[DLC] SSH What?

Scott Behrens sbehrens at gmail.com
Tue Jan 22 15:57:42 CST 2008 

Okay guys,

Totally strange problem.  I have 9 RedHat 5 AS boxes at one of my
clients.  On one of the boxes, ssh for any user does not work.  I
built the boxes identical using a kickstart CD with user accounts
'orc' and 'goblin'.  I'm using PAM authentication and passwords.
Strangley enough the sshd_config files are all identical as well as
the /etc/pam.d/sshd files.  I also check tty permissoins and even
tried setting up another user.  I've included the output of the ssh
-vv orc at matorc7 as well as my secure.log file.

Any help is appreciated!
-Scott

-- 
--
Scott Behrens
Radius Information Technology
Mobile 630-930-4928 Alt. 815-260-2858
scott.behrens at radiusit.com
www.RadiusIT.com
-------------- next part --------------

Jan 22 15:25:18 matorc7 sshd[2725]: Failed password for test from ::ffff:172.27.96.57 port 50649 ssh2
Jan 22 15:25:25 matorc7 last message repeated 2 times
Jan 22 15:25:25 matorc7 sshd[2726]: Connection closed by ::ffff:172.27.96.57
Jan 22 15:25:59 matorc7 sshd[2733]: Failed password for test from ::ffff:172.27.96.57 port 50653 ssh2
Jan 22 15:26:00 matorc7 sshd[2734]: Connection closed by ::ffff:172.27.96.57
Jan 22 15:26:08 matorc7 sshd[2739]: Failed password for test from ::ffff:172.27.96.57 port 50654 ssh2
Jan 22 15:26:21 matorc7 sshd[2740]: Connection closed by ::ffff:172.27.96.57
Jan 22 15:26:41 matorc7 sshd[2745]: Failed password for test from ::ffff:172.27.96.57 port 50657 ssh2
Jan 22 15:26:41 matorc7 sshd[2746]: Connection closed by ::ffff:172.27.96.57
Jan 22 15:30:44 matorc7 sshd[2597]: Received SIGHUP; restarting.
Jan 22 15:30:44 matorc7 sshd[2804]: Server listening on :: port 22.
Jan 22 15:30:44 matorc7 sshd[2804]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Jan 22 15:31:03 matorc7 sshd[2806]: Failed password for test from ::ffff:172.27.96.57 port 50674 ssh2
Jan 22 15:31:09 matorc7 sshd[2806]: Failed password for test from ::ffff:172.27.96.57 port 50674 ssh2
Jan 22 15:31:10 matorc7 sshd[2807]: Connection closed by ::ffff:172.27.96.57
Jan 22 15:45:08 matorc7 sshd[3036]: Failed password for orc from ::ffff:172.27.96.58 port 50709 ssh2
Jan 22 15:45:21 matorc7 sshd[3037]: Connection closed by ::ffff:172.27.96.58
Jan 22 15:54:59 matorc7 sshd[3134]: Failed password for orc from ::ffff:172.27.96.58 port 50750 ssh2
Jan 22 15:55:09 matorc7 last message repeated 2 times
Jan 22 15:55:09 matorc7 sshd[3135]: Connection closed by ::ffff:172.27.96.58
-------------- next part --------------

OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to matorc7 [172.27.96.57] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.9p1
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 125/256
debug2: bits set: 537/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'matorc7' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug2: bits set: 531/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/identity ((nil))
debug2: key: /root/.ssh/id_rsa ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug2: we sent a gssapi-with-mic packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug2: we sent a gssapi-with-mic packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
orc at matorc7's password:
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
Permission denied, please try again.
orc at matorc7's password:
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
Permission denied, please try again.
orc at matorc7's password:
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,gssapi-with-mic,password)

More information about the DLC mailing list