[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to re-enable ssh logins

To: silug-discuss@silug.org
Subject: Re: How to re-enable ssh logins
From: "Robert G. (Doc) Savage" <dsavage@peaknet.net>
Date: Wed, 23 Oct 2013 18:31:39 -0500
In-Reply-To: <2ffa2076.9cf68.141e360c190.Webtop.44@charter.net>
Organization: Southern Illinois Linux Users Group
References: <2ffa2076.9cf68.141e360c190.Webtop.44@charter.net>
Reply-To: silug-discuss@silug.org
Sender: silug-discuss-owner@silug.org

On Tue, 2013-10-22 at 23:34 -0400, Roger Hill wrote:
> Doc,
> 
>    Have you tried 'ssh -vv user@host' ?? What does that show ??
> 
> Can you check the logs from the remote host you're trying to ssh login 
> to at the time of the failure ?
> 
> If the SSH client is old or out of date on the remote host, I would 
> update all ssh packages immediately.
> 
> -hope this helps
> 
> -Roger Hill

Roger,

I've attached the outputs of 'ssh -v doc@pod' and 'ssh -vv doc@pod'. I
sure don't see anything revealing in them.

The originating ssh client is the most recent v5.3p1-84.1.el6.x86_64.
The receiving sshd server is the same version. We're talking about two
up-to-date instances of CentOS 6.4.

--Doc

OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to pod [192.168.1.68] port 22.
debug1: Connection established.
debug1: identity file /home/doc/.ssh/identity type -1
debug1: identity file /home/doc/.ssh/id_rsa type -1
debug1: identity file /home/doc/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version dropbear_0.52
debug1: no match: dropbear_0.52
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host 'pod' is known and matches the RSA host key.
debug1: Found key in /home/doc/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/doc/.ssh/identity
debug1: Trying private key: /home/doc/.ssh/id_rsa
debug1: Trying private key: /home/doc/.ssh/id_dsa
debug1: Next authentication method: password
doc@pod's password: 
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
doc@pod's password: 
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
doc@pod's password: 
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
Permission denied (publickey,password).

$ ssh -vv pod
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to pod [192.168.1.68] port 22.
debug1: Connection established.
debug1: identity file /home/doc/.ssh/identity type -1
debug1: identity file /home/doc/.ssh/id_rsa type -1
debug1: identity file /home/doc/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version dropbear_0.52
debug1: no match: dropbear_0.52
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: zlib,zlib@openssh.com,none
debug2: kex_parse_kexinit: zlib,zlib@openssh.com,none
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug2: dh_gen_key: priv key bits set: 137/256
debug2: bits set: 503/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host 'pod' is known and matches the RSA host key.
debug1: Found key in /home/doc/.ssh/known_hosts:2
debug2: bits set: 497/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/doc/.ssh/identity ((nil))
debug2: key: /home/doc/.ssh/id_rsa ((nil))
debug2: key: /home/doc/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/doc/.ssh/identity
debug1: Trying private key: /home/doc/.ssh/id_rsa
debug1: Trying private key: /home/doc/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
doc@pod's password: 
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
doc@pod's password: 
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
doc@pod's password: 
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,password).


-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.

References:
- Re: How to re-enable ssh logins
  - From: Roger Hill <unixman@charter.net>

Prev by Date: Re: How to re-enable ssh logins
Next by Date: Re: How to re-enable ssh logins
Prev by thread: Re: How to re-enable ssh logins
Next by thread: Linux Journals from 10 years ago
Index(es):
- Date
- Thread