Solved

SSH on redhat 6.2

Posted on 2003-11-20
19
2,660 Views
Last Modified: 2008-03-06
Greetings experts.
This could be an easy question.
Specifics:
RH linux 6.2 server
Attempting to connect via ssh.
installed all the components to make this work.
When I attempt to connect no passwords are authenticated.  SSH appears to try to connect, it accepts the user name but not the password.  I have tried this by using another linux box and using:
ssh server.domainname.com
then it prompts for the root password, and when I enter the root password it will not accept it.  Same results when using a ssh interface from windows such as SecureCRT.
Thanks in advance.
0
Comment
Question by:EaglePress
19 Comments
 
LVL 9

Expert Comment

by:majorwoo
Comment Utility
by defauly many ssh clients do not permit root login, check your sshd_config file for a line

PermitRoogLogin   no


and change it to yes and restart sshd
0
 

Author Comment

by:EaglePress
Comment Utility
Already tried that.  I cannot login as ANY user.  The config file was changed from the beginning to allow root to login.
0
 
LVL 2

Expert Comment

by:jjerome00
Comment Utility

Have you tried to ssh to the computer from the same computer?  You should be able to do this from the machine.  It might be able to weed out any other problems (firewall, etc) you think you may be having.

Another simple approach is to try reinstalling the ssh server on the machine, or upgrading the machine altogether.  I'm not sure if this is an option, since you probably would have done that by now.

Hope some of this helps.

0
 
LVL 24

Expert Comment

by:shivsa
Comment Utility
could u post the output of the following command.
ssh -v -v -v loginid@server.domainname.com

also check this file /etc/security/access.conf, this tells what users are blocked and what not.
also read this article about security of redhat.
http://www.puschitz.com/Security.shtml

also if u want to launch sshd in debug mode, launch like this and see for log files.
that might give u some clue.
stop sshd then re-launch it as "sshd -d -d -d"
0
 

Expert Comment

by:Arindam_Biswas
Comment Utility
may be it's due to your firewall configuration .try  stopping ipchains [ "service  ipchains stop" or "/etc/init.d/ipchains stop"]
and  try ssh again
0
 
LVL 12

Expert Comment

by:paullamhkg
Comment Utility
Also is there any prossible way that you set the users no login in the /etc/passwd

eg
root:x:0:0:root:/root:/bin/nologin
paul:x:500:500::/home/paul:/bin/nologin

if you have made this change root and paul can't login by remote, only login at the linux box console mode/GUI login.

will this be the case?
0
 

Author Comment

by:EaglePress
Comment Utility
I will make several entries to answer all questions:
This is for shivsa:

Here is the output from ssh -v -v -v

[testy@eagle testy]$ ssh -v -v -v testy@eagle.eaglepress.net
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 501 geteuid 0 anon 1
debug1: Connecting to eagle.eaglepress.net [127.0.0.1] port 22.
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/testy/.ssh/identity type -1
debug1: identity file /home/testy/.ssh/id_rsa type -1
debug1: identity file /home/testy/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9p2
debug1: match: OpenSSH_2.9p2 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.9p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 130/256
debug1: bits set: 1009/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Forcing accepting of host key for loopback/localhost.
debug1: bits set: 1020/2049
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,password,keyboard-interactive
debug3: authmethod_lookup publickey
debug3: remaining preferred: password,keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug1: try privkey: /home/testy/.ssh/identity
debug3: no such identity: /home/testy/.ssh/identity
debug1: try privkey: /home/testy/.ssh/id_rsa
debug3: no such identity: /home/testy/.ssh/id_rsa
debug1: try privkey: /home/testy/.ssh/id_dsa
debug3: no such identity: /home/testy/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled password
debug1: next auth method to try is password
testy@eagle.eaglepress.net's password:
0
 

Author Comment

by:EaglePress
Comment Utility
OK.  Answering a few more questions.

Q:also check this file /etc/security/access.conf, this tells what users are blocked and what not.
A:I looked at the /etc/security/access.conf file.  Every thing is set as default.  I have not made any changes to this file.

Q:stop sshd then re-launch it as "sshd -d -d -d"
A:I noticed this when I tried to stop and restart sshd

[root@eagle testy]# /etc/rc.d/init.d/sshd start        
$Starting sshd:execvp: No such file or directory
[FAILED]

Q:Have you tried to ssh to the computer from the same computer?
A:Same results.  I ssh servername.domainname.com then get prompted for the password then get "permission denied".  Tried this as root and as regular user.

Q:may be it's due to your firewall configuration .try  stopping ipchains [ "service  ipchains stop" or "/etc/init.d/ipchains stop"]
and  try ssh again
A:when i stopped the ipchains and tried ssh to connect I received an error: secure connection refused.

I will answer more questions on the next submit.   Trying not to make each one so long.
0
 
LVL 24

Accepted Solution

by:
shivsa earned 100 total points
Comment Utility
[root@eagle testy]# /etc/rc.d/init.d/sshd start        
$Starting sshd:execvp: No such file or directory
[FAILED]

what heppened here, did u able to run.
if yes then now u must be having debug information.
could u post that too.

also when u complied ssh did u use add --with-md5-password  in your build script.

0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:EaglePress
Comment Utility
Here are the directions that I followed.  TO THE LETTER!
http://www.helpdesk.umd.edu/os/linux_redhat_6_2/installation/
Then click on the
Installing OpenSSH Server and Client link and the Installing OpenSSL link. Thanks.
0
 
LVL 24

Expert Comment

by:shivsa
Comment Utility
try running this on one window

/usr/local/sbin/sshd -d -d -d
then try tunning ssh -v -v -v testy@eagle.eaglepress.net

and send us output of sshd -d -d -d window.
0
 

Author Comment

by:EaglePress
Comment Utility
[root@eagle /]# /usr/local/sbin/sshd -d -d -d
debug1: Seeding random number generator
debug1: sshd version OpenSSH_2.9p2
debug1: private host key: #0 type 0 RSA1
debug3: No RSA1 key file /usr/local/etc/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug3: No RSA1 key file /usr/local/etc/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
socket: Invalid argument
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete



[testy@eagle /]$ ssh -v -v -v testy@eagle.eaglepress.net
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 501 geteuid 0 anon 1
debug1: Connecting to eagle.eaglepress.net [127.0.0.1] port 22.
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: connect: Connection refused
debug1: restore_uid
debug1: Trying again...
debug1: Connecting to eagle.eaglepress.net [127.0.0.1] port 22.
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: connect: Connection refused
debug1: restore_uid
debug1: Trying again...
debug1: Connecting to eagle.eaglepress.net [127.0.0.1] port 22.
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: connect: Connection refused
debug1: restore_uid
debug1: Trying again...
debug1: Connecting to eagle.eaglepress.net [127.0.0.1] port 22.
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 501/503 (e=0)
debug1: connect: Connection refused
debug1: restore_uid
Secure connection to eagle.eaglepress.net refused.
0
 
LVL 24

Expert Comment

by:shivsa
Comment Utility
It looks like iptables problem.
could u try these.
"/sbin/service iptables stop"
This should flush all the chains and reset to the default accept policy. "iptables -L" will list all the active chains.

i know u have done it but i would like these debug messages with iptables disabled.
server is listening and client is trying again and again....
0
 
LVL 24

Expert Comment

by:shivsa
Comment Utility
also please check /var/log/messages  to see what eerror messages u get when run ssh.
0
 
LVL 24

Expert Comment

by:shivsa
Comment Utility
also when u start sshd did u close the existing one.
if not then u have to stop first
service sshd stop
and then do sshd -ddd
0
 

Author Comment

by:EaglePress
Comment Utility
I get:
iptables: unrecognized service
when I run /sbin/service iptables stop
0
 

Author Comment

by:EaglePress
Comment Utility
I did ps -ax | grep sshd and there are no instances of sshd running.  
Then I did /usr/local/sbin/sshd -d -d -d  and got the same results as above.
0
 
LVL 24

Expert Comment

by:shivsa
Comment Utility
i was wondering about this error in your output.
thats why i said stop the sshd and restart again.

debug1: private host key: #2 type 2 DSA
socket: Invalid argument

also do u see any messages related to sshd in /var/log/messages.

also  my mistake, u are not running iptables but ipchain. i meant to stop ipchains.
0
 

Author Comment

by:EaglePress
Comment Utility
here is the output i received after i stopped ipchains then tried to connect via ssh

[root@eagle /]# /usr/local/sbin/sshd -d -d -d
debug1: Seeding random number generator
debug1: sshd version OpenSSH_2.9p2
debug1: private host key: #0 type 0 RSA1
debug3: No RSA1 key file /usr/local/etc/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug3: No RSA1 key file /usr/local/etc/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
socket: Invalid argument
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 10.10.2.16 port 2406
debug1: Client protocol version 1.5; client software version 1.0
debug1: no match: 1.0
debug1: Local version string SSH-1.99-OpenSSH_2.9p2
debug1: Rhosts Authentication disabled, originating port not trusted.
debug1: Sent 768 bit server key and 1024 bit host key.
debug1: Encryption type: 3des
debug1: Received session key; encryption turned on.
debug1: Installing crc compensation attack detector.
debug1: Attempting authentication for testy.
Failed password for testy from 10.10.2.16 port 2406
Unknown message during authentication: type 4
Failed bad-auth-msg-4 for testy from 10.10.2.16 port 2406
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now