[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Open ssh connection refused

Subject: Re: [cobalt-security] Open ssh connection refused
From: John Calderon <john@xxxxxxxxxxx>
Date: Fri, 28 Jun 2002 11:42:37 -0700
Organization: Timogen
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Perhaps the user directory that you are ssh'ing to has to open ofpermissions(by default cobalt has 2771 writable by group... notice thisis too much permissions for a home directory). try running

sshd -d -d
and run

putty in verbose mode ( don't use putty so can't help you there)

but it seems that when you removed the old version of sshd something wasnot removed.


also created a separte log in syslog for sshd
usually

auth.info/var/log/sshd.log


notice they have to be tabs
and restartip syslog.

john

David wrote:

Notes to hopefully help:

1. I found in my Messages log
sshd[16926]: fatal: chroot("/var/empty/sshd"): No such file or directory
So I created /var/empty/sshd
Now when I attempt to SSH in, no more error message. However still no login.

2. When I use SHH client from ssh.com, I get the error: "
Algorithm negotiation failed
Key exchanges with the remote host failed. This can happen for example if the
remote host computer does not support the selected algorithms.
"

3. What the Heck?
Now, out of nowhere, I am getting login prompt, but password no good.
Message log now contains:
Jun 28 10:59:43 ns sshd[18021]: WARNING: /etc/ssh/moduli does not exist, using
old modulus
Jun 28 10:59:47 ns PAM-warn[18021]: service: sshd [on terminal: NODEVssh]
Jun 28 10:59:47 ns PAM-warn[18021]: user: (uid=0) -> admin [remote:
?nobody@xxxxxxxxxxxxxxxx]
Jun 28 10:59:47 ns sshd[18021]: Failed password for admin from MyISPaddressIP
port 2105 ssh2
Jun 28 10:59:51 ns PAM-warn[18021]: service: sshd [on terminal: NODEVssh]
Jun 28 10:59:51 ns PAM-warn[18021]: user: (uid=0) -> admin [remote:
?nobody@xxxxxxxxxxxxxxxx]
Jun 28 10:59:51 ns sshd[18021]: Failed password for admin from MyISPaddressIP
port 2105 ssh2
Jun 28 11:00:00 ns PAM-warn[18021]: service: sshd [on terminal: NODEVssh]
Jun 28 11:00:00 ns PAM-warn[18021]: user: (uid=0) -> admin [remote:
?nobody@xxxxxxxxxxxxxxxx]
Jun 28 11:00:00 ns sshd[18021]: Failed password for admin from MyISPaddressIP
port 2105 ssh2

4. In reference to my Notes above.
Appears to be when I add /var/empty/sshd I get the message in NOTE #3.
When I remove /var/empty/sshd I get the message in NOTE #1.

Hope this helps.
- david

_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security

References:
- [cobalt-security] Open ssh connection refused
  - From: Simon Wilson
- Re: [cobalt-security] Open ssh connection refused
  - From: David
- Re: [cobalt-security] Open ssh connection refused
  - From: David

Prev by Date: RE: AW: [cobalt-security] Auto security patch installer ?
Next by Date: [cobalt-security] adm_error logs - speaking HTTP to HTTPS port (David)
Previous by thread: Re: [cobalt-security] Open ssh connection refused
Next by thread: [cobalt-security] adm_error logs - speaking HTTP to HTTPS port (David)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index