ssh problem [solved]

[cronopio]

My ssh conexion failed

[adaptr]

The problem is one of the following:
- the remote host does not match or offer the ssh protocol version you use on the client, or
- the remote host refuses any hosts that are not already known to it.

Hard to tell exactly without more info.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen

[rex123]

[cronopio]

The output of ssh -vvv "my_machine" is:

OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: cipher ok: aes128-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: 3des-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: blowfish-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: cast128-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: arcfour [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes192-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes256-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: ciphers ok: [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug2: ssh_connect: needpriv 0
debug1: Connecting to cronogentoo.is-a-geek.com [82.159.43.58] port 22.
debug1: Connection established.
debug1: identity file /home/lupas/.ssh/identity type -1
debug3: Not a RSA1 key file /home/lupas/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/lupas/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /home/lupas/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/lupas/.ssh/id_dsa type 2
ssh_exchange_identification: Connection closed by remote host

[robdd]

Hey ! You shouldn't post stuff that includes your IP address or other SSH stuff without overwriting the sensitive stuff with xxxxx's. If someone knows your ssh server address and username they can start attacking your server - maybe a bit paranoid, but better safe than sorry

I'm not an ssh expert, bit I did get my ssh server working - I've posted a recipe in this thread:

https://forums.gentoo.org/viewtopic-t-361244.html

From looking at your log I'd say (and like I said I'm no expert) that perhaps you have the private and public keys swapped around ?? If you're using private key authentication then you need your public key (id_rsa.pub) on the ssh server, and in home/.ssh/authorized_keys2, and you need your private key (id_rsa) on your client. Make sure your keys are set up correctly and the right way round, and come back with what you see. If you have access to /var/log/messages on the ssh server there may be some clues in there (but again be careful when posting stuff, because the log can show your key information).
_________________
Rob Diamond
Gentoo Hack, hack, hacker
Sydney, Australia

[Jerem]

Edit /etc/ssh/sshd_config and /etc/ssh/ssh_config so they use the same protocol and port.

Port 22
Protocol 2

You may also not be able to login as root, since pam does not allow that in most cases. Connect as another user and then use su from there to gain root rights.

You must also generate a key pair on one of the computers, so it can share it with the other.

ssh-keygen -t rsa
ssh-keygen -t dsa

If you have a .authorized_keys in a .ssh or /etc/ssh, edit it accordingly or delete it.

[cronopio]

I try with it, but the problem continues:

OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to cronogentoo.is-a-geek.com [82.159.43.58] port 22.
debug1: Connection established.
debug1: identity file /home/lupas/.ssh/identity type -1
debug1: identity file /home/lupas/.ssh/id_rsa type 1
debug1: identity file /home/lupas/.ssh/id_dsa type 2
ssh_exchange_identification: Connection closed by remote host

[cronopio]

#Only enable version 2
Protocol 2

#Disable root login. Users have to su to root
PermitRootLogin no

#Turn on Public key authentication
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys

#Disable .rhost and normal password authentication
#RhostsAuthentication no
PasswordAuthentication yes
PermitEmptyPasswords no

#Only allow userin the wheel or admin group to login
AllowGroups wheel admin

#In those groups only allow the following users
#The @<domainname> is optional but replaces the
#older AllowHosts directive
#AllowUsers lupas@cronogentoo.is-a-geek.com

#Logging
SyslogFacility AUTH
LogLevel INFO

#ListenAddress 127.0.0.1


Can anyone tell me something about my problem? buah! I feel lonely...

[Sparrow_CA]

Can you ssh to any other machines?
Can any other machines ssh to the target box?
Are you trying to use password or publickey authentication?

It looks like you'r problem is server-side; I hope you have terminal access to the box.
Turn up your logging in /etc/ssh/sshd_config by setting INFO to DEBUG. Then restart sshd and look in /var/log/auth when you try to login.

[rex123]

Try putting

[cronopio]

I try with
UsePAM yes
and whit
LogLevel DEBUG

for more information and that is the messages:

# more /var/log/sshd/current
- Last output repeated twice -
Jul 27 20:10:49 [sshd] debug1: Bind to port 22 on 0.0.0.0.
Jul 27 20:10:49 [sshd] socket: Address family not supported by protocol
Jul 27 20:10:49 [sshd] fatal: Cannot bind any address.
Jul 27 20:15:27 [sshd] debug1: Bind to port 22 on 82.159.43.58.
Jul 27 20:15:27 [sshd] error: Bind to port 22 on 82.159.43.58 failed: Address already in use.
Jul 27 20:15:27 [sshd] fatal: Cannot bind any address.
Jul 27 20:17:04 [sshd] debug1: Bind to port 22 on 127.0.0.1.
Jul 27 20:17:04 [sshd] error: Bind to port 22 on 127.0.0.1 failed: Address already in use.
Jul 27 20:17:04 [sshd] fatal: Cannot bind any address.
Jul 27 20:17:58 [sshd] debug1: Bind to port 22 on 0.0.0.0.
Jul 27 20:17:58 [sshd] socket: Address family not supported by protocol
Jul 27 20:17:58 [sshd] fatal: Cannot bind any address.
Jul 27 20:20:25 [sshd] debug1: Bind to port 22 on 127.0.0.1.
Jul 27 20:20:25 [sshd] error: Bind to port 22 on 127.0.0.1 failed: Address already in use.
Jul 27 20:20:25 [sshd] fatal: Cannot bind any address.
#

I try with various IPs for ListenAdress, and i try comment this line.

Nothing about UsePAM.

And now, my friends?

[Sparrow_CA]

How are you running sshd? It looks like you'r trying to start two instances of it.
run

[cronopio]

This is the output:

# killall sshd
sshd: no process killed
# ((?????))
#/etc/init.d/sshd zap
* Manually resetting sshd to stopped state.
#
#/etc/init.d/sshd start
* Starting sshd ... [ ok ]
#
# netstat -tl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 localhost:819 *:* LISTEN
tcp 0 0 *:domain *:* LISTEN
tcp 0 0 *:4662 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:5335 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:5335 *:* LISTEN
tcp 0 0 *:ipp *:* LISTEN
tcp 0 0 *:microsoft-ds *:* LISTEN
#
#ps -ef | grep ssh
root 27080 1 0 Jul26 ? 00:00:00 ssh-agent
root 27237 1 0 Jul26 ? 00:00:00 ssh-agent
root 29910 28576 0 08:03 pts/0 00:00:00 grep ssh
#

[Sparrow_CA]

Well that's strange. Somehow you have two processes listening on your ssh port, which I thought was impossable...unless, try:

[cronopio]

This is the output:

# killall sshd
sshd: no process killed
# ((?????))
#/etc/init.d/sshd zap
* Manually resetting sshd to stopped state.
#
#/etc/init.d/sshd start
* Starting sshd ... [ ok ]
#
# netstat -tl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 localhost:819 *:* LISTEN
tcp 0 0 *:domain *:* LISTEN
tcp 0 0 *:4662 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:5335 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:5335 *:* LISTEN
tcp 0 0 *:ipp *:* LISTEN
tcp 0 0 *:microsoft-ds *:* LISTEN
#
#ps -ef | grep ssh
root 27080 1 0 Jul26 ? 00:00:00 ssh-agent
root 27237 1 0 Jul26 ? 00:00:00 ssh-agent
root 29910 28576 0 08:03 pts/0 00:00:00 grep ssh
#

[Sparrow_CA]

double post? try again!