Results 1 to 6 of 6
i have an Rhel 3 machine.
I can login to it through telnet.
The config files /etc/ssh/sshd_config and /etc/ssh/ssh_config has not been modified.
/etc/hosts.allow and /etc/hosts.deny have all commented lines.
...
- 08-03-2011 #1Just Joined!
- Join Date
- Apr 2007
- Posts
- 29
issues with ssh login
i have an Rhel 3 machine.
I can login to it through telnet.
The config files /etc/ssh/sshd_config and /etc/ssh/ssh_config has not been modified.
/etc/hosts.allow and /etc/hosts.deny have all commented lines.
But the IP address of the system was changed. Could this be issue?
It was earlier configured for passwordless login(dsa).
I tried moving the contents for .ssh file to bkp folder, still no help.
-bash-2.05b$ uname -a
Linux itanium2 2.4.21-9.EL #1 SMP Thu Jan 8 16:54:40 EST 2004 ia64 ia64 ia64 GNU/Linux
posting the verbose ssh log
------------------------------
bash-2.05b$ ssh -v qa_fnp@10.91.220.35
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to 10.91.220.35 [10.91.220.35] port 22.
debug1: Connection established.
debug1: identity file /home2/qa_fnp/.ssh/identity type -1
debug1: identity file /home2/qa_fnp/.ssh/id_rsa type -1
debug1: identity file /home2/qa_fnp/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p2
debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '10.91.220.35' is known and matches the RSA host key.
debug1: Found key in /home2/qa_fnp/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home2/qa_fnp/.ssh/identity
debug1: Trying private key: /home2/qa_fnp/.ssh/id_rsa
debug1: Trying private key: /home2/qa_fnp/.ssh/id_dsa
debug1: Next authentication method: password
qa_fnp@10.91.220.35's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: channel 0: request pty-req
debug1: channel 0: request shell
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: channel_free: channel 0: client-session, nchannels 1
Connection to 10.91.220.35 closed by remote host.
Connection to 10.91.220.35 closed.
debug1: Transferred: stdin 0, stdout 0, stderr 87 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 4650.7
debug1: Exit status -1
-bash-2.05b$
- 08-03-2011 #2Just Joined!
- Join Date
- Dec 2009
- Posts
- 6
Code:#service sshd restart
Code:#grep -lri sshd /var/log
- 08-03-2011 #3Just Joined!
- Join Date
- Apr 2007
- Posts
- 29
sshd is running. I restarted the serice
ssh port is listening too.
oresle i wont have able to successfully enter my pasword.
I checked the /var/log/secure file. The last lines are:
Aug 3 01:03:57 itanium2 sshd[9400]: Accepted password for qa_fnp from ::ffff:10.41.10.38 port 40590 ssh2
Aug 3 01:03:57 itanium2 sshd[9401]: Accepted password for qa_fnp from ::ffff:10.41.10.38 port 40590 ssh2
Aug 3 01:03:57 itanium2 sshd[9402]: fatal: PAM session setup failed[28]: Module is unknown
I guess something is wrong with PAM settings
-bash-2.05b$ sudo cat /etc/pam.d/sshd
#%PAM-1.0
#auth include system-auth
#account required pam_nologin.so
#account include system-auth
#password include system-auth
#session optional pam_keyinit.so force revoke
#session include system-auth
#session required pam_loginuid.so
#
auth required pam_stack.so service=system-auth
#auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session required pam_limits.so
session optional pam_console.so
session required pam_loginuid.so
- 08-03-2011 #4Just Joined!
- Join Date
- Dec 2009
- Posts
- 6
This is my pam.d file.
Code:# cat /etc/pam.d/sshd #%PAM-1.0 auth include system-auth account required pam_nologin.so account include system-auth password include system-auth session optional pam_keyinit.so force revoke session include system-auth session required pam_loginuid.so #
- 08-03-2011 #5Just Joined!
- Join Date
- Apr 2007
- Posts
- 29
thanks a lot, but i made same as urself. no help. dont know what else is wrong
- 08-04-2011 #6Just Joined!
- Join Date
- Apr 2007
- Posts
- 29
Actually the issues were with PAM settings only. If u see the last line: session required pam_loginuid.so
I tried to look in the /lib/security directory. pam_loginuid.so file was not there.
I commented the last line in /etc/pam.d/sshd.
It worked.
Thanks to all
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts