View previous topic :: View next topic |
Author |
Message |
soban_ l33t
Joined: 27 Aug 2008 Posts: 668 Location: /home/soban
|
Posted: Fri May 11, 2012 6:28 pm Post subject: [SOLVED] SSHD nie startuje |
|
|
Tak jak w temacie probuje wystartowac sshd: Code: | /etc/init.d/sshd start | no i niby wszystko ok, ale nie startuje. Nmap po przeskanowaniu 127.0.0.1 tez nic nie zwraca (22 port jest zamkniety - w ogole go nie ma), na pinga oczywiscie maszyna odpowiada. Reinstalowalem juz ssh Code: | emerge -C virtual/ssh && emerge -vq virtual/ssh | jednak efekt ten sam, gdzie moge szukac przyczyny? A i dodam ze ftp z proftpd startuje poprawnie. _________________ gg: 525600
Last edited by soban_ on Sat May 12, 2012 7:01 pm; edited 1 time in total |
|
Back to top |
|
|
Garrappachc Guru
Joined: 26 Dec 2008 Posts: 362 Location: Kraków
|
Posted: Fri May 11, 2012 7:34 pm Post subject: |
|
|
Odpal ssh bezpośrednio z konsoli i zobacz co wypluje. _________________ De profundis clamavi ad Te, Domine
emerge --info | virtual aviation |
|
Back to top |
|
|
soban_ l33t
Joined: 27 Aug 2008 Posts: 668 Location: /home/soban
|
Posted: Fri May 11, 2012 10:05 pm Post subject: |
|
|
tzn co masz na mysli bezposrednio z konsoli? _________________ gg: 525600 |
|
Back to top |
|
|
Garrappachc Guru
Joined: 26 Dec 2008 Posts: 362 Location: Kraków
|
Posted: Fri May 11, 2012 11:07 pm Post subject: |
|
|
Mam na myśli to, żebyś odpalił /usr/sbin/sshd. Zajrzyj do skryptu /etc/init.d/sshd. _________________ De profundis clamavi ad Te, Domine
emerge --info | virtual aviation |
|
Back to top |
|
|
Jacekalex Guru
Joined: 17 Sep 2009 Posts: 553
|
Posted: Sat May 12, 2012 3:54 am Post subject: |
|
|
A która wersja sshd, jak i czym kompilowana i z jakimi flagami, to tajemnica wojskowa, czy koza zjadła?
Konfig sshd i logi z działania ssh też kozioł zeżarł?
Bo ja mam:
Code: | qlist -ICvUq net-misc/openssh
net-misc/openssh-5.9_p1-r4 X hpn pam selinux tcpd
net-misc/openssh-blacklist-0.4.1
|
Code: | telnet localhost 11215
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.9p1-hpn13v11
quit
Protocol mismatch.
Connection closed by foreign host. |
Jak widać, chodzi.
To by było na tyle
|
|
Back to top |
|
|
soban_ l33t
Joined: 27 Aug 2008 Posts: 668 Location: /home/soban
|
Posted: Sat May 12, 2012 10:58 am Post subject: |
|
|
@Garrappachc - robilem tak wczesniej z parametrem start i efekt nadal taki sam (jakby startowal, a nie trybil), sshd wyglada tak: Code: | #!/sbin/runscript
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.3,v 1.2 2011/09/14 21:46:19 polynomial-c Exp $
extra_commands="checkconfig gen_keys"
extra_started_commands="reload"
depend() {
use logger dns
need net
}
SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh}
SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}.pid}
SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd}
checkconfig() {
if [ ! -d /var/empty ] ; then
mkdir -p /var/empty || return 1
fi
if [ ! -e "${SSHD_CONFDIR}"/sshd_config ] ; then
eerror "You need an ${SSHD_CONFDIR}/sshd_config file to run sshd"
eerror "There is a sample file in /usr/share/doc/openssh"
return 1
fi
gen_keys || return 1
[ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \
&& SSHD_OPTS="${SSHD_OPTS} -o PidFile=${SSHD_PIDFILE}"
[ "${SSHD_CONFDIR}" != "/etc/ssh" ] \
&& SSHD_OPTS="${SSHD_OPTS} -f ${SSHD_CONFDIR}/sshd_config"
"${SSHD_BINARY}" -t ${SSHD_OPTS} || return 1
}
gen_key() {
local type=$1 key ks
[ $# -eq 1 ] && ks="${type}_"
key="${SSHD_CONFDIR}/ssh_host_${ks}key"
if [ ! -e "${key}" ] ; then
ebegin "Generating ${type} host key"
ssh-keygen -t ${type} -f "${key}" -N ''
eend $? || return $?
fi
}
gen_keys() {
if egrep -q '^[[:space:]]*Protocol[[:space:]]+.*1' "${SSHD_CONFDIR}"/sshd_config ; then
gen_key rsa1 "" || return 1
fi
gen_key dsa && gen_key rsa && gen_key ecdsa
return $?
}
start() {
checkconfig || return 1
ebegin "Starting ${SVCNAME}"
start-stop-daemon --start --exec "${SSHD_BINARY}" \
--pidfile "${SSHD_PIDFILE}" \
-- ${SSHD_OPTS}
eend $?
}
stop() {
if [ "${RC_CMD}" = "restart" ] ; then
checkconfig || return 1
fi
ebegin "Stopping ${SVCNAME}"
start-stop-daemon --stop --exec "${SSHD_BINARY}" \
--pidfile "${SSHD_PIDFILE}" --quiet
eend $?
}
reload() {
checkconfig || return 1
ebegin "Reloading ${SVCNAME}"
start-stop-daemon --signal HUP \
--exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}"
eend $?
} |
@Jacekalex tajemnica wojskowa jasne ze nie jest, nie podawalem nic wiecej - bo myslalem ze w czyms innym tkwi blad (tak samo mam skompilowane np na serwerze domowym i trybi) jednak flagi to: hpn, kerberos, pam, tcpd. Przy laczeniu sie telnetem z portem 22 wywala:Zas jesli chodzi o konfiguracje /etc/ssh/sshd_config: Code: | # $OpenBSD: sshd_config,v 1.84 2011/05/23 03:30:07 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
PrintMotd no
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none
# no default banner path
#Banner none
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
# the following are HPN related configuration options
# tcp receive buffer polling. disable in non autotuning kernels
#TcpRcvBufPoll yes
# allow the use of the none cipher
#NoneEnabled no
# disable hpn performance boosts.
#HPNDisabled no
# buffer size for hpn to non-hpn connections
#HPNBufferSize 2048
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server | Cos jeszcze koza zjadla co potrzeba? d-: Co do wersji openssh to z 6.0_p1 zrobilem downgrade do 5.9_p1-r4 ale efekt nadal jest ten sam... _________________ gg: 525600 |
|
Back to top |
|
|
SlashBeast Retired Dev
Joined: 23 May 2006 Posts: 2922
|
Posted: Sat May 12, 2012 11:05 am Post subject: |
|
|
Good grief. Nikt nie chce Twjego sshd z init.d, chodzi o to bys przeczytal jak on jest startowany i to recznie zrobil widzac bledy...
Odpal z palca, '/usr/sbin/sshd -Dd' i czytaj output... |
|
Back to top |
|
|
soban_ l33t
Joined: 27 Aug 2008 Posts: 668 Location: /home/soban
|
Posted: Sat May 12, 2012 11:14 am Post subject: |
|
|
@SlashBeast - z tym co podales '/usr/sbin/sshd -Dd' startuje poprawnie i moge sie nawet polaczyc w skrocie - tak smiga... (bledow niet) wiec nie wiem o co chodzi ze nie moge wystartowac z '/etc/init.d/sshd start' jakies pomysly? _________________ gg: 525600 |
|
Back to top |
|
|
Jacekalex Guru
Joined: 17 Sep 2009 Posts: 553
|
Posted: Sat May 12, 2012 12:39 pm Post subject: |
|
|
A może zawieruszył się plik:
dla skryptu startowego z init.d?
Albo ma jakieś błędy lub białe znaki, których mieć nie powinien. |
|
Back to top |
|
|
soban_ l33t
Joined: 27 Aug 2008 Posts: 668 Location: /home/soban
|
Posted: Sat May 12, 2012 7:01 pm Post subject: |
|
|
No nie wyglada zeby bylo cos dziwnego w nim (tzn ze istnieje tyz): Code: | # /etc/conf.d/sshd: config file for /etc/init.d/sshd
# Where is your sshd_config file stored?
SSHD_CONFDIR="/etc/ssh"
# Any random options you want to pass to sshd.
# See the sshd(8) manpage for more info.
SSHD_OPTS=""
# Pid file to use (needs to be absolute path).
#SSHD_PIDFILE="/var/run/sshd.pid"
# Path to the sshd binary (needs to be absolute path).
#SSHD_BINARY="/usr/sbin/sshd" | Chodzi Ci o bialy znak w konfiguracji jakies? Usunalem katalog z /etc/ssh + reinstalacja openssh ale nadal to samo, po wygenerowaniu nowego klucza...
//EDIT
Dobra chyba panowie nie dojdziemy co to jest, jednak znalazlem rozwiazanie mocno na okretne. Skopiowalem pliki konfiguracyjne, rozpakowalem stage3 jeszcze raz i trybi. Zapuszcze za chwile rekompilacje systemu z tymi flagami, szczerze to nie mam pojecia co to powodowalo. _________________ gg: 525600 |
|
Back to top |
|
|
|