Find the answer to your Linux question:
Results 1 to 6 of 6
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    issues with ssh login

    i have an Rhel 3 machine.

    I can login to it through telnet.

    The config files /etc/ssh/sshd_config and /etc/ssh/ssh_config has not been modified.
    /etc/hosts.allow and /etc/hosts.deny have all commented lines.

    But the IP address of the system was changed. Could this be issue?

    It was earlier configured for passwordless login(dsa).

    I tried moving the contents for .ssh file to bkp folder, still no help.

    -bash-2.05b$ uname -a
    Linux itanium2 2.4.21-9.EL #1 SMP Thu Jan 8 16:54:40 EST 2004 ia64 ia64 ia64 GNU/Linux

    posting the verbose ssh log


    bash-2.05b$ ssh -v qa_fnp@
    OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Rhosts Authentication disabled, originating port will not be trusted.
    debug1: Connecting to [] port 22.
    debug1: Connection established.
    debug1: identity file /home2/qa_fnp/.ssh/identity type -1
    debug1: identity file /home2/qa_fnp/.ssh/id_rsa type -1
    debug1: identity file /home2/qa_fnp/.ssh/id_dsa type -1
    debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p2
    debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host '' is known and matches the RSA host key.
    debug1: Found key in /home2/qa_fnp/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,password
    debug1: Next authentication method: publickey
    debug1: Trying private key: /home2/qa_fnp/.ssh/identity
    debug1: Trying private key: /home2/qa_fnp/.ssh/id_rsa
    debug1: Trying private key: /home2/qa_fnp/.ssh/id_dsa
    debug1: Next authentication method: password
    qa_fnp@'s password:
    debug1: Authentication succeeded (password).
    debug1: channel 0: new [client-session]
    debug1: Entering interactive session.
    debug1: channel 0: request pty-req
    debug1: channel 0: request shell
    debug1: channel 0: open confirm rwindow 0 rmax 32768
    debug1: channel_free: channel 0: client-session, nchannels 1
    Connection to closed by remote host.
    Connection to closed.

    debug1: Transferred: stdin 0, stdout 0, stderr 87 bytes in 0.0 seconds
    debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 4650.7
    debug1: Exit status -1

  2. #2
    #service sshd restart
    #grep -lri sshd /var/log

  3. #3
    sshd is running. I restarted the serice
    ssh port is listening too.
    oresle i wont have able to successfully enter my pasword.

    I checked the /var/log/secure file. The last lines are:

    Aug 3 01:03:57 itanium2 sshd[9400]: Accepted password for qa_fnp from ::ffff: port 40590 ssh2
    Aug 3 01:03:57 itanium2 sshd[9401]: Accepted password for qa_fnp from ::ffff: port 40590 ssh2
    Aug 3 01:03:57 itanium2 sshd[9402]: fatal: PAM session setup failed[28]: Module is unknown

    I guess something is wrong with PAM settings
    -bash-2.05b$ sudo cat /etc/pam.d/sshd
    #auth include system-auth
    #account required
    #account include system-auth
    #password include system-auth
    #session optional force revoke
    #session include system-auth
    #session required
    auth required service=system-auth
    #auth required
    account required service=system-auth
    password required service=system-auth
    session required service=system-auth
    session required
    session optional
    session required

  4. $spacer_open
  5. #4
    This is my pam.d file.

    # cat /etc/pam.d/sshd
    auth       include      system-auth
    account    required
    account    include      system-auth
    password   include      system-auth
    session    optional force revoke
    session    include      system-auth
    session    required

  6. #5
    thanks a lot, but i made same as urself. no help. dont know what else is wrong

  7. #6
    Actually the issues were with PAM settings only. If u see the last line: session required
    I tried to look in the /lib/security directory. file was not there.
    I commented the last line in /etc/pam.d/sshd.
    It worked.
    Thanks to all

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts