Login or Register to Ask a Question and Join Our Community


Red Hat

SSH not working

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Red Hat SSH not working
# 1  
Old 05-21-2013
SSH not working
Hi,
I have a server running RHEL 6.0.

While logging in through root ,I can login.But if I try to login through "integ" user,I am unable to login.

Code:
/var/log/secure messages:::
May 20 15:25:23 punsyncserv su: pam_unix(su-l:session): session opened for user integ by root(uid=0)
May 20 15:29:44 punsyncserv su: pam_unix(su-l:session): session closed for user integ
May 20 15:32:59 punsyncserv groupadd[6888]: group added to /etc/group: name=integ, GID=1003
May 20 15:32:59 punsyncserv groupadd[6888]: group added to /etc/gshadow: name=integ
May 20 15:32:59 punsyncserv groupadd[6888]: new group: name=integ, GID=1003
May 20 15:34:37 punsyncserv su: pam_unix(su-l:session): session opened for user integ by root(uid=0)
May 20 15:35:34 punsyncserv su: pam_unix(su:session): session opened for user integ by integ(uid=0)
May 20 18:33:30 punsyncserv sshd[6777]: pam_unix(sshd:session): session closed for user root
May 20 18:33:30 punsyncserv su: pam_unix(su-l:session): session closed for user integ
May 21 06:09:10 punsyncserv login: pam_unix(remote:auth): check pass; user unknown
May 21 06:09:10 punsyncserv login: pam_unix(remote:auth): authentication  failure; logname= uid=0 euid=0 tty=pts/8 ruser= rhost=sssuse10b1
May 21 06:09:10 punsyncserv login: pam_succeed_if(remote:auth): error retrieving information about user nightly
May 21 06:09:18 punsyncserv login: FAILED LOGIN 1 FROM sssuse10b1 FOR  nightly, User not known to the underlying authentication module
May 21 06:09:43 punsyncserv rshd[9839]: pam_rhosts(rsh:auth): allowed access to nightly@sssuse10b1.vx.xx.com as integ
May 21 11:50:58 punsyncserv sshd[10806]: Failed password for integ from 172.31.48.28 port 49939 ssh2
May 21 11:51:05 punsyncserv sshd[10806]: Failed password for integ from 172.31.48.28 port 49939 ssh2
May 21 11:51:10 punsyncserv sshd[10806]: Failed password for integ from 172.31.48.28 port 49939 ssh2
May 21 11:59:19 punsyncserv sshd[10869]: Failed password for integ from 172.31.48.28 port 53831 ssh2
May 21 12:00:21 punsyncserv sshd[10869]: Failed password for integ from 172.31.48.28 port 53831 ssh2
May 21 12:00:59 punsyncserv sshd[10875]: Failed password for integ from 10.210.135.31 port 58103 ssh2
May 21 15:09:25 punsyncserv sshd[11410]: Connection closed by 172.31.48.15
May 21 15:11:31 punsyncserv sshd[11421]: Accepted password for root from 172.31.48.106 port 64479 ssh2
May 21 15:11:31 punsyncserv sshd[11421]: pam_unix(sshd:session): session opened for user root by (uid=0)
May 21 15:16:51 punsyncserv sshd[11457]: Connection closed by 172.31.48.106
May 21 15:47:08 punsyncserv sshd[11565]: Failed password for integ from 172.31.48.106 port 57542 ssh2
May 21 16:18:14 punsyncserv sshd[11691]: Accepted password for root from 172.31.48.15 port 51139 ssh2
May 21 16:18:14 punsyncserv sshd[11691]: pam_unix(sshd:session): session opened for user root by (uid=0)


Also ,output of w command is:
Code:
 16:26:24 up 195 days,  3:02, 13 users,  load average: 1.26, 1.42, 1.52
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    v-034999a.punin. 30Mar13 25:02m  0.22s  0.22s telnet 0
integ    pts/1    v-034999a.punin. 22Apr13 23:07m  0.16s  0.08s bash
integ    pts/2    v-069090a.punin. 13May13  7days  0.04s  1.59s sshd: integ [priv]
integ    pts/3    v-069090a.punin. Fri15    4days  3:01m  0.80s sshd: integ [priv]
integ    pts/4    v-069090a.punin. 27Feb13 15days  1:14m 16.50s sshd: integ [priv]
integ    pts/6    v-069090a.punin. Fri15   27:22m  0.35s  0.80s sshd: integ [priv]
integ    pts/7    v-069090a.punin. Mon14    4:29m 19:27   0.24s sshd: integ [priv]
root     pts/8    172.31.48.106    15:11    0.00s  0.31s  0.00s w
integ    pts/9    v-034999a.punin. 01Apr13  2days  0.64s  9.91s sshd: integ [priv]
integ    pts/5    localhost        30Mar13 25:02m  0.04s  0.00s login -- integ
root     pts/10   v-069090a.punin. 12Apr13  7days  0.66s  0.03s bash
integ    pts/11   v-069090a.punin. 15Apr13  4days 10:02m  7.16s sshd: integ [priv]
root     pts/12   172.31.48.15     16:18    0.00s  0.03s  0.03s -bash

I am assuming there is no limit of connections from a user to server using ssh.Also,output of /etc/passwd for " integ" user is::
Code:
cat /etc/passwd|grep -i integ
integ:x:501:502::/home/integ:/bin/bash

 cat /etc/group|grep -i integ
integ:x:1003:

Also, ssh -vvv output from remote system::

Code:
ssh -vvv integ@punsyncserv.vx.xx.com
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to punsyncserv.vx.xx.com [10.209.11.90] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:  diffie-hellman-group-exchange-sha1,diffie-hellman-gro                                                                               up14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:  aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12                                                                               8,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rij                                                                               ndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:  aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12                                                                               8,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rij                                                                               ndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:  hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open                                                                               ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:  hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@open                                                                               ssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:  diffie-hellman-group-exchange-sha256,diffie-hellman-g                                                                               roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:  aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12                                                                               8,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rij                                                                               ndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:  aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour12                                                                               8,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rij                                                                               ndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:  hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160                                                                               ,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:  hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160                                                                               ,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 139/256
debug2: bits set: 502/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 0 for host punsyncserv.vx.xx.com
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts2
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 2 for host punsyncserv.vx.xx.com
The authenticity of host 'punsyncserv.vx.xx.com (10.209.11.90)' can't                                                                                be established.
RSA key fingerprint is 8f:ce:a5:24:13:34:34:1f:dc:9c:57:5b:09:15:2e:b2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'punsyncserv.vx.xx.com,10.209.11.90' (RSA)                                                                                to the list of known hosts.
debug2: bits set: 538/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/identity ((nil))
debug2: key: /root/.ssh/id_rsa ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address 10.209.11.90.
debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug3: no such identity: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug3: no such identity: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
integ@punsyncserv.vx.xx.com's password:
debug3: packet_send2: adding 64 (len 56 padlen 8 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
Permission denied, please try again.
integ@punsyncserv.vx.xx.com's password:
debug3: packet_send2: adding 64 (len 56 padlen 8 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
Permission denied, please try again.
integ@punsyncserv.vx.xx.com's password:

Can anyone help me troubleshoot this.

Thanks in advance.
Amit
Last edited by Scott; 05-21-2013 at 09:04 AM.. Reason: Please use code tags
# 2  
Old 05-21-2013
What does pam_tally2 or faillog say?

You might need to reset the # of failed logins
# 3  
Old 05-22-2013
check whether the ssh is configured in startup services or not
Check using "chkconfig ssh" command,If not use "chkconfig ssh on" and reboot the machine
# 4  
Old 05-22-2013
Quote:
Originally Posted by vamshigvk475
check whether the ssh is configured in startup services or not
Check using "chkconfig ssh" command,If not use "chkconfig ssh on" and reboot the machine
Rebooting the machine to start a service? Why not /etc/init.d/sshd start ?

Anyway, the previous posts make it plain that sshd is installed and running and responding, if not responding the way he wishes...
# 5  
Old 05-22-2013
Hi,few more settings which may be rquired.I am yet to find a solution::

cat /etc/selinux/config

Code:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted

Code:
ls -l /etc/shadow
----------. 1 root root 818 May 6 2011 /etc/shadow


Code:
ls -l /etc/passwd
-rw-r--r-- 1 root root 1452 May 20 15:22 /etc/passwd

Code:
cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_sepermit.so
auth include password-auth
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session optional pam_keyinit.so force revoke
session include password-auth



Code:
cat /etc/pam.d/system-auth-ac
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_fprintd.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so

account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so

password requisite pam_cracklib.so try_first_pass retry=3 type=
password sufficient pam_unix.so sha512 shadow nis nullok try_first_pass use_authtok
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so

Code:
cat password-auth-ac
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so

account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so

password requisite pam_cracklib.so try_first_pass retry=3 type=
password sufficient pam_unix.so sha512 shadow nis nullok try_first_pass use_authtok
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid


above 3 files are located in /etc/pam.d/


This is a NIS client machine,so :::

ypcat passwd|grep integ
integ:McO2wI4wOYX1U:437:110::/home/integ:/bin/csh


ypmatch integ passwd
integ:McO2wI4wOYX1U:437:110::/home/integ:/bin/csh


getent passwd integ
integ:x:501:502::/home/integ:/bin/bash


Also,if i try to access cron of "integ" user:::"

crontab -u integ -l

Authentication service cannot retrieve authentication info
You (integ) are not allowed to access to (crontab) because of pam configuration.
You have mail in /var/spool/mail/root

Please suggest guys.

Thanks ,
Amit
Last edited by rbatte1; 11-28-2016 at 11:37 AM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

Ssh to the same host is not working

I am trying to ssh the same host where I am logged in.It's asking for the password. Please assist me with the troubleshooting steps for this. Best regards, Vishal (4 Replies)
Discussion started by: Vishal_dba
4 Replies

2. Shell Programming and Scripting

Ssh and pgrep not working

I have setup SSH keys . Trying to grep to get PID of remote jvm's . this is what am doing ssh -q testuser1@myhost.com 'PID1=pgrep -fl testapp1|awk "{print $1}";PID2=pgrep -fl testapp2|awk "{print $1}" ' echo $PID1, $PID2 it throws error"sh: -fl: command not found" ---------- Post updated... (1 Reply)
Discussion started by: kondagadu
1 Replies

3. UNIX for Dummies Questions & Answers

SSH tunnel working for ssh but not for sshfs

I'm trying to setup a link between my home pc (work-machine) and a server at work (tar-machine) that is behind a gateway (hop-machine) and not directly accessible. my actions: work-machine$ ssh -L 1234:tar-machine:22 hop-machine work-machine$ ssh -p 1234 user@127.0.0.1 - shh access on... (1 Reply)
Discussion started by: Vathau
1 Replies

4. Solaris

SSH: internal working but external not working

Hi, This is a strange issue: We have an sftp server. Users can ssh to it from internal LAN without any issue, but they can not ssh to it externally via firewall. Here is what I got: OS is Solaris 9. No hosts.allow and hosts.deny files. Please help. Thank you in advance! (7 Replies)
Discussion started by: aixlover
7 Replies

5. UNIX for Advanced & Expert Users

Urgent ssh -1 not working

Hi guys please help with the following. $ ssh -1 -v -l username -o "ForwardX11 yes" server.name netscape OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Connecting to proxy-bt-2 port 22. debug1: Connection established. debug1: identity file /home/username/.ssh/identity type -1 debug1:... (1 Reply)
Discussion started by: llcooljatt
1 Replies

6. Solaris

ssh and scp not working

Dear All, whenever i try the command ssh , it is giving the below error. ld.so.1: ssh: fatal: relocation error: file /usr/bin/ssh: symbol SUNWcry_installed: referenced symbol not found Killed For SCP also the same error is coming. Pl reply me if you have answers. Rj (4 Replies)
Discussion started by: jegaraman
4 Replies

7. Red Hat

SSH keys are not working

Hi, I've generated and posted pub. keys in the source system and the target. However, it is still prompting me for the password. Steps that I have taken. 1. Generated ssh keys : ssh-keygen. It created two files. 1. .ssh/id_rsa 2. .ssh/id_rsa.pub. 2.... (10 Replies)
Discussion started by: Afi_Linux
10 Replies

8. UNIX for Advanced & Expert Users

Consecutive SSH are not working

Hi this is for a friend... My friend is trying to start and stop servers on remote machine using SSH. the problem here is when he runs the commands... ssh -t username@remoteserver sudo /etc/init.d/tomcat6 stop This works fine and stops the server. but ssh -t username@remoteserver sudo... (4 Replies)
Discussion started by: INeedANick
4 Replies

9. HP-UX

ssh to server is not working

When we ssh -i private key user@ip we get the password prompt. The sending servers public key is in the receiving server. We have blown away the known_hosts file on the sending server and restarted the ssh connection. We don't know what else to do. Any other suggestions? (15 Replies)
Discussion started by: jastanle84
15 Replies

10. AIX

ssh is not working !

Guy's I have AIX 6.1 SSH in it is not working but is up and Active ..... server1/etc>lssrc -s sshd Subsystem Group PID Status sshd ssh 450686 active from my PC can I login by SSH but SSH from Server1 to Server2 is not accepting it's giving me this message server1/etc>ssh sever2... (4 Replies)
Discussion started by: ITHelper
4 Replies
Login or Register to Ask a Question