All Forums |
Register |
Login |
Search |
Subscriptions |
My Profile |
Inbox |
Tool Warehouse |
FAQs |
Resources |
Help |
Member List |
Address Book |
Logout |
|
|
Problems after updating to SSH-3.9
|
Logged in as: Guest |
Users viewing this topic: none |
|
Login  |
|
|
Problems after updating to SSH-3.9 - Oct. 27, '04, 1:20:01 PM
|
|
|
einhirn
Posts: 12
Joined: Apr. 21, '04,
Status: offline
|
Hello...
After installing the new SSH-3.9 I can't log in to my Windows box anymore: I connect, give my username (pcadmin) and my password. If I mistype the Password, I get an "Access Denied" and another Password prompt. But if I enter the correct password, the connection to the ssh-server is closed immediately.
Can anyone help?
I didn't succeed in enabling some logging for debug...
bye
Christian
|
|
|
RE: Problems after updating to SSH-3.9 - Oct. 27, '04, 1:46:26 PM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
Which shell is your default (csh, bash)? The output from "finger username" will tell you.
I ask in case you have the default shell as bash and have version 3.0 rather than 3.0.0.1.
The password was accepted so that means it'll be something after that.
Have you tried another user to see if the same happens?
|
|
|
RE: Problems after updating to SSH-3.9 - Oct. 27, '04, 5:04:06 PM
|
|
|
einhirn
Posts: 12
Joined: Apr. 21, '04,
Status: offline
|
Well, I am using TCSH as login shell... I haven't updated it since I installed Interix (when SSH-3.8.1 was recent)
I haven't tried another user, since I haven't got another user with login rights on that machine. OTOH: I could also change the shell for that user... Changed it to /bin/sh which points to ksh - but didn't help. Still no session. Could it be something in the sshd_config file? Could it be something with "pcadmin" being an administrator account?
This time I tried "ssh -v host '/bin/ls -la /'", but it doesn't show anything. It just tells me about an exit code 0 and I don't get anything listed...
bye
Christian
|
|
|
RE: Problems after updating to SSH-3.9 - Oct. 28, '04, 2:48:05 AM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
I just wanted to eliminate bash from being in the equation because
(as discussed in another thread) there was an issue with the latest version.
That appears to be resolved now.
What is the output from the id command for the user "pcadmin"?
|
|
|
RE: Problems after updating to SSH-3.9 - Oct. 29, '04, 4:25:39 AM
|
|
|
einhirn
Posts: 12
Joined: Apr. 21, '04,
Status: offline
|
Here is the output of the ID command...
uid=197108(pcadmin) gid=197121(Domänen-Benutzer) groups=197121(Domänen-Benutzer), 65792(+Jeder), 131616(+Administratoren), 131617(+Benutzer), 66820(+INTERAKTIV), 66827(+Authentifizierte Benutzer), 4095(CurrentSession), 66048(+LOKAL), 203296(msdnaa), 197120(Domänen-Admins), 197128(Richtlinien-Ersteller-Besitzer), 201547(Plotter), 201552(rzstaff)
|
|
|
RE: Problems after updating to SSH-3.9 - Oct. 29, '04, 11:16:53 AM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
thanks. This gives me some information to use here to try some things.
< Message edited by Rodney -- Oct. 29, '04, 11:17:17 AM >
|
|
|
RE: Problems after updating to SSH-3.9 - Oct. 29, '04, 12:13:11 PM
|
|
|
einhirn
Posts: 12
Joined: Apr. 21, '04,
Status: offline
|
I also tried something here: On a fresh Windows XP in a VMware (only installation I had at Hand) I installed a "stock" SFU3.5, then the package script from interopsystems and then the OpenSSH 3.9 via pkg_add <ftp-link>.
It doesn't work either... The ID-Command of the user I tried shows:
uid=197108(Administrator) gid=197121(Kein) groups=197121(Kein), 65792(+Jeder), 131616(+Administratoren), 131617(+Benutzer), 66820(+INTERAKTIV), 66827(+Authentifizierte Benutzer), 4095(CurrentSession), 66048(+LOKAL)
Is there something that might be wrong about my SFU-Installation? I haven't configured User Name mapping, since I didn't understand it's use, and I have deactivated "NFS-Authentication" or so, because I don't want NFS...
Could that be the problem? If so, how to circumvent it?
< Message edited by einhirn -- Oct. 29, '04, 12:26:41 PM >
|
|
|
RE: Problems after updating to SSH-3.9 - Oct. 31, '04, 1:45:58 PM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
I've made a small change to a function that might be it.
I'm combined this with a change I made for openssh in another thread, but that
shouldn't affect you. So try updating to:
pkg_add ftp://ftp.interopsystems.com/pkgs/beta/openssh-3.9.0.1.1-bin.tgz
This will do an update.
Then try doing the login with "pcadmin" again to see if things change.
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 1, '04, 9:24:55 AM
|
|
|
einhirn
Posts: 12
Joined: Apr. 21, '04,
Status: offline
|
Sorry, still doesn't work.
Neither on my Windows 2000 Server nor on my clean-install windows xp sp2 (I tried with "ssh localhost"/"ssh 127.0.0.1")
Is there anything I can do for you to help me? Debug output? Settings to try? What settings of SFU (and others) do you use?
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 1, '04, 10:52:18 AM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
Sorry this is happening to you still. It's very odd.
You don't need username mapping or NFS. You just need the Interix portion installed.
I'd though it might be a file getting accessed, so I'd tried a change in 3.9.0.1.1
(in the beta directory) to see if this would help.
That your passowrd is getting accepted means pretty much that you've successfully
logged in. That the problem happens with a user who's name has not been renamed
shows it's not related to that. It seems like some error is happening after as the
shell is starting.
So let's see what the output from the debugging messages will be.
Can you let me know what the ouput from ssh with the '-v' option ("ssh -v ...")
gives you? You can post it here or if you prefer not to make it public you can e-mail
it to instead.
< Message edited by Rodney -- Nov. 1, '04, 10:53:12 AM >
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 1, '04, 11:03:06 AM
|
|
|
einhirn
Posts: 12
Joined: Apr. 21, '04,
Status: offline
|
Here it is:
otherhost# ssh -v pcadmin@host
OpenSSH_3.9p1, OpenSSL 0.9.7a-p1 Feb 19 2003
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to host [123.123.123.123] port 22.
debug1: Connection established.
debug1: identity file /home/me/.ssh/identity type -1
debug1: identity file /home/me/.ssh/id_rsa type -1
debug1: identity file /home/me/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.9p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host 'host (123.123.123.123)' can't be established.
RSA key fingerprint is xxxx.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'host,123.123.123.123' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/me/.ssh/identity
debug1: Trying private key: /home/me/.ssh/id_rsa
debug1: Trying private key: /home/me/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
pcadmin@host's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to host closed.
debug1: Transferred: stdin 0, stdout 0, stderr 28 bytes in 0.1 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 353.2
debug1: Exit status 255
As you already guessed, the Auth is successful but I won't get into my interactive session. Also, the result is the same if I submit a command for execution (see above in thread)
thanks for your effort
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 1, '04, 1:00:17 PM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
> debug1: Entering interactive session.
From this point on you should just see the shell starting up (at level 1 debug (-v)).
> debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
This indicates that the shell exited with no error status.
So let's go further. I don't know if this will give the great clue we're looking for
but if we don't try we won't know. Run the ssh again but this time have debugging
set to level 3. You do this with three '-v' in a row (ssh -v -v -v ...).
If you don't have syslogd running let's get that turned on. This will provide
some information from the server side. Once syslogd is running restart sshd
so it will talk with syslogd. Then after the connection from ssh see what
messages are in the log file "/var/adm/log/messages".
On the syslogd man page are instructions for starting it:
If you need to enable this service, remove the comment characters from the
following lines in /etc/init.d/syslog and then start the service with the
command /etc/init.d/syslog start, or restart the computer.
# ${SYSLOGD}
# [ $? = 0 ] && echo "syslogd started"
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 4, '04, 3:41:28 AM
|
|
|
einhirn
Posts: 12
Joined: Apr. 21, '04,
Status: offline
|
Here is what I get from /var/adm/log/messages after enabling syslogd:
Nov 4 09:30:35 hostname sshd[651]: Accepted password for pcadmin
from 127.0.0.1 port 8914589 ssh2
Nov 4 09:30:35 hostname sshd[1039]: fatal: Failed to set uids to
197108.
This was with the "Version 3.9.0.1.1 of openssh for Interix 3.5."
Hope this helps? Anyway, as requested, an excerpt from "ssh -vvv localhost"
[...]
debug1: Authentication succeeded (password).
debug2: fd 5 setting O_NONBLOCK
debug3: fd 6 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending command: 2
debug2: channel 0: request exec confirm 0
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 131072
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cfd -1)
debug3: channel 0: close_fds r -1 w -1 e 6 c -1
debug1: fd 1 clearing O_NONBLOCK
debug3: fd 2 is not O_NONBLOCK
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 255
Thanks in advance
bye
Christian
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 5, '04, 1:57:02 AM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
> Nov 4 09:30:35 hostname sshd[1039]: fatal: Failed to set uids to 197108
This usually indicates that the daemon isn't running as the correct user.
If you do a "ps -Alw | grep sshd" which user does it show sshd running as ?
If you do the 'id username' on that user what is the output ?
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 5, '04, 4:49:25 AM
|
|
|
einhirn
Posts: 12
Joined: Apr. 21, '04,
Status: offline
|
The sshd runs as "pcadmin", the id - output is as written above. Since that can't be right, how do I change it, to eg. "local system" ?
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 5, '04, 11:34:26 AM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
The daemon should be running as the user with uid 197108 which in your case is "pcadmin".
So that's okay.
The problem is narrowed down to an actual error message and we have scope of what the
running context is. So I'll look at this area of the code and get back.
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 5, '04, 1:30:36 PM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
Can you download the file "ftp://ftp.interopsystems.com/pub/test_for_ssh" ?
It's a test file I've made. It's a static Interix executable.
You can place it anywhere; doesn't matter.
Then "chmod +x" it to make sure it's executable.
Then run it: "./test_for_ssh pcadmin"
Can you tell me what the output is? thanks.
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 10, '04, 7:58:31 AM
|
|
|
einhirn
Posts: 12
Joined: Apr. 21, '04,
Status: offline
|
Found some time to try it at last...
The output from "test_for_ssh" is:
-------------
Test output:
name == pcadmin
uid is special
-------------
Hope this helps
< Message edited by einhirn -- Nov. 10, '04, 7:59:48 AM >
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 10, '04, 10:52:02 AM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
Thanks.
|
|
|
RE: Problems after updating to SSH-3.9 - Nov. 11, '04, 1:34:43 PM
|
|
|
Rodney
Posts: 3729
Joined: Jul. 9, '02,
From: /Tools lab
Status: online
|
I placed a newer test version of openssh in beta Beta directory for Brian
testing the Port Forwarding problem he was having. That patch has cleared
the problem he was experiencing.
The key error message you had of "fatal: Failed to set uids to 197108" pointed me at
the area of the code issuing the error. The test program I got you to run shows that
things should be okay. I'm thinking that maybe I put a wrongly linked package for
your run of openssh (I can't think of another good reason). The test program and the
newest beta are linked the same way. So try this one:
ftp://ftp.interopsystems.com/pkgs/beta/openssh-3.9.0.1.0.3-bin.tgz
|
|
|
New Messages |
No New Messages |
Hot Topic w/ New Messages |
Hot Topic w/o New Messages |
|
Locked w/ New Messages |
Locked w/o New Messages |
|
Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
|