Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Goofy ssh problem.
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Patastrophe
n00b
n00b


Joined: 11 Sep 2003
Posts: 52
PostPosted: Mon Sep 20, 2004 9:47 pm    Post subject: Goofy ssh problem. Reply with quote
We recently changed a server from Debian to Gentoo at our school. This server is a little side project of mine and a few friends. It basically serves as a ssh/web/email server. Before, everything worked perfectly fine with Debian, however now when I try to seh into the newly installed Gentoo box it just locks up. What's interesting is that I'm off campus, and people on-campus have no trouble at all. I've checked with the IT administration here, they say that there is no restriction that would inhibit ssh communication. Moreover, I called my ISP and they also say there is no problem with using ssh on their networks. What is interesting, is I can ssh to other boxes just fine from here. And it's possible to ssh out of the school network just fine. All ssh does is hang when I enter my password. It gets a little further when you use ssh -c blowfish hostname, because it is actuallly able to give me a shell. I can type a few characters, then it just locks up again. When we force it to use Protocol 1, it lasts a little bit longer before it dies, and just a tad longer if we force the arcfour cipher. Has anybody out there experienced any similar difficulty with ssh? I really need to access this server, because I'm one of the only persons working on this that knows a thing about Gentoo, and everybody else is used to Debian.
Back to top
View user's profile Send private message
georwell
Guru
Guru


Joined: 25 Jun 2003
Posts: 430
Location: Uppsala, Sweden
PostPosted: Tue Sep 21, 2004 7:03 am    Post subject: Reply with quote
Run ssh in verbose or debug mode. How far does it get? You can also try to ssh to a server that works and then ssh from there. What does that do?
Back to top
View user's profile Send private message
Patastrophe
n00b
n00b


Joined: 11 Sep 2003
Posts: 52
PostPosted: Wed Sep 22, 2004 8:07 pm    Post subject: Reply with quote
It seems that other ssh servers work fine from my computer here. But here's what it says when we run sshd -vv, or debug or whatever. This is what my friend tells me what it says when he runs it.


This is what happens when I log in.
Code:

palau pam.d # sshd -d
debug1: sshd version OpenSSH_3.8.1p1
debug1: read PEM private key done: type RSA

debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on 140.228.164.202.
Server listening on 140.228.164.202 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 68.171.85.63 port 40024
debug1: Client protocol version 2.0; client software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1
debug1: permanently_set_uid: 22/22
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user patrick service ssh-connection method none
debug1: attempt 0 failures 0
debug1: PAM: initializing for "patrick"
debug1: PAM: setting PAM_RHOST to "68-171-85-63.clvdoh.adelphia.net"
debug1: PAM: setting PAM_TTY to "ssh"
Failed none for patrick from 68.171.85.63 port 40024 ssh2
Failed none for patrick from 68.171.85.63 port 40024 ssh2
debug1: userauth-request for user patrick service ssh-connection method
keyboard-interactive
debug1: attempt 1 failures 1
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=patrick devs=
debug1: kbdint_alloc: devices 'pam'
debug1: auth2_challenge_start: trying authentication method 'pam'
Postponed keyboard-interactive for patrick from 68.171.85.63 port 40024 ssh2
PAM: Authentication failure for patrick from
68-171-85-63.clvdoh.adelphia.net
Failed keyboard-interactive/pam for patrick from 68.171.85.63 port 40024
ssh2
Failed keyboard-interactive/pam for patrick from 68.171.85.63 port 40024
ssh2
debug1: userauth-request for user patrick service ssh-connection method
keyboard-interactive
debug1: attempt 2 failures 2
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=patrick devs=
debug1: kbdint_alloc: devices 'pam'
debug1: auth2_challenge_start: trying authentication method 'pam'
Postponed keyboard-interactive for patrick from 68.171.85.63 port 40024 ssh2
debug1: PAM: num PAM env strings 0
Postponed keyboard-interactive/pam for patrick from 68.171.85.63 port 40024
ssh2
Accepted keyboard-interactive/pam for patrick from 68.171.85.63 port 40024
ssh2
Accepted keyboard-interactive/pam for patrick from 68.171.85.63 port 40024
ssh2
debug1: monitor_child_preauth: patrick has been authenticated by privileged
process
debug1: PAM: reinitializing credentials
debug1: permanently_set_uid: 1007/100
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 65536 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session

palau pam.d # sshd -d -d
debug2: read_server_config: filename /etc/ssh/sshd_config
debug1: sshd version OpenSSH_3.8.1p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on 140.228.164.202.
Server listening on 140.228.164.202 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 68.171.85.63 port 40025
debug1: Client protocol version 2.0; client software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1
debug1: permanently_set_uid: 22/22
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug2: Network child is on pid 6247
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellma
n-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug2: monitor_read: 0 used once, disabling now
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug2: dh_gen_key: priv key bits set: 127/256
debug2: bits set: 542/1024
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug2: bits set: 511/1024
debug2: monitor_read: 4 used once, disabling now
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user patrick service ssh-connection method none
debug1: attempt 0 failures 0
debug2: monitor_read: 6 used once, disabling now
debug2: input_userauth_request: setting up authctxt for patrick
debug2: input_userauth_request: try method none
debug1: PAM: initializing for "patrick"
debug1: PAM: setting PAM_RHOST to "68-171-85-63.clvdoh.adelphia.net"
debug1: PAM: setting PAM_TTY to "ssh"
debug2: monitor_read: 45 used once, disabling now
debug2: monitor_read: 3 used once, disabling now
Failed none for patrick from 68.171.85.63 port 40025 ssh2
Failed none for patrick from 68.171.85.63 port 40025 ssh2
debug1: userauth-request for user patrick service ssh-connection method
keyboard-interactive
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=patrick devs=
debug1: kbdint_alloc: devices 'pam'
debug2: auth2_challenge_start: devices pam
debug2: kbdint_next_device: devices <empty>
debug1: auth2_challenge_start: trying authentication method 'pam'
Postponed keyboard-interactive for patrick from 68.171.85.63 port 40025 ssh2
debug2: PAM: sshpam_respond entering, 1 responses
debug1: PAM: num PAM env strings 0
Postponed keyboard-interactive/pam for patrick from 68.171.85.63 port 40025
ssh2
debug2: PAM: sshpam_respond entering, 0 responses
debug2: monitor_read: 54 used once, disabling now
Accepted keyboard-interactive/pam for patrick from 68.171.85.63 port 40025
ssh2
Accepted keyboard-interactive/pam for patrick from 68.171.85.63 port 40025
ssh2
debug1: monitor_child_preauth: patrick has been authenticated by privileged
process
debug2: mac_init: found hmac-md5
debug2: User child is on pid 6249
debug1: PAM: reinitializing credentials
debug1: permanently_set_uid: 1007/100
debug2: set_newkeys: mode 0
debug2: set_newkeys: mode 1
debug1: Entering interactive session for SSH2.
debug2: fd 7 setting O_NONBLOCK
debug2: fd 8 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 65536 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session



When a friend of mine logs in, it gives him this. (He can log in successfully, I can't.)
Code:

ebug2: read_server_config: filename /etc/ssh/sshd_config
debug1: sshd version OpenSSH_3.8.1p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on 140.228.164.202.
Server listening on 140.228.164.202 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 140.228.125.198 port 1799
debug1: Client protocol version 2.0; client software version
PuTTY-Release-0.53b
debug1: no match: PuTTY-Release-0.53b
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1
debug1: permanently_set_uid: 22/22
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug2: Network child is on pid 6251
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r
ijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hm
ac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
3des-cbc,aes256-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,r
ijndael192-cbc,aes128-cbc,rijndael128-cbc,blowfish-cbc
debug2: kex_parse_kexinit:
3des-cbc,aes256-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,r
ijndael192-cbc,aes128-cbc,rijndael128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-sha1,hmac-md5,none
debug2: kex_parse_kexinit: hmac-sha1,hmac-md5,none
debug2: kex_parse_kexinit: none,zlib,none
debug2: kex_parse_kexinit: none,zlib,none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-sha1
debug1: kex: client->server 3des-cbc hmac-sha1 none
debug2: mac_init: found hmac-sha1
debug1: kex: server->client 3des-cbc hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
debug2: monitor_read: 0 used once, disabling now
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug2: dh_gen_key: priv key bits set: 187/384
debug2: bits set: 999/2048
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug2: bits set: 975/2048
debug2: monitor_read: 4 used once, disabling now
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user mathias service ssh-connection method none
debug1: attempt 0 failures 0
debug2: monitor_read: 6 used once, disabling now
debug2: input_userauth_request: setting up authctxt for mathias
debug2: input_userauth_request: try method none
debug1: PAM: initializing for "mathias"
debug1: PAM: setting PAM_RHOST to "140.228.125.198"
debug1: PAM: setting PAM_TTY to "ssh"
debug2: monitor_read: 45 used once, disabling now
debug2: monitor_read: 3 used once, disabling now
Failed none for mathias from 140.228.125.198 port 1799 ssh2
Failed none for mathias from 140.228.125.198 port 1799 ssh2
debug1: userauth-request for user mathias service ssh-connection method
keyboard-interactive
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=mathias devs=
debug1: kbdint_alloc: devices 'pam'
debug2: auth2_challenge_start: devices pam
debug2: kbdint_next_device: devices <empty>
debug1: auth2_challenge_start: trying authentication method 'pam'
Postponed keyboard-interactive for mathias from 140.228.125.198 port 1799
ssh2
debug2: PAM: sshpam_respond entering, 1 responses
debug1: PAM: num PAM env strings 0
Postponed keyboard-interactive/pam for mathias from 140.228.125.198 port
1799 ssh2
debug2: PAM: sshpam_respond entering, 0 responses
debug2: monitor_read: 54 used once, disabling now
Accepted keyboard-interactive/pam for mathias from 140.228.125.198 port 1799
ssh2
debug1: monitor_child_preauth: mathias has been authenticated by privileged
process
Accepted keyboard-interactive/pam for mathias from 140.228.125.198 port 1799
ssh2
debug2: mac_init: found hmac-sha1
debug2: mac_init: found hmac-sha1
debug2: User child is on pid 6253
debug1: PAM: reinitializing credentials
debug1: permanently_set_uid: 1000/100
debug2: set_newkeys: mode 0
debug2: set_newkeys: mode 1
debug1: Entering interactive session for SSH2.
debug2: fd 7 setting O_NONBLOCK
debug2: fd 8 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 256 win 16384 max
16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_new: init
debug1: session_new: session 0
debug1: session_pty_req: session 0 alloc /dev/pts/19
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug1: PAM: setting PAM_TTY to "/dev/pts/19"
debug1: Setting controlling tty using TIOCSCTTY.
debug2: fd 4 setting TCP_NODELAY
debug2: channel 0: rfd 10 isatty
debug2: fd 10 setting O_NONBLOCK
debug2: fd 9 is O_NONBLOCK
debug2: channel 0: rcvd adjust 347
debug2: channel 0: rcvd adjust 20
debug2: channel 0: rcvd adjust 45


I can see what's going wrong here, It's not making me a virtual terminal (a /dev/pts) entry. But for the life of me I can't figure out why. Moreoever, I can't figure out why changing the cipher/protocol will let it work for a few seconds then quit out.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy