
(server)debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
(client)debug1: match: OpenSSH_5.3 pat OpenSSH*
(client)debug1: Enabling compatibility mode for protocol 2.0
(client to server)debug1: Local version string SSH-2.0-OpenSSH_5.3
(client)debug2: fd 3 setting 0_NONBLOCK
(client)debug1: SSH2_MSG_KEXINIT sent
(client)debug3: Wrote 960 bytes for a total of 981
(server to client)debug1: SSH2_MSG_KEXINIT received
(client)debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256, diffie-hellman0group-exchange-shal, diffie-hellman-group14-shall,diffie-hellman-group1-shal
clientdebug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com, ssh-dss-cert-v01@openssh.com, ssh-rsa-cert-v00@openssh.com,ssh-dss...00@openssh.com,ssh-rsa,ssh-dss
clientdebug2: kex_parse_kexinit: aes128-ctr, aes192-ctr, arcfour256,arcfour128,aes128-cdc,3des-cdc-blowfish-cbc,cast128-cdc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
(client)debug2: kex_parse_kexinit: aes128-ctr, aes192-ctr, arcfour256,arcfour128,aes128-cdc,3des-cdc-blowfish-cbc,cast128-cdc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
(client)debug2: Kex_parse_kexinit: hmac-md5, hmac-shal, umac-64@openssh.com,hmac-sha2-256,hm...60@openssh.com,hmac-shal-96,hmac-md5-96
(client)debug2: Kex_parse_kexinit: hmac-md5, hmac-shal, umac-64@openssh.com,hmac-sha2-256,hm...60@openssh.com,hmac-shal-96,hmac-md5-96
(client)debug2: Kex_parse_kexinit: none, zlib@openssh.com ,zlib
(client)debug2: Kex_parse_kexinit: none, zlib@openssh.com ,zlib
(client)debug2: Kex_parse_kexinit:
(client)debug2: Kex_parse_kexinit:
(client)debug2: Kex_parse_kexinit: first_kex_follows 0
(client)debug2: Kex_parse_kexinit: reserved 0
(client)debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256, diffie-hellman-group-exchange-shal, diffie-hellman-group14-shall,diffie-hellman-group1-shal
(client)debug2: Kex_parse_kexinit: ssh-rsa, ssh-dss
(client)debug2: kex_parse_kexinit: aes128-ctr, aes192-ctr, arcfour256,arcfour128,aes128-cdc,3des-cdc-blowfish-cbc,cast128-cdc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
(client)debug2: kex_parse_kexinit: aes128-ctr, aes192-ctr, arcfour256,arcfour128,aes128-cdc,3des-cdc-blowfish-cbc,cast128-cdc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
(client)debug2: Kex_parse_kexinit: hmac-md5, hmac-shal, umac-64@openssh.com,hmac-sha2-256,hm...60@openssh.com,hmac-shal-96,hmac-md5-96
(client)debug2: Kex_parse_kexinit: hmac-md5, hmac-shal, umac-64@openssh.com,hmac-sha2-256,hm...60@openssh.com,hmac-shal-96,hmac-md5-96
(client)debug2: Kex_parse_kexinit: none, zlib@openssh.com ,zlib
(client)debug2: Kex_parse_kexinit: none, zlib@openssh.com ,zlib
(client)debug2: Kex_parse_kexinit:
(client)debug2: Kex_parse_kexinit:
(client)debug2: Kex_parse_kexinit: first_kex_follows 0
(client)debug2: Kex_parse_kexinit: reserved 0
(client)debug2: mac_setup: found hmac-md5
(client)debug1: Kex: server->client aes128-ctr hmac-md5 none
(client)debug2: mac_setup: found hmac-md5
(client)debug1: Kex: server->client aes128-ctr hmac-md5 none
(client to server)debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
(client to server)debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
(client to server)debug3: Wrote 24 bytes for a total of 1005
(client)debug2: dh_gen_key: priv key bits set 123/256
(client)debug2: bits set: 540/1024
(client to server)debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
(client)debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
(client)debug3: Wrote 144 bytes for a total of 1149
(client)debug3: check_host_in_hostfile: host master filename /home/em/.ssh/known_hosts
(client)debug3: check_host_in_hostfile: host master filename /home/em/.ssh/known_hosts
(client)debug3: check_host_in_hostfile: host master filename /etc/ssh/ssh_known_hosts
(client)debug3: check_host_in_hostfile: host master filename /etc/ssh/ssh_known_hosts
d(client)ebug3: check_host_in_hostfile: host 192.168.0.200 filename /home/em/.ssh/known_hosts
(client)debug3: check_host_in_hostfile: host 192.168.0.200 filename /home/em/.ssh/known_hosts
(client)debug3: check_host_in_hostfile: host 192.168.0.200 filename /etc/ssh/ssh_known_hosts
(client)debug3: check_host_in_hostfile: host 192.168.0.200 filename /etc/ssh/ssh_known_hosts
(client)debug3: check_host_in_hostfile: host master filename /home/em/.ssh/known_hosts
(client)debug3: check_host_in_hostfile: host master filename /etc/ssh/ssh_known_hosts
(client)debug2: no key of type 0 for host master
(client)debug3: check_host_in_hostfile: host master filename /home/em/.ssh/known_hosts2
(client)debug3: check_host_in_hostfile: host master filename /etc/ssh/ssh_known_hosts2
(client)debug3: check_host_in_hostfile: host master filename /home/em/.ssh/known_hosts2
(client)debug3: check_host_in_hostfile: host master filename /etc/ssh/ssh_known_hosts2
(client)debug2: no key of type 2 for host master
(client)debug3: check_host_in_hostfile: host master filename /home/em/.ssh/known_hosts2
(client)debug3: check_host_in_hostfile: host master filename /etc/ssh/ssh_known_hosts2
(client)debug3: check_host_in_hostfile: host master filename /home/em/.ssh/known_hosts2
(client)debug3: check_host_in_hostfile: host master filename /etc/ssh/ssh_known_hosts2
(client)debug2: no key of type 3 for host master
(client)The authenticity of host 'master (192.168.0.200) ' can't be established
(client)RSA key fingerprint is f0:80:f7:67:23:d4:12:90:f7:c1:a5:bb:c9:16:19:22
(client to you)Are you sure you want to continue connecting (yes/no) ?
(server?)Terminated
So what did the server side do during the connection that failed?
To find out, it is necessary to get a fairly detailed log of what happens during the connection.
To find out, it is necessary to get a fairly detailed log of what happens during the connection
How ?
The fact is I am making a local connection on the server now.
So, you can see that the server is acting as a client and a server at the same time .
I am using the server to make remote-connection on the server itself ( as a test first before trying to connect to clients with remote access )
Do you think there is a problem having the server to connect to itself that makes the ssh terminates ?
How can I get a detailed log of what happens during the connection ?
Shall I use a certain command line or what ?
Sorry for my little knowledge but I am new to linux and I have to do the task .
Thanks for your help.
Hope we can get together to solve the ssh termination problem .
Please use code tags.
I take it you selected yes at this point? This looks like a successful connection but if it then give s the /dev/nul error it may mean that the user account wasn't set up correctly.
Can't the person who created your user account help with this? They should give you instructions of how to log in and tell you which credentials to use.
I didn't have the chance to select ( yes)
It terminated before giving me the chance.
I created the user account by myself .
The responsible person only gave me the permission to log in as root on the server, create a new user and use ssh .
They don't know why ssh terminated and they asked me to solve the problem myself .
I have little knowledge , you see
and I am trying to google search and ask on the forum to get help.
but couldn't yet.
Do you have any suggestions that may help ?
Define the error and solve it ?
We could find that a server problem caused the error.
I don't know what problem or even how to find it out
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
