Bugzilla – Attachment 599 Details for
Bug 837
connection closed by remote host
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
output of sshd in debug mode & sshd_config file
sshd_debug.txt (text/plain), 13.29 KB, created by
godfrey.anderson
on 2004-04-09 01:34:12 AEST
(
hide
)
Description:
output of sshd in debug mode & sshd_config file
Filename:
MIME Type:
Creator:
godfrey.anderson
Created:
2004-04-09 01:34:12 AEST
Size:
13.29 KB
patch
obsolete
>/opt/openssh/sbin/sshd -ddd -p 2222 > >ssh -p 2022 -vvvl etl_ops unixs348 > >$root@unixs348:# /opt/openssh/sbin/sshd -ddd -p 2222 >debug1: sshd version OpenSSH_3.4p1 >debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key. >debug1: read PEM private key done: type RSA >debug1: private host key: #0 type 1 RSA >debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key. >debug1: read PEM private key done: type DSA >debug1: private host key: #1 type 2 DSA >debug1: Bind to port 2222 on xx.xx.xx.xx. >Server listening on xx.xx.xx.xx port 2222. >debug1: Server will not fork when running in debugging mode. >Connection from yy.yy.yy.yy port 37645 >debug1: Client protocol version 2.0; client software version OpenSSH_3.4p1 >debug1: match: OpenSSH_3.4p1 pat OpenSSH* >Enabling compatibility mode for protocol 2.0 >debug1: Local version string SSH-2.0-OpenSSH_3.4p1 >debug2: Network child is on pid 5645 >debug3: preauth child monitor started >debug3: mm_request_receive entering >debug3: privsep user:group 280:280 >debug1: list_hostkey_types: ssh-rsa,ssh-dss >debug1: SSH2_MSG_KEXINIT sent >debug1: SSH2_MSG_KEXINIT received >debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 >debug2: kex_parse_kexinit: ssh-rsa,ssh-dss >debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se >debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se >debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 >debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 >debug2: kex_parse_kexinit: none,zlib >debug2: kex_parse_kexinit: none,zlib >debug2: kex_parse_kexinit: >debug2: kex_parse_kexinit: >debug2: kex_parse_kexinit: first_kex_follows 0 >debug2: kex_parse_kexinit: reserved 0 >debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 >debug2: kex_parse_kexinit: ssh-rsa,ssh-dss >debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se >debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se >debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 >debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 >debug2: kex_parse_kexinit: none >debug2: kex_parse_kexinit: none >debug2: kex_parse_kexinit: >debug2: kex_parse_kexinit: >debug2: kex_parse_kexinit: first_kex_follows 0 >debug2: kex_parse_kexinit: reserved 0 >debug2: mac_init: found hmac-md5 >debug1: kex: client->server aes128-cbc hmac-md5 none >debug2: mac_init: found hmac-md5 >debug1: kex: server->client aes128-cbc hmac-md5 none >debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received >debug3: mm_request_send entering: type 0 >debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI >debug3: mm_request_receive_expect entering: type 1 >debug3: monitor_read: checking request 0debug3: mm_request_receive entering > >debug3: mm_answer_moduli: got parameters: 1024 2048 8192 >debug3: mm_request_send entering: type 1 >debug2: monitor_read: 0 used once, disabling now >debug3: mm_request_receive entering >debug3: mm_choose_dh: remaining 0 >debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent >debug1: dh_gen_key: priv key bits set: 128/256 >debug1: bits set: 1585/3191 >debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT >debug1: bits set: 1555/3191 >debug3: mm_key_sign entering >debug3: mm_request_send entering: type 4 >debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN >debug3: mm_request_receive_expect entering: type 5 >debug3: mm_request_receive entering >debug3: monitor_read: checking request 4 >debug3: mm_answer_sign >debug3: mm_answer_sign: signature 10e448(143) >debug3: mm_request_send entering: type 5 >debug2: monitor_read: 4 used once, disabling nowdebug1: SSH2_MSG_KEX_DH_GEX_REPLY sent >debug3: mm_request_receive entering > >debug1: kex_derive_keys >debug1: newkeys: mode 1 >debug1: SSH2_MSG_NEWKEYS sent >debug1: waiting for SSH2_MSG_NEWKEYS >debug1: newkeys: mode 0 >debug1: SSH2_MSG_NEWKEYS received >debug1: KEX done >debug1: userauth-request for user etl_ops service ssh-connection method none >debug1: attempt 0 failures 0 >debug3: mm_getpwnamallow entering >debug3: mm_request_send entering: type 6 >debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM >debug3: mm_request_receive_expect entering: type 7 >debug3: monitor_read: checking request 6debug3: mm_request_receive entering > >debug3: mm_answer_pwnamallow >debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 >debug3: mm_request_send entering: type 7 >debug2: monitor_read: 6 used once, disabling now >debug2: input_userauth_request: setting up authctxt for etl_opsdebug3: mm_request_receive entering >debug3: mm_start_pam entering > >debug3: mm_request_send entering: type 37 >debug3: mm_inform_authserv enteringdebug3: monitor_read: checking request 37 > >debug3: mm_request_send entering: type 3 >debug1: Starting up PAM with username "etl_ops" >debug2: input_userauth_request: try method none >debug3: mm_auth2_read_banner entering >debug3: mm_request_send entering: type 8 >debug3: mm_request_receive_expect entering: type 9 >debug3: mm_request_receive entering >debug3: Trying to reverse map address yy.yy.yy.yy. >Could not reverse map address yy.yy.yy.yy. >debug1: PAM setting rhost to "yy.yy.yy.yy" >debug2: monitor_read: 37 used once, disabling now >debug3: mm_request_receive entering >debug3: monitor_read: checking request 3 >debug3: mm_answer_authserv: service=ssh-connection, style= >debug2: monitor_read: 3 used once, disabling now >debug3: mm_request_receive entering >debug3: monitor_read: checking request 8 >debug3: mm_request_send entering: type 9 >debug2: monitor_read: 8 used once, disabling now >debug3: mm_request_receive enteringdebug1: userauth_banner: sent > >debug3: mm_auth_password entering >debug3: mm_request_send entering: type 10 >debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD >debug3: monitor_read: checking request 10debug3: mm_request_receive_expect entering: type 11 >debug3: mm_answer_authpassword: sending result 0 >debug3: mm_request_send entering: type 11 > >debug3: mm_request_receive entering >debug3: mm_auth_password: user not authenticatedFailed none for etl_ops from yy.yy.yy.yy port 37645 ssh2 > >debug3: mm_request_receive entering >Failed none for etl_ops from yy.yy.yy.yy port 37645 ssh2 >debug1: userauth-request for user etl_ops service ssh-connection method publickey >debug1: attempt 1 failures 1 >debug2: input_userauth_request: try method publickey >debug1: test whether pkalg/pkblob are acceptable >debug3: mm_key_allowed entering >debug3: mm_request_send entering: type 20 >debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED >debug3: monitor_read: checking request 20debug3: mm_request_receive_expect entering: type 21 >debug3: mm_request_receive entering > >debug3: mm_answer_keyallowed entering >debug3: mm_answer_keyallowed: key_from_blob: 115c30 >debug1: temporarily_use_uid: 231/101 (e=0) >debug1: trying public key file /export/home/etl_ops/.ssh/authorized_keys >debug3: secure_filename: checking '/export/home/etl_ops/.ssh' >debug3: secure_filename: checking '/export/home/etl_ops' >debug3: secure_filename: terminating check at '/export/home/etl_ops' >debug1: matching key found: file /export/home/etl_ops/.ssh/authorized_keys, line 1 >Found matching RSA key: 61:ff:c1:f1:05:24:73:8d:8b:63:e0:4b:db:68:3e:61 >debug1: restore_uid >debug3: mm_answer_keyallowed: key 115c30 is allowed >debug3: mm_request_send entering: type 21 >debug3: mm_request_receive entering >debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa >Postponed publickey for etl_ops from yy.yy.yy.yy port 37645 ssh2 >debug1: userauth-request for user etl_ops service ssh-connection method publickey >debug1: attempt 2 failures 1 >debug2: input_userauth_request: try method publickey >debug3: mm_key_allowed entering >debug3: mm_request_send entering: type 20 >debug3: monitor_read: checking request 20debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED >debug3: mm_request_receive_expect entering: type 21 >debug3: mm_answer_keyallowed entering >debug3: mm_answer_keyallowed: key_from_blob: 115c48 > >debug3: mm_request_receive entering >debug1: temporarily_use_uid: 231/101 (e=0) >debug1: trying public key file /export/home/etl_ops/.ssh/authorized_keys >debug3: secure_filename: checking '/export/home/etl_ops/.ssh' >debug3: secure_filename: checking '/export/home/etl_ops' >debug3: secure_filename: terminating check at '/export/home/etl_ops' >debug1: matching key found: file /export/home/etl_ops/.ssh/authorized_keys, line 1 >Found matching RSA key: 61:ff:c1:f1:05:24:73:8d:8b:63:e0:4b:db:68:3e:61 >debug1: restore_uid >debug3: mm_answer_keyallowed: key 115c48 is allowed >debug3: mm_request_send entering: type 21 >debug3: mm_request_receive entering >debug3: mm_key_verify entering >debug3: mm_request_send entering: type 22 >debug3: monitor_read: checking request 22debug3: mm_key_verify: waiting for MONITOR_ANS_KEYVERIFY > >debug3: mm_request_receive_expect entering: type 23 >debug3: mm_request_receive entering >debug1: ssh_rsa_verify: signature correct >debug3: mm_answer_keyverify: key 115c30 signature verified >debug3: mm_request_send entering: type 23 >debug2: userauth_pubkey: authenticated 1 pkalg ssh-rsa >Accepted publickey for etl_ops from yy.yy.yy.yy port 37645 ssh2 >debug3: mm_send_keystate: Sending new keys: 10cb30 113b50 >debug3: mm_newkeys_to_blob: converting 10cb30 >debug3: mm_newkeys_to_blob: converting 113b50 >debug3: mm_send_keystate: New keys have been sent >debug3: mm_send_keystate: Sending compression state >debug3: mm_request_send entering: type 24 >debug3: mm_send_keystate: Finished sending state >debug2: pam_acct_mgmt() = 0 >Accepted publickey for etl_ops from yy.yy.yy.yy port 37645 ssh2 >debug1: monitor_child_preauth: etl_ops has been authenticated by privileged process >debug3: mm_get_keystate: Waiting for new keys >debug3: mm_request_receive_expect entering: type 24 >debug3: mm_request_receive entering >debug3: mm_newkeys_from_blob: 1170d8(118) >debug2: mac_init: found hmac-md5 >debug3: mm_get_keystate: Waiting for second key >debug3: mm_newkeys_from_blob: 1170d8(118) >debug2: mac_init: found hmac-md5 >debug3: mm_get_keystate: Getting compression state >debug3: mm_get_keystate: Getting Network I/O buffers >debug3: mm_share_sync: Share sync >debug3: mm_share_sync: Share sync end >debug2: User child is on pid 5646 >debug3: mm_request_receive entering >debug1: PAM establishing creds >setuid 231: Not owner >debug1: Calling cleanup 0x23844(0x0) >debug1: Calling cleanup 0x23844(0x0) >debug1: Calling cleanup 0x3eac4(0x0) >$root@unixs348: # > > >The sshd_config file looks like this(ListenAddress has been changed to protect the innocence: > ># $OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $ > ># This is the sshd server system-wide configuration file. See ># sshd_config(5) for more information. > ># This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin:/opt/openssh/bi >n > ># The strategy used for options in the default sshd_config shipped with ># OpenSSH is to specify options with their default value where ># possible, but leave them commented. Uncommented options change a ># default value. > >Port 22 >Protocol 2 >ListenAddress xx.xx.xx.xx >#ListenAddress :: > ># HostKey for protocol version 1 >#HostKey /etc/ssh/ssh_host_key ># HostKeys for protocol version 2 >#HostKey /etc/ssh/ssh_host_rsa_key >#HostKey /etc/ssh/ssh_host_dsa_key > ># Lifetime and size of ephemeral version 1 server key >#KeyRegenerationInterval 3600 >ServerKeyBits 1024 > ># Logging >#obsoletes QuietMode and FascistLogging >#SyslogFacility AUTH >#LogLevel INFO > ># Authentication: > >#LoginGraceTime 600 >PermitRootLogin no >#StrictModes yes > >#RSAAuthentication yes >#PubkeyAuthentication yes >#AuthorizedKeysFile .ssh/authorized_keys > ># rhosts authentication should not be used >#RhostsAuthentication no ># Don't read the user's ~/.rhosts and ~/.shosts files >#IgnoreRhosts yes ># For this to work you will also need host keys in /etc/ssh/ssh_known_hosts >#RhostsRSAAuthentication no ># similar for protocol version 2 >#HostbasedAuthentication no ># Change to yes if you don't trust ~/.ssh/known_hosts for ># RhostsRSAAuthentication and HostbasedAuthentication >#IgnoreUserKnownHosts no > ># To disable tunneled clear text passwords, change to no here! >#PasswordAuthentication yes >#PermitEmptyPasswords no > ># Change to no to disable s/key passwords >#ChallengeResponseAuthentication yes > ># Kerberos options >#KerberosAuthentication no >#KerberosOrLocalPasswd yes >#KerberosTicketCleanup yes > >#AFSTokenPassing no > ># Kerberos TGT Passing only works with the AFS kaserver >#KerberosTgtPassing no > ># Set this to 'yes' to enable PAM keyboard-interactive authentication ># Warning: enabling this may bypass the setting of 'PasswordAuthentication' >#PAMAuthenticationViaKbdInt yes > >X11Forwarding yes >#X11DisplayOffset 10 >#X11UseLocalhost yes >PrintMotd yes >#PrintLastLog yes >#KeepAlive yes >#UseLogin no >#UsePrivilegeSeparation yes >#Compression yes > >#MaxStartups 10 ># no default banner path >Banner /etc/issue >#VerifyReverseMapping no > ># override default of no subsystems >Subsystem sftp /opt/openssh/libexec/sftp-server >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 837
: 599 |
601