| View previous topic :: View next topic |
| Author |
Message |
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1709
|
 Posted: Wed Sep 09, 2015 1:36 am Post subject: SSH Auth Fail |
 |
|
There's an app on my Android called Home Remote Control Pro. It's basically a remote-control for your phone to Windows/Mac via a custom java-server and via Linux via ssh. I initially tried the free version and eventually paid for the full version (no ads and unlimited device connections) and things were working great. Then one day it all stopped working. I could no longer connect to my Gentoo desktop and received a simple 'Auth Fail' message in the app. The app still connects fine to my Windows 10 partition and connects fine to my Ubuntu laptop (via the custom java-server and a ssh server, respectively). I've had several back and forth emails with the dev, who can't seem to reproduce the issue and when my Ubuntu laptop was able to connect it made me realize that it's a problem with my Gentoo box somewhere.
Some background info:
| uname -a: | | Linux compy_gentoo 4.0.5-gentoo #2 SMP Sat Jul 18 11:32:20 EDT 2015 x86_64 Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz GenuineIntel GNU/Linux |
| emerge openssh -pv: | | [ebuild R ] net-misc/openssh-6.9_p1-r2::gentoo USE="X hpn ldap ldns pam pie sctp skey ssl -X509 -bindist -debug -kerberos -libedit (-selinux) -ssh1 -static" 1,498 KiB |
Also, the following appears in my auth.log when I try to connect:
| Code: | | error: Received disconnect from 192.168.1.11: 3: com.jcraft.jsch.JSchException: Auth fail [preauth] |
That IP is my internal IP (statically set by the router) for my phone. My computer is statically set to *.*.*.10. I do not use a public key - this is a password login. Interestingly, I have an SSH app that connects to this same computer just fine, so there's something about the way this app is connecting that isn't agreeing with my current setup. Unfortunately, the error that's thrown appears to be fairly generic and I'm not sure how to troubleshoot farther. Any thoughts? |
|
| Back to top |
|
 |
massimo
Veteran
Joined: 22 Jun 2003
Posts: 1226
|
| Posted: Wed Sep 09, 2015 6:18 am Post subject: |
|
|
If you're not able to debug the connection setup on the client-side do it on your ssh server (LogLevel DEBUG). You could also capture the traffic using tcpdump/wireshark.
_________________
Hello 911? How are you? |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1709
|
| Posted: Wed Sep 09, 2015 12:13 pm Post subject: |
|
|
| massimo wrote: | | If you're not able to debug the connection setup on the client-side do it on your ssh server (LogLevel DEBUG). You could also capture the traffic using tcpdump/wireshark. |
Below are the debugged SSH info and wireshark dump info:
| LogLevel DEBUG: | 09/09/15 07:44:49 AM compy_gentoo sshd[4548] debug1: Forked child 4555.
09/09/15 07:44:49 AM compy_gentoo sshd[4555] Set /proc/self/oom_score_adj to 0
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: inetd sockets after dupping: 3, 3
09/09/15 07:44:49 AM compy_gentoo sshd[4555] Connection from 192.168.1.11 port 59961 on 192.168.1.10 port 22
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: no match: JSCH-0.1.53
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Enabling compatibility mode for protocol 2.0
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Client protocol version 2.0; client software version JSCH-0.1.53
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Local version string SSH-2.0-OpenSSH_6.9p1-hpn14v5
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: HPN Disabled: 0, HPN Buffer Size: 87380
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: permanently_set_uid: 22/22 [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: SSH2_MSG_KEXINIT sent [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: SSH2_MSG_KEXINIT received [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: AUTH STATE IS 0 [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: kex: client->server aes128-ctr hmac-sha1 none [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: kex: server->client aes128-ctr hmac-sha1 none [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: SSH2_MSG_NEWKEYS sent [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: expecting SSH2_MSG_NEWKEYS [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: SSH2_MSG_NEWKEYS received [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: KEX done [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: userauth-request for user alienjon service ssh-connection method none [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: attempt 0 failures 0 [preauth]
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Config token is loglevel
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Config token is passwordauthentication
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Config token is usepam
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Config token is printmotd
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Config token is printlastlog
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Config token is useprivilegeseparation
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Config token is subsystem
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: Config token is acceptenv
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: PAM: initializing for "alienjon"
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: PAM: setting PAM_RHOST to "192.168.1.11"
09/09/15 07:44:49 AM compy_gentoo sshd[4555] debug1: PAM: setting PAM_TTY to "ssh"
09/09/15 07:44:50 AM compy_gentoo sshd[4555] error: Received disconnect from 192.168.1.11: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]
09/09/15 07:44:50 AM compy_gentoo sshd[4555] Disconnected from 192.168.1.11 [preauth]
09/09/15 07:44:50 AM compy_gentoo sshd[4555] debug1: do_cleanup [preauth]
09/09/15 07:44:50 AM compy_gentoo sshd[4555] debug1: PAM: cleanup
09/09/15 07:44:50 AM compy_gentoo sshd[4555] debug1: do_cleanup
09/09/15 07:44:50 AM compy_gentoo sshd[4555] debug1: monitor_read_log: child log fd closed
09/09/15 07:44:50 AM compy_gentoo sshd[4555] debug1: Killing privsep child 4560 |
As for the Wireshark info, I really haven't used this program before, and figuring that sending a dump of the info would likely contain sensitive info, I'm including a screenshot (though please let me know if there's any particular information that I could provide which would be helpful, I'd ask for help in how to obtain it otherwise, however): http://charlies-server.com/~alienjon/Media/wireshark.png
The only thing that jumped out to me was in the debug log, where it mentioned "no match: JSCH-0.1.53". I don't have JSCH installed, though I didn't before either when the program ran fine. I installed version 0.1.49 (the stable version in my tree - 0.1.53 isn't even in the tree) anyway, but the same error comes up. |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1709
|
| Posted: Wed Sep 09, 2015 12:34 pm Post subject: |
|
|
| alienjon wrote: | | I installed version 0.1.49 (the stable version in my tree - 0.1.53 isn't even in the tree) anyway, but the same error comes up. |
After some searching I found that the vaca overlay contains 0.1.53. Installing this version doesn't change anything. |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1709
|
| Posted: Wed Sep 09, 2015 1:49 pm Post subject: |
|
|
I figured out the cause. Apparently my SSH server was configured such that:
| /etc/ssh/sshd_config: | | PasswordAuthentication no |
JSCH doesn't seem to like this. Enabling this (commenting out the line) allows the app to connect, but is this something I'll want to keep like this? I'm not sure how this will or won't effect my system security. |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54214
Location: 56N 3W
|
| Posted: Wed Sep 09, 2015 2:15 pm Post subject: |
|
|
alienjon,
You should disable root logins. That's just become the default.
The reason is that you need a user name and password to connect and every Linux has a root user.
Put your normal user in the wheel group and use su - or sudo su - to become root when its needed.
How secure | Code: | | PasswordAuthentication yes |
is depends on the strenght of your password and the size of the hash space.
If an attacker can generate a hash collision, now trivial with MD5, they don't need the same password as you use.
MD5 was dropped as a password hash algorithm years ago now.
The biggest risk is poor passwords and social engineering.
If you disable password login altogether, you will need a ssh key pair. You put the public part on the server and keep the private part secret.
The private key still needs a password to unlock it but the password is never sent over the internet - not even in an encrypted form.
Even if password logins are disabled, sshd still goes through the password login sequence but it always ends in failure.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1709
|
| Posted: Wed Sep 09, 2015 2:34 pm Post subject: |
|
|
Hi NeddySeagoon! Long time no talk 
| NeddySeagoon wrote: | | You should disable root logins. |
Do you mean uncommenting?:
| /etc/ssh/sshd_config: | | #PermitRootLogin no |
This app accepts SSH Key files w/ passcodes. I've never really gone into more depth than simple logins (and my user is in the wheel group, so direct root logins aren't necessary). I'm going to look into the Gentoo SSH handbook (unless someone has a better suggestion for reading material). |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54214
Location: 56N 3W
|
| Posted: Wed Sep 09, 2015 3:12 pm Post subject: |
|
|
alienjon,
There is no need. The commented options in sshd.config are the defaults. You only need uncomment them if you want to change them.
| Code: | | #PermitRootLogin no |
is therefore the default.
Of course, you should always test these things :)
Trust but verify.
You might have | Code: | | PermitRootLogin yes |
elsewhere in the file.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
depontius
Advocate
Joined: 05 May 2004
Posts: 3509
|
| Posted: Wed Sep 09, 2015 3:29 pm Post subject: |
|
|
| NeddySeagoon wrote: | alienjon,
| Code: | | #PermitRootLogin no |
is therefore the default.
|
Unfortunately either rkhunter or chkrootkit really likes to see this line uncommented - it doesn't like to rely on default behavior.
So I uncomment it, just to keep it from squawking.
_________________
.sigs waste space and bandwidth |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54214
Location: 56N 3W
|
| Posted: Wed Sep 09, 2015 3:41 pm Post subject: |
|
|
depontius,
Until recently, | Code: | | #PermitRootLogin yes |
was the default.
I found out the hard way as my router KVM only has a root account.
I must have missed it at etc-update then after a reboot ... :)
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
alienjon
Veteran
Joined: 09 Feb 2005
Posts: 1709
|
| Posted: Sun Sep 13, 2015 9:57 pm Post subject: |
|
|
It sounds like the key-pair is the better way to go (short of a exceedingly strong password) as it could theoretically utilize both a password (passcode?) in addition to the key pair. I have a key pair that I use for an SSH terminal (also on my phone) that doesn't seem to work for the app. Same error on the app, (Auth Fail). I wonder if this could also be a configuration issue, but - again - works in a terminal emulator. In the app, the auth.log returns:
| Code: | 09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Killing privsep child 15790
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: do_cleanup
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: PAM: cleanup
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: do_cleanup [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] Disconnected from 192.168.1.11 [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] error: Received disconnect from 192.168.1.11: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] Failed none for alienjon from 192.168.1.11 port 43826 ssh2
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: attempt 1 failures 0 [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: userauth-request for user alienjon service ssh-connection method password [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: PAM: setting PAM_TTY to "ssh"
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: PAM: setting PAM_RHOST to "192.168.1.11"
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: PAM: initializing for "alienjon"
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is subsystem
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is acceptenv
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is useprivilegeseparation
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is printlastlog
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is printmotd
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is usepam
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is hostbasedauthentication
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is pubkeyauthentication
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is rsaauthentication
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is permitrootlogin
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is loglevel
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: attempt 0 failures 0 [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Config token is syslogfacility
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: userauth-request for user alienjon service ssh-connection method none [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: KEX done [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: SSH2_MSG_NEWKEYS received [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: expecting SSH2_MSG_NEWKEYS [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: SSH2_MSG_NEWKEYS sent [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: kex: server->client aes128-ctr hmac-sha1 none [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: kex: client->server aes128-ctr hmac-sha1 none [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: AUTH STATE IS 0 [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: SSH2_MSG_KEXINIT received [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: SSH2_MSG_KEXINIT sent [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: permanently_set_uid: 22/22 [preauth]
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Local version string SSH-2.0-OpenSSH_6.9p1-hpn14v5
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: no match: JSCH-0.1.53
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Enabling compatibility mode for protocol 2.0
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: Client protocol version 2.0; client software version JSCH-0.1.53
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: HPN Disabled: 0, HPN Buffer Size: 87380
09/13/15 05:50:51 PM compy_gentoo sshd[15785] Connection from 192.168.1.11 port 43826 on 192.168.1.10 port 22
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: inetd sockets after dupping: 3, 3
09/13/15 05:50:51 PM compy_gentoo sshd[15785] Set /proc/self/oom_score_adj to 0
09/13/15 05:50:51 PM compy_gentoo sshd[15785] debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
09/13/15 05:50:51 PM compy_gentoo sshd[2453] debug1: Forked child 15785. |
In the terminal emulator, I get:
| Code: | 09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_input_channel_req: session 0 req window-change
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_by_channel: session 0 channel 0
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: server_input_channel_req: channel 0 request window-change reply 0
09/13/15 05:40:14 PM compy_gentoo sshd[15503] debug1: Setting controlling tty using TIOCSCTTY.
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_input_channel_req: session 0 req shell
09/13/15 05:40:14 PM compy_gentoo sshd[15498] Starting session: shell on pts/4 for alienjon from 192.168.1.11 port 33095
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_by_channel: session 0 channel 0
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: server_input_channel_req: channel 0 request shell reply 1
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_pty_req: session 0 alloc /dev/pts/4
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: Allocating pty.
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: session_new: session 0
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_input_channel_req: session 0 req pty-req
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_by_channel: session 0 channel 0
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: server_input_channel_req: channel 0 request pty-req reply 1
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: SSH2_MSG_NEWKEYS received
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: spawned a thread
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: spawned a thread
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: set_newkeys: rekeying
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: expecting SSH2_MSG_NEWKEYS
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: SSH2_MSG_NEWKEYS sent
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: dequeue packet: 91
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: spawned a thread
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: spawned a thread
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: set_newkeys: rekeying
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: expecting SSH2_MSG_KEXDH_INIT
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: kex: server->client aes128-ctr hmac-sha1 none
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: kex: client->server aes128-ctr hmac-sha1 none
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: REQUESTED ENC.NAME is 'aes128-ctr'
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: REQUESTED ENC.NAME is 'aes128-ctr'
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: AUTH STATE IS 1
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: SSH2_MSG_KEXINIT received
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: enqueue packet: 91
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: server_input_channel_open: confirm session
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_open: session 0: link with channel 0
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_new: session 0
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: session_open: channel 0
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: channel 0: new [server-session]
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: input_session_request
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: server_input_channel_open: ctype session rchan 0 win 262144 max 32768
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: SSH2_MSG_KEXINIT sent
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: need rekeying
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: server_init_dispatch_20
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: Single to Multithreaded CTR cipher swap - server request
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: Entering interactive session for SSH2.
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: ssh_packet_set_postauth: called
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: permanently_set_uid: 1000/1000
09/13/15 05:40:14 PM compy_gentoo sshd[15498] debug1: PAM: establishing credentials
09/13/15 05:40:14 PM compy_gentoo sshd[15481] User child is on pid 15498
09/13/15 05:40:14 PM compy_gentoo sshd[15481] pam_unix(sshd:session): session opened for user alienjon by (uid=0)
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: PAM: establishing credentials
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: monitor_read_log: child log fd closed
09/13/15 05:40:14 PM compy_gentoo sshd[15481] Accepted publickey for alienjon from 192.168.1.11 port 33095 ssh2: RSA SHA256:{series of characters that I should probably not share in the interwebs}
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: monitor_child_preauth: alienjon has been authenticated by privileged process
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: do_pam_account: called
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: restore_uid: 0/0
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: matching key found: file /home/alienjon/.ssh/authorized_keys, line 1 RSA SHA256:{series of characters that I should probably not share in the interwebs}
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: fd 4 clearing O_NONBLOCK
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: temporarily_use_uid: 1000/1000 (e=0/0)
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: trying public key file /home/alienjon/.ssh/authorized_keys
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: attempt 2 failures 0 [preauth]
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: userauth-request for user alienjon service ssh-connection method publickey [preauth]
09/13/15 05:40:14 PM compy_gentoo sshd[15481] Postponed publickey for alienjon from 192.168.1.11 port 33095 ssh2 [preauth]
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: restore_uid: 0/0
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: matching key found: file /home/alienjon/.ssh/authorized_keys, line 1 RSA SHA256:{series of characters that I should probably not share in the interwebs}
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: fd 4 clearing O_NONBLOCK
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: trying public key file /home/alienjon/.ssh/authorized_keys
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: temporarily_use_uid: 1000/1000 (e=0/0)
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: attempt 1 failures 0 [preauth]
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: test whether pkalg/pkblob are acceptable [preauth]
09/13/15 05:40:14 PM compy_gentoo sshd[15481] debug1: userauth-request for user alienjon service ssh-connection method publickey [preauth]
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: PAM: setting PAM_TTY to "ssh"
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: PAM: setting PAM_RHOST to "192.168.1.11"
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is loglevel
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: PAM: initializing for "alienjon"
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is acceptenv
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is subsystem
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is useprivilegeseparation
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is printlastlog
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is printmotd
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is usepam
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is hostbasedauthentication
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is pubkeyauthentication
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is rsaauthentication
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is permitrootlogin
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: Config token is syslogfacility
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: attempt 0 failures 0 [preauth]
09/13/15 05:39:12 PM compy_gentoo sshd[15481] debug1: userauth-request for user alienjon service ssh-connection method none [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: KEX done [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: SSH2_MSG_NEWKEYS received [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: expecting SSH2_MSG_NEWKEYS [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: SSH2_MSG_NEWKEYS sent [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: expecting SSH2_MSG_KEXDH_INIT [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: kex: server->client aes128-ctr hmac-sha1 none [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: kex: client->server aes128-ctr hmac-sha1 none [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: AUTH STATE IS 0 [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: SSH2_MSG_KEXINIT received [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: SSH2_MSG_KEXINIT sent [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: permanently_set_uid: 22/22 [preauth]
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: Local version string SSH-2.0-OpenSSH_6.9p1-hpn14v5
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: Enabling compatibility mode for protocol 2.0
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: no match: libssh2_1.4.3
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: Client protocol version 2.0; client software version libssh2_1.4.3
09/13/15 05:39:11 PM compy_gentoo sshd[15481] debug1: HPN Disabled: 0, HPN Buffer Size: 87380
09/13/15 05:39:11 PM compy_gentoo sshd[15481] Connection from 192.168.1.11 port 33095 on 192.168.1.10 port 22 |
|
|
| Back to top |
|
|
|
Networking & Security
