View previous topic :: View next topic |
Author |
Message |
brodi Tux's lil' helper
Joined: 29 Nov 2004 Posts: 100 Location: EU, Poland, Lodz
|
Posted: Fri Jul 07, 2006 4:45 pm Post subject: [SOLVED][network] problem z serwerem ssh? |
|
|
Witam,
Od wczoraj mam problemy z dostępem do mojego komputera (publiczne IP) z niektórych hostów.
Wygląda to tak:
Code: |
bash-2.05$ ssh lucas@85.89.xxx.xxx
warning: Authentication failed.
Disconnected; no more authentication methods available (No further authentication methods available.).
|
ewentualnie po prostu w ogóle się nie łączy.
Pierwsza myśl jaka mi się nasunęła to, że coś się "skopsało" u mojego ISP... ale:
- bawiłem się iptables
- zainstalowałem portsentry
Żeby było ciekawiej regułek iptables nie zapisywałem
Code: |
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
|
Portsentry mam wyłączone, wyczyściłem na zdalnych shellach katalogi $HOME/.ssh/, nie używam kluczy.
Pomóżcie, bo naprawdę zgłupiałem
Pozdrawiam
Edit:
Żadnych ustawień w /etc/ssh/sshd_config nie zmieniałem, po prostu przestało nawiązywać połączenia z niektórych hostów.. _________________ Łukasz
"Linux - because it works!"
Last edited by brodi on Tue Dec 12, 2006 1:21 am; edited 1 time in total |
|
Back to top |
|
|
argasek Bodhisattva
Joined: 06 May 2004 Posts: 1121 Location: Sol [0,0], Poland, Kraków
|
Posted: Sun Jul 09, 2006 7:12 am Post subject: |
|
|
Upewnij się, że DNS masz prawidłowo skonfigurowany, jeśli takowy stoi na tym samym hoście, ew. czy inny DNS prawidłowo opisuje domenę dla tego hosta (kiedyś miałem podobne problemy i sprawa rozbiła się właśnie o DNS). Zwiększ też verbosity daemona i pokaż logi od strony serwera... _________________ RLU #137109 | http://soundcloud.com/argasek |
|
Back to top |
|
|
aqu Apprentice
Joined: 12 Nov 2005 Posts: 249 Location: Kalisz, Poland
|
Posted: Mon Jul 10, 2006 9:57 pm Post subject: |
|
|
wejdz do ~/.ssh/ edutuj known_hosts i wywal to co dotyczu sie hosta.
najprawdopodobniej zostal na nim zmieniony sshd, albo jest po rootkicie _________________ Security is like Ogres and Onions, they have layers.
Linux - Registered user #415939
adopt an unanswered post |
|
Back to top |
|
|
brodi Tux's lil' helper
Joined: 29 Nov 2004 Posts: 100 Location: EU, Poland, Lodz
|
Posted: Mon Jul 10, 2006 10:55 pm Post subject: |
|
|
Dzięki za odpowiedzi.
Po kolei..
DNSy raczej mam skonfigurowane poprawnie. Problem pojawił się nagle..
Logi od strony serwera:
Code: |
debug1: sshd version OpenSSH_4.3p2
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
* Starting sshd ...
debug1: sshd version OpenSSH_4.3p2
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
socket: Address family not supported by protocol
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
debug1: inetd sockets after dupping: 3, 3
Connection from 212.191.xx.x port 55466
debug1: Client protocol version 1.99; client software version 3.0.1 SSH Secure Shell (non-commercial)
debug1: match: 3.0.1 SSH Secure Shell (non-commercial) pat 3.0.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: permanently_set_uid: 22/22
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-sha1 none
debug1: kex: server->client aes128-cbc hmac-sha1 none
debug1: expecting SSH2_MSG_KEXDH_INIT
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user lucas service ssh-connection method none
debug1: attempt 0 failures 0
Failed none for lucas from 212.191.xx.x port 55466 ssh2
debug1: PAM: initializing for "lucas"
debug1: userauth-request for user lucas service ssh-connection method none
debug1: attempt 1 failures 1
Failed none for lucas from 212.191.xx.x port 55466 ssh2
Received disconnect from 212.191.xx.x: 14: No further authentication methods available.
debug1: do_cleanup
debug1: PAM: cleanup
debug1: PAM: setting PAM_RHOST to "posejdon.xxx.x.xxxx.pl"
debug1: PAM: setting PAM_TTY to "ssh"
debug1: do_cleanup
debug1: PAM: cleanup [ !! ]
|
Od strony klienta:
Code: |
bash-2.05$ ssh -v lucas@85.89.xxx.xxx
debug: SshAppCommon/sshappcommon.c:154/ssh_app_get_global_regex_context: Allocating global SshRegex context.
debug: SshConfig/sshconfig.c:2184/ssh2_parse_config: Unable to open /export/home/stud/lucasb/.ssh2/ssh2_config
debug: Connecting to 85.89.xxx.xxx, port 22...
debug: Ssh2/ssh2.c:1956/main: Entering event loop.
debug: Ssh2Client/sshclient.c:1330/ssh_client_wrap: Creating transport protocol.
debug: SshAuthMethodClient/sshauthmethodc.c:137/ssh_client_authentication_initialize: Added "publickey" to usable methods.
debug: SshAuthMethodClient/sshauthmethodc.c:137/ssh_client_authentication_initialize: Added "password" to usable methods.
debug: Ssh2Client/sshclient.c:1362/ssh_client_wrap: Creating userauth protocol.
debug: client supports 2 auth methods: 'publickey,password'
debug: Ssh2Common/sshcommon.c:496/ssh_common_wrap: local ip = 212.191.xxx.x, local port = 55466
debug: Ssh2Common/sshcommon.c:498/ssh_common_wrap: remote ip = 85.89.xxx.xxx, remote port = 22
debug: SshConnection/sshconn.c:1889/ssh_conn_wrap: Wrapping...
debug: Remote version: SSH-2.0-OpenSSH_4.3
debug: Ssh2Transport/trcommon.c:1373/ssh_tr_input_version: Remote version has rekey incompatibility bug.
debug: Ssh2Transport/trcommon.c:1376/ssh_tr_input_version: Remote version is OpenSSH, KEX guesses disabled.
debug: Ssh2Transport/trcommon.c:1717/ssh_tr_negotiate: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/trcommon.c:1783/ssh_tr_negotiate: c_to_s: cipher aes128-cbc, mac hmac-sha1, compression none
debug: Ssh2Transport/trcommon.c:1786/ssh_tr_negotiate: s_to_c: cipher aes128-cbc, mac hmac-sha1, compression none
debug: SshKeyFile/sshkeyfile.c:353/ssh_blob_read: file /export/home/stud/lucasb/.ssh2/hostkeys/key_22_85.89.xxx.xxx.pub does not exist.
debug: SshKeyFile/sshkeyfile.c:353/ssh_blob_read: file /etc/ssh2/hostkeys/key_22_85.89.xxx.xxx.pub does not exist.
Host key not found from database.
Key fingerprint:
xoves-fedyr-lohaz-lepyz-gitaf-lyzuk-pehuh-veneg-sosyt-sunun-kixix
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)? yes
Host key saved to /export/home/stud/lucasb/.ssh2/hostkeys/key_22_85.89.xxx.xxx.pub
host key for 85.89.xxx.xxx, accepted by lucasb Mon Jul 10 2006 23:46:38 +0100
debug: Ssh2Common/sshcommon.c:291/ssh_common_special: Received SSH_CROSS_STARTUP packet from connection protocol.
debug: Ssh2Common/sshcommon.c:341/ssh_common_special: Received SSH_CROSS_ALGORITHMS packet from connection protocol.
debug: server offers auth methods 'publickey,keyboard-interactive'.
debug: SshConfig/sshconfig.c:2184/ssh2_parse_config: Unable to open /export/home/stud/lucasb/.ssh2/identification
debug: Ssh2AuthClient/sshauthc.c:316/ssh_authc_completion_proc: Method 'publickey' disabled.
debug: server offers auth methods 'publickey,keyboard-interactive'.
debug: Ssh2Common/sshcommon.c:137/ssh_common_disconnect: DISCONNECT received: No further authentication methods available.
warning: Authentication failed.
debug: Ssh2/ssh2.c:117/client_disconnect: locally_generated = TRUE
Disconnected; no more authentication methods available (No further authentication methods available.).
debug: Ssh2Client/sshclient.c:1395/ssh_client_destroy: Destroying client.
debug: SshConnection/sshconn.c:1937/ssh_conn_destroy: Destroying SshConn object.
debug: Ssh2Client/sshclient.c:1448/ssh_client_destroy_finalize: Destroying client completed.
debug: SshAuthMethodClient/sshauthmethodc.c:162/ssh_client_authentication_uninitialize: Destroying authentication method array.
|
Tak jak pisałem już wcześniej, katalog ~/.ssh wykasowałem.
Sprawdziłem też system chkrootkit'em - nic podejrzanego nie znalazł.
Wygląda na jakiś problem z autentyfikacją, ale nie mam pojęcia jak to ruszyć, zwłaszcza, że nic nie zmieniałem w ustawieniach serwera zanim przestało działać..
Z góry dzięki za pomoc.
Pozdrawiam _________________ Łukasz
"Linux - because it works!" |
|
Back to top |
|
|
aqu Apprentice
Joined: 12 Nov 2005 Posts: 249 Location: Kalisz, Poland
|
Posted: Tue Jul 11, 2006 7:54 am Post subject: |
|
|
sprobuj sie polaczyc z innym hostem, jesli tez bedziesz mial ten blad to problem jest w kliencie, ale jednak wydaje mi sie, ze usterka jest w konfigu albo PAM albo sshd.
try
_________________ Security is like Ogres and Onions, they have layers.
Linux - Registered user #415939
adopt an unanswered post |
|
Back to top |
|
|
Kurt Steiner Bodhisattva
Joined: 01 Apr 2005 Posts: 1050 Location: Ostroleka, Polska
|
Posted: Tue Jul 11, 2006 10:16 am Post subject: |
|
|
U siebie tez zauwazylem podobny problem, jakis czas temu, tylko ciagle nie mam czasu sie temu przyjrzec. Wydaje sie wiec, ze nie jest to przypadek jednostkowy. Objawy takie jak u _lucasa_ - dzialalo i nagle przestalo, bez wyraznej przyczyny. Jak wroce wieczorem do domu to przyjrze sie temu dokladniej. |
|
Back to top |
|
|
brodi Tux's lil' helper
Joined: 29 Nov 2004 Posts: 100 Location: EU, Poland, Lodz
|
Posted: Tue Dec 12, 2006 1:20 am Post subject: |
|
|
Kurt Steiner, nie wiem jak u Ciebie wyjaśniła się sprawa, ale u mnie ewidentnie sp(art)olił provider. Wycięli mi elegancko dostęp z niektórych hostów. Właściwie tylko z tpsy mogłem się logować, poza tym jedna wielka loteria.
Daję [SOLVED] _________________ Łukasz
"Linux - because it works!" |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|