Unable to login after patching


 
Thread Tools Search this Thread
Operating Systems Linux Red Hat Unable to login after patching
# 1  
Old 09-12-2013
Linux [solved] Unable to login after patching

Hello,

Sorry for posting here..i know there is another section for Urgent...However, i could not locate it...

Issue: ) After patching rhel 5.8 with couple of patches. When user is trying to login via putty . They get login promt and when they type their username, screen get freezed kindaa nothing happens after that....However, if i am doing ssh from another box to that server - it is working fine....

Can someone help me or point out where to look...
# 2  
Old 09-12-2013
What packages did you patch?

Also, please post the verbose output of ssh (ssh -vv user@host).

Have you checked that the user:
a) exists
b) is not locked out (chage, pam_tally, sshd_config, etc)

Might be good to check the firewall and tcpwrappers too.

Finally, look for relevant clues in /var/log/secure.
# 3  
Old 09-12-2013
Have you checked the /var/log/secure log for errors?

Also, I've had users that like to add various options and/or configurations to their startup files (.bash_profile, .profile, etc.), that sometimes causes issues when attempting to ssh to the box. Perhaps try renaming these files and see if they can log in afterwards.
# 4  
Old 09-12-2013
Hi,

1. sshd is running
2. user exists on the system ( User is able to login from another box )
3. user is active ( chage -l myuser )

O/p of ssh -vv myser@myserver [[ able to login ] ]

Code:
anotherlinuxbox <PROD> <root> / > ssh -vv myuser@myserver
OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.6d 9 May 2002
debug1: Reading configuration data /pro/tools/etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to nlg00084 [10.8.90.8] port 22.
debug1: Connection established.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /.ssh/id_rsa type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 128/256
debug2: bits set: 992/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'myserver' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:2692
debug2: bits set: 966/2048
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /.ssh/id_rsa (0)
debug2: key: /.ssh/id_dsa (0)
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Trying private key: /.ssh/id_dsa
debug1: read PEM private key done: type DSA
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
myuser@server password:
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: ssh_session2_setup: id 0
debug2: channel 0: request pty-req
debug2: channel 0: request shell
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
Last login: Thu Sep 12 13:51:08 2013 from another linux server

o/p of /var/log/secure [ when i tried to login via putty ( separate session ) ] i got prompt to type my username, i typed in and then freezed.... ]
Code:
Sep 12 13:56:06 myserver sshd[15182]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server
Sep 12 13:56:06 myserver sshd[15182]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server
Sep 12 13:56:06 myserver sshd[15182]: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)...
Sep 12 13:56:08 myserver sshd[15089]: Received disconnect from 10.1.43.83: 10: General disconnection
Sep 12 13:56:08 myserver sshd[15085]: pam_tally(sshd:setcred): unknown option: no_magic_root
Sep 12 13:56:08 myserver sshd[15085]: pam_unix(sshd:session): session closed for user itadm
Sep 12 13:56:10 myserver sshd[15182]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server
Sep 12 13:56:10 myserver sshd[15182]: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)...

1. ldap is not running on this server ( sssd rpm is not installed )
2. Can you please guide me to look at pam file ( I do not have much exp on that ) where to look.....

---------- Post updated at 01:18 AM ---------- Previous update was at 12:30 AM ----------

It is good now. Thanks...This thread can be closed.

Last edited by Scott; 09-12-2013 at 05:16 PM.. Reason: Code tags
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Unable to login with any user

Hi Please I need help on trying to login on a solaris 10, blade server. login as: root Using keyboard-interactive authentication. Password: I even try a normal user, I do not get the prompt. I suspect the reason could be that /varis at 98% because I have configure email alerts to warn me... (9 Replies)
Discussion started by: fretagi
9 Replies

2. How to Post in the The UNIX and Linux Forums

Unable to see my threads when i login

Hello, Is there a way to display all of the posts I have authored? Many thanks in advance. (2 Replies)
Discussion started by: Anamika08
2 Replies

3. Forum Support Area for Unregistered Users & Account Problems

Unable to login

Hi, It has been a while since I logged into Unix.com and I have forgotten my userID and password. Please help. Thanks, Ananth. (1 Reply)
Discussion started by: Unregistered
1 Replies

4. Solaris

Live Upgrade Patching Error: Unable to write vtoc

Attempting to patch several servers using live upgrade Release: Oracle Solaris 10 8/11 s10x_u10wos_17b X86 Error I'm receiving is in the message in the log below tail -15 /var/svc/log/rc6.log Legacy init script "/etc/rc0.d/K50pppd" exited with return code 0. Executing legacy init... (5 Replies)
Discussion started by: Siralos
5 Replies

5. Solaris

unable to login Solaris 10

I have inherited a solaris 10 server. I went to log into it the other day over the console connection, and after sucessfully entering the password, I was booted back to the login prompt with no errors visible. If I enter an incorect password, the console displays 'incorrect password' and kicks... (8 Replies)
Discussion started by: Sol-nova
8 Replies

6. Solaris

Unable to login

Hi, I am doing Active Directory(Win 2008) and UNIX(Solaris 10) integration. I was unable to create home directory for the Active Directory users on the first login. So i added other session required pam_mkhomedir.so skel=/etc/skel umask=0022 to pam.conf in /etc/pam.conf. But now I am... (2 Replies)
Discussion started by: sathya47
2 Replies

7. Solaris

ssh login issue after patching

Hi Everybody, Recently i applied patch cluster dated (2009.11.03) for solaris 10 sparc machine(Generic_138888-06) I successfully applied and rebooted the machine , no errors received. But after patching it was not allowing me to login through ssh while telnet was working fine.Logs showed me ... (11 Replies)
Discussion started by: laxmikant
11 Replies

8. UNIX for Dummies Questions & Answers

AIX Unable to Login

Was OK on AIX5.2. Have installed AIX 5.3 ML02 and now only root can log in. Other users get "You are not allowed to login at this time." Once in as root, it's possible to su or 'su -' to other users. All user parameters are OK. (0 Replies)
Discussion started by: skinthegoat
0 Replies

9. Forum Support Area for Unregistered Users & Account Problems

Unable to login

Hi Admin/Moderator, I am unable to login with my user id "chanakyahere", even it is not accepting my mail id to which i got one reply aso.. it is saying that i suppied "mail id that is not recognised".. please look forward regarding this problem.. i joined on last saturday i.e on... (1 Reply)
Discussion started by: Chanakya
1 Replies

10. UNIX for Dummies Questions & Answers

unable to login HELP!!!

Hi, I have installed for the first time sun solaris on my pc and I am trying to learn unix. I created a new user using the following steps: -create a new group : groupadd work -created a new user: useradd -g work -d /export/home -s /usr/bin/ksh gbruno (i checked the path of the shell... (3 Replies)
Discussion started by: giulianob
3 Replies
Login or Register to Ask a Question