Search Results

Search found 392 results on 16 pages for 'sshd'.

Page 2/16 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Minimal Linux distribution with sshd and apt

    - by Sergey Mikhanov
    When I signed up for my Debian Linux VPS hosting and first logged on and invoked ps, there was the only user process running: sshd. As I can see, this was minimal Linux with only two things installed and configured: sshd and apt (plus all dependencies, of course). I want to build (or use existing) similar Linux distro, any advice on how to build (or pick) one? Googling "minimum linux", or "linux with sshd only" usually brings up Debian's netinstall, which is not what I want. Thanks in advance.

    Read the article

  • ssh: connect to host 192.168.1.7 port 22: Connection refused

    - by Rudra
    I get this error when ever I try to connect my desktop with another desktop using SSH, but I'm able to ping the other desktop successfully. ssh: connect to host 192.168.1.7 port 22: Connection refused When I try to restart sshd, it says sshd : unrecognized service I can connect to remote server using SSH but I'm not able to connect within the local network. Please help me in this regards, Thanks in advance.

    Read the article

  • which is the recommended way to install sshd in cygwin on windows 7 enterprise

    - by anjanb
    What is the recommended procedure to install sshd on Windows 7 Enterprise ? I have already installed cygwin and openssh on this computer. i'm open to non-cygwin sshd as long as there won't be any compatibility issues with cygwin related programs. UPDATE I want setup/config information as well. Currently, I get an error if I try to connect to localhost. $ ssh localhost ssh: connect to host localhost port 22: Connection refused

    Read the article

  • cygwin sshd fails to allocate pty for some users

    - by user115851
    I have (finally) got sshd working under cygwin on Win7 - well, sort of. The sshd runs as user 'cyg_server'. I'm able to successfully ssh to my computer using that same user name. However, if I attempt to ssh using my normal (Windows) user name, it fails trying to allocate a pty for my login session. For example, output of 'sshd -D -d -d -d' contains this .. ... debug1: Entering interactive session for SSH2. debug2: fd 4 setting O_NONBLOCK debug2: fd 5 setting O_NONBLOCK debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384 debug1: input_session_request debug1: channel 0: new [server-session] debug2: session_new: allocate (allocated 0 max 10) debug3: session_unused: session id 0 unused debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session debug1: server_input_global_request: rtype [email protected] want_reply 0 debug1: server_input_channel_req: channel 0 request pty-req reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req pty-req debug1: Allocating pty. debug1: session_pty_req: session 0 alloc /dev/pty1 !!! chown(/dev/pty1, 17308, 10513) failed: Invalid argument debug1: do_cleanup debug1: session_pty_cleanup: session 0 release /dev/pty1 Currently /dev is owned by my normal account. I've tried changing its ownership to cyg_server as well as SYSTEM. In both cases the problem persists. I've also changed permissions for /dev (e.g, 700 and 777) - again problem persists. [As a side note - it is strange that whenever I do 'ls -al /dev' the ptys do not show up. However, if I 'ls -l /dev/ptyX' for a pty I know to exist, it shows up. Is that normal for cygwin?] -Bob Andover, MA

    Read the article

  • open-sshd service withou pam support !! How can I add pam support to sshd? Ubuntu

    - by marc.riera
    Hi, I'm using AD as my user account server with ldap. Most of the servers run with UsePam yes except this one, it has lack of pam support on sshd. root@linserv9:~# ldd /usr/sbin/sshd linux-vdso.so.1 => (0x00007fff621fe000) libutil.so.1 => /lib/libutil.so.1 (0x00007fd759d0b000) libz.so.1 => /usr/lib/libz.so.1 (0x00007fd759af4000) libnsl.so.1 => /lib/libnsl.so.1 (0x00007fd7598db000) libcrypto.so.0.9.8 => /usr/lib/libcrypto.so.0.9.8 (0x00007fd75955b000) libcrypt.so.1 => /lib/libcrypt.so.1 (0x00007fd759323000) libc.so.6 => /lib/libc.so.6 (0x00007fd758fc1000) libdl.so.2 => /lib/libdl.so.2 (0x00007fd758dbd000) /lib64/ld-linux-x86-64.so.2 (0x00007fd759f0e000) I have this packages installed root@linserv9:~# dpkg -l|grep -E 'pam|ssh' ii denyhosts 2.6-2.1 an utility to help sys admins thwart ssh hac ii libpam-modules 0.99.7.1-5ubuntu6.1 Pluggable Authentication Modules for PAM ii libpam-runtime 0.99.7.1-5ubuntu6.1 Runtime support for the PAM library ii libpam-ssh 1.91.0-9.2 enable SSO behavior for ssh and pam ii libpam0g 0.99.7.1-5ubuntu6.1 Pluggable Authentication Modules library ii libpam0g-dev 0.99.7.1-5ubuntu6.1 Development files for PAM ii openssh-blacklist 0.1-1ubuntu0.8.04.1 list of blacklisted OpenSSH RSA and DSA keys ii openssh-client 1:4.7p1-8ubuntu1.2 secure shell client, an rlogin/rsh/rcp repla ii openssh-server 1:4.7p1-8ubuntu1.2 secure shell server, an rshd replacement ii quest-openssh 5.2p1_q13-1 Secure shell root@linserv9:~# What I'm doing wrong? thanks. Edit: root@linserv9:~# cat /etc/pam.d/sshd # PAM configuration for the Secure Shell service # Read environment variables from /etc/environment and # /etc/security/pam_env.conf. auth required pam_env.so # [1] # In Debian 4.0 (etch), locale-related environment variables were moved to # /etc/default/locale, so read that as well. auth required pam_env.so envfile=/etc/default/locale # Standard Un*x authentication. @include common-auth # Disallow non-root logins when /etc/nologin exists. account required pam_nologin.so # Uncomment and edit /etc/security/access.conf if you need to set complex # access limits that are hard to express in sshd_config. # account required pam_access.so # Standard Un*x authorization. @include common-account # Standard Un*x session setup and teardown. @include common-session # Print the message of the day upon successful login. session optional pam_motd.so # [1] # Print the status of the user's mailbox upon successful login. session optional pam_mail.so standard noenv # [1] # Set up user limits from /etc/security/limits.conf. session required pam_limits.so # Set up SELinux capabilities (need modified pam) # session required pam_selinux.so multiple # Standard Un*x password updating. @include common-password

    Read the article

  • Hundreds of unknown entries in Linux logwatch

    - by Saif Bechan
    I have a dedicated server which runs centos. Today i got an email from loginwatch on my server with hundreds of lines of 'errors'. I don't really know what they are becasue i am fairly new at this. The lines are in a few sections, I will display the first 10 of all of them, i hope someone can help me fix these problems. --------------------- Named Begin ------------------------ **Unmatched Entries** client 216.146.46.136 notify question section contains no SOA: 8 Time(s) client 92.114.98.10 query (cache) 'adobe.com/A/IN' denied: 4 Time(s) network unreachable resolving '11.254.75.75.in-addr.arpa/PTR/IN': 2001:7fd::1#53: 1 Time(s) network unreachable resolving '136.176.97.93.in-addr.arpa/PTR/IN': 2001:13c7:7002:3000::11#53: 1 Time(s) network unreachable resolving '136.176.97.93.in-addr.arpa/PTR/IN': 2001:500:13::c7d4:35#53: 1 Time(s) network unreachable resolving '136.176.97.93.in-addr.arpa/PTR/IN': 2001:500:2e::1#53: 2 Time(s) network unreachable resolving '136.176.97.93.in-addr.arpa/PTR/IN': 2001:610:240:0:53::193#53: 1 Time(s) network unreachable resolving '136.176.97.93.in-addr.arpa/PTR/IN': 2001:610:240:0:53::3#53: 1 Time(s) network unreachable resolving '136.176.97.93.in-addr.arpa/PTR/IN': 2001:660:3006:1::1:1#53: 1 Time(s) network unreachable resolving '136.176.97.93.in-addr.arpa/PTR/IN': 2001:6b0:7::2#53: 1 Time(s) network unreachable resolving '136.176.97.93.in-addr.arpa/PTR/IN': 2001:dc0:1:0:4777::140#53: 1 Time(s) network unreachable resolving '136.176.97.93.in-addr.arpa/PTR/IN': 2001:dc0:2001:a:4608::59#53: 1 Time(s) network unreachable resolving '146.250.19.67.in-addr.arpa/PTR/IN': 2001:5a0:10::2#53: 1 Time(s) network unreachable resolving '149.207.106.87.in-addr.arpa/PTR/IN': 2001:7fd::1#53: 1 Time(s) network unreachable resolving '178.62.24.195.in-addr.arpa/PTR/IN': 2001:7fd::1#53: 1 Time(s) this goes on for hundreds of lines with all different domain names. --------------------- pam_unix Begin ------------------------ Failed logins from: 78.86.126.211 (78-86-126-211.zone2.bethere.co.uk): 111 times 93.97.176.136 (93-97-176-136.dsl.cnl.uk.net): 113 times 121.14.145.32: 136 times 190.152.69.5: 248 times 209.160.72.15: 572 times 210.26.48.35: 2 times 212.235.111.224 (DSL212-235-111-224.bb.netvision.net.il): 140 times 218.206.25.29: 140 times Illegal users from: 78.86.126.211 (78-86-126-211.zone2.bethere.co.uk): 2665 times 93.97.176.136 (93-97-176-136.dsl.cnl.uk.net): 2539 times 121.14.145.32: 116 times 190.152.69.5: 34 times 209.160.72.15: 324 times 218.206.25.29: 8051 times proftpd: Unknown Entries: session opened for user cent_ftp by (uid=0): 15 Time(s) session closed for user cent_ftp: 14 Time(s) sshd: Authentication Failures: unknown (218.206.25.29): 8051 Time(s) unknown (78-86-126-211.zone2.bethere.co.uk): 2665 Time(s) unknown (93.97.176.136): 2539 Time(s) root (209.160.72.15): 558 Time(s) unknown (209.160.72.15): 324 Time(s) root (190.152.69.5): 246 Time(s) unknown (121.14.145.32): 116 Time(s) root (121.14.145.32): 106 Time(s) root (dsl212-235-111-224.bb.netvision.net.il): 70 Time(s) root (93.97.176.136): 44 Time(s) root (78-86-126-211.zone2.bethere.co.uk): 37 Time(s) unknown (190.152.69.5): 34 Time(s) mysql (121.14.145.32): 30 Time(s) nobody (218.206.25.29): 26 Time(s) mail (218.206.25.29): 24 Time(s) news (218.206.25.29): 24 Time(s) root (218.206.25.29): 24 Time(s) --------------------- SSHD Begin ------------------------ **Unmatched Entries** pam_succeed_if(sshd:auth): error retrieving information about user tavi : 2 time(s) pam_succeed_if(sshd:auth): error retrieving information about user pam : 2 time(s) pam_succeed_if(sshd:auth): error retrieving information about user konchog : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user stavrum : 2 time(s) pam_succeed_if(sshd:auth): error retrieving information about user rachel : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user affiliates : 24 time(s) pam_succeed_if(sshd:auth): error retrieving information about user nen : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user cobra : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user pass : 7 time(s) pam_succeed_if(sshd:auth): error retrieving information about user hacer : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user chung : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user zainee : 1 time(s) pam_succeed_if(sshd:auth): error retrieving information about user radu : 2 time(s) pam_succeed_if(sshd:auth): error retrieving information about user alka : 4 time(s) pam_succeed_if(sshd:auth): error retrieving information about user albert : 5 time(s) pam_succeed_if(sshd:auth): error retrieving information about user turcia : 2 time(s) pam_succeed_if(sshd:auth): error retrieving information about user cordell : 2 time(s) pam_succeed_if(sshd:auth): error retrieving information about user silver : 2 time(s) pam_succeed_if(sshd:auth): error retrieving information about user dragon : 3 time(s) If someone wants to see the whole log i can upload it somewhere. Am i being hacked, what is this all?? I hope someone can help me, this does not look good at all.

    Read the article

  • Cannot SSH to ubuntu server - openssh server owner changed

    - by Kshitiz Shankar
    I am using suPHP with Apache for virtual hosting but somewhere down the line my root ssh access is getting screwed up. I haven't been able to figure out why it is happening but eventually, my root user is not able to ssh to the server. I get this error: *** invalid open call: O_CREAT without mode ***: sshd: root@pts/3 terminated ======= Backtrace: ========= /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f12fe871817] /lib/x86_64-linux-gnu/libc.so.6(+0xeb7e1)[0x7f12fe8527e1] sshd: root@pts/3[0x41a542] sshd: root@pts/3[0x41a9eb] sshd: root@pts/3[0x41aeb8] sshd: root@pts/3[0x409630] sshd: root@pts/3[0x40f9ed] sshd: root@pts/3[0x410dd6] sshd: root@pts/3[0x411994] sshd: root@pts/3[0x411f16] sshd: root@pts/3[0x40b253] sshd: root@pts/3[0x42be24] sshd: root@pts/3[0x40c9cb] sshd: root@pts/3[0x412199] sshd: root@pts/3[0x4061a2] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7f12fe78876d] sshd: root@pts/3[0x407635] ======= Memory map: ======== 00400000-00448000 r-xp 00000000 ca:02 4554758 /usr/sbin/sshd 00647000-00648000 r--p 00047000 ca:02 4554758 /usr/sbin/sshd 00648000-00649000 rw-p 00048000 ca:02 4554758 /usr/sbin/sshd 00649000-00750000 rw-p 00000000 00:00 0 01794000-017b5000 rw-p 00000000 00:00 0 [heap] 7f12fd5ad000-7f12fd5c2000 r-xp 00000000 ca:02 3489844 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f12fd5c2000-7f12fd7c1000 ---p 00015000 ca:02 3489844 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f12fd7c1000-7f12fd7c2000 r--p 00014000 ca:02 3489844 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f12fd7c2000-7f12fd7c3000 rw-p 00015000 ca:02 3489844 /lib/x86_64-linux-gnu/libgcc_s.so.1 7f12fd7c3000-7f12fd7db000 r-xp 00000000 ca:02 3489977 /lib/x86_64-linux-gnu/libresolv-2.15.so 7f12fd7db000-7f12fd9db000 ---p 00018000 ca:02 3489977 /lib/x86_64-linux-gnu/libresolv-2.15.so 7f12fd9db000-7f12fd9dc000 r--p 00018000 ca:02 3489977 /lib/x86_64-linux-gnu/libresolv-2.15.so 7f12fd9dc000-7f12fd9dd000 rw-p 00019000 ca:02 3489977 /lib/x86_64-linux-gnu/libresolv-2.15.so 7f12fd9dd000-7f12fd9df000 rw-p 00000000 00:00 0 7f12fd9df000-7f12fd9e6000 r-xp 00000000 ca:02 3489994 /lib/x86_64-linux-gnu/libnss_dns-2.15.so 7f12fd9e6000-7f12fdbe5000 ---p 00007000 ca:02 3489994 /lib/x86_64-linux-gnu/libnss_dns-2.15.so 7f12fdbe5000-7f12fdbe6000 r--p 00006000 ca:02 3489994 /lib/x86_64-linux-gnu/libnss_dns-2.15.so 7f12fdbe6000-7f12fdbe7000 rw-p 00007000 ca:02 3489994 /lib/x86_64-linux-gnu/libnss_dns-2.15.so 7f12fdbe7000-7f12fdd27000 rw-s 00000000 00:04 6167294 /dev/zero (deleted) 7f12fdd27000-7f12fdd33000 r-xp 00000000 ca:02 3489984 /lib/x86_64-linux-gnu/libnss_files-2.15.so 7f12fdd33000-7f12fdf32000 ---p 0000c000 ca:02 3489984 /lib/x86_64-linux-gnu/libnss_files-2.15.so 7f12fdf32000-7f12fdf33000 r--p 0000b000 ca:02 3489984 /lib/x86_64-linux-gnu/libnss_files-2.15.so 7f12fdf33000-7f12fdf34000 rw-p 0000c000 ca:02 3489984 /lib/x86_64-linux-gnu/libnss_files-2.15.so 7f12fdf34000-7f12fdf3e000 r-xp 00000000 ca:02 3489979 /lib/x86_64-linux-gnu/libnss_nis-2.15.so 7f12fdf3e000-7f12fe13e000 ---p 0000a000 ca:02 3489979 /lib/x86_64-linux-gnu/libnss_nis-2.15.so 7f12fe13e000-7f12fe13f000 r--p 0000a000 ca:02 3489979 /lib/x86_64-linux-gnu/libnss_nis-2.15.so 7f12fe13f000-7f12fe140000 rw-p 0000b000 ca:02 3489979 /lib/x86_64-linux-gnu/libnss_nis-2.15.so 7f12fe140000-7f12fe157000 r-xp 00000000 ca:02 3489996 /lib/x86_64-linux-gnu/libnsl-2.15.so 7f12fe157000-7f12fe356000 ---p 00017000 ca:02 3489996 /lib/x86_64-linux-gnu/libnsl-2.15.so 7f12fe356000-7f12fe357000 r--p 00016000 ca:02 3489996 /lib/x86_64-linux-gnu/libnsl-2.15.so 7f12fe357000-7f12fe358000 rw-p 00017000 ca:02 3489996 /lib/x86_64-linux-gnu/libnsl-2.15.so 7f12fe358000-7f12fe35a000 rw-p 00000000 00:00 0 7f12fe35a000-7f12fe362000 r-xp 00000000 ca:02 3489985 /lib/x86_64-linux-gnu/libnss_compat-2.15.so 7f12fe362000-7f12fe561000 ---p 00008000 ca:02 3489985 /lib/x86_64-linux-gnu/libnss_compat-2.15.so 7f12fe561000-7f12fe562000 r--p 00007000 ca:02 3489985 /lib/x86_64-linux-gnu/libnss_compat-2.15.so 7f12fe562000-7f12fe563000 rw-p 00008000 ca:02 3489985 /lib/x86_64-linux-gnu/libnss_compat-2.15.so 7f12fe563000-7f12fe565000 r-xp 00000000 ca:02 3489886 /lib/x86_64-linux-gnu/libdl-2.15.so 7f12fe565000-7f12fe765000 ---p 00002000 ca:02 3489886 /lib/x86_64-linux-gnu/libdl-2.15.so 7f12fe765000-7f12fe766000 r--p 00002000 ca:02 3489886 /lib/x86_64-linux-gnu/libdl-2.15.so 7f12fe766000-7f12fe767000 rw-p 00003000 ca:02 3489886 /lib/x86_64-linux-gnu/libdl-2.15.so 7f12fe767000-7f12fe91c000 r-xp 00000000 ca:02 3489888 /lib/x86_64-linux-gnu/libc-2.15.so 7f12fe91c000-7f12feb1b000 ---p 001b5000 ca:02 3489888 /lib/x86_64-linux-gnu/libc-2.15.so 7f12feb1b000-7f12feb1f000 r--p 001b4000 ca:02 3489888 /lib/x86_64-linux-gnu/libc-2.15.so 7f12feb1f000-7f12feb21000 rw-p 001b8000 ca:02 3489888 /lib/x86_64-linux-gnu/libc-2.15.so 7f12feb21000-7f12feb26000 rw-p 00000000 00:00 0 7f12feb26000-7f12feb2f000 r-xp 00000000 ca:02 3489983 /lib/x86_64-linux-gnu/libcrypt-2.15.so 7f12feb2f000-7f12fed2f000 ---p 00009000 ca:02 3489983 /lib/x86_64-linux-gnu/libcrypt-2.15.so 7f12fed2f000-7f12fed30000 r--p 00009000 ca:02 3489983 /lib/x86_64-linux-gnu/libcrypt-2.15.so 7f12fed30000-7f12fed31000 rw-p 0000a000 ca:02 3489983 /lib/x86_64-linux-gnu/libcrypt-2.15.so 7f12fed31000-7f12fed5f000 rw-p 00000000 00:00 0 7f12fed5f000-7f12fef10000 r-xp 00000000 ca:02 3489831 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 7f12fef10000-7f12ff110000 ---p 001b1000 ca:02 3489831 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 7f12ff110000-7f12ff12b000 r--p 001b1000 ca:02 3489831 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 7f12ff12b000-7f12ff136000 rw-p 001cc000 ca:02 3489831 /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 7f12ff136000-7f12ff13a000 rw-p 00000000 00:00 0 7f12ff13a000-7f12ff150000 r-xp 00000000 ca:02 3490020 /lib/x86_64-linux-gnu/libz.so.1.2.3.4 7f12ff150000-7f12ff34f000 ---p 00016000 ca:02 3490020 /lib/x86_64-linux-gnu/libz.so.1.2.3.4 7f12ff34f000-7f12ff350000 r--p 00015000 ca:02 3490020 /lib/x86_64-linux-gnu/libz.so.1.2.3.4Connection to stageserver.dockphp.com closed. After some debugging, I was able to narrow it down to a few things. For some reason the sshd daemon is running as root:www-data (apache user) instead of root. My ftp connection works but ssh over terminal fails. I have no idea whether it is getting caused due to suPHP or not (because that is the only place where user permission's etc. change). I really need to narrow it down and fix it asap. Thanks a lot!

    Read the article

  • Minimal Lunix distribution with sshd and apt

    - by Sergey Mikhanov
    When I signed up for my Debian Linux VPS hosting and first logged on and invoked ps aux, there was the only user process running: sshd. As I can see, this was minimal Linux with only two things installed and configured: sshd and apt (plus all dependencies, of course). I want to build (or use existing) similar Linux distro, any advice on how to build (or pick) one? Googling "minimum linux", or "linux with sshd only" usually brings up Debian's netinstall, which is not what I want. Thanks in advance.

    Read the article

  • sshd: How to enable PAM authentication for specific users under

    - by Brad
    I am using sshd, and allow logins with public key authentication. I want to allow select users to log in with a PAM two-factor authentication module. Is there any way I can allow PAM two-factor authentication for a specifc user? I don't want users - By the same token - I only want to enable password authentication for specific accounts. I want my SSH daemon to reject the password authentication attempts to thwart would-be hackers into thinking that I will not accept password authentication - except for the case in which someone knows my heavily guarded secret account, which is password enabled. I want to do this for cases in which my SSH clients will not let me do either secret key, or two-factor authentication.

    Read the article

  • Whitelist IP from google-authenticator in sshd pam

    - by spudwaffle
    My Ubuntu 12.04 server uses the google-authenticator pam module to provide two step authentication for ssh. I need to make it so that a certain IP does not need to type the verification code. The /etc/pam.d/sshd file is below: # PAM configuration for the Secure Shell service # Read environment variables from /etc/environment and # /etc/security/pam_env.conf. auth required pam_env.so # [1] # In Debian 4.0 (etch), locale-related environment variables were moved to # /etc/default/locale, so read that as well. auth required pam_env.so envfile=/etc/default/locale # Standard Un*x authentication. @include common-auth # Disallow non-root logins when /etc/nologin exists. account required pam_nologin.so # Uncomment and edit /etc/security/access.conf if you need to set complex # access limits that are hard to express in sshd_config. # account required pam_access.so # Standard Un*x authorization. @include common-account # Standard Un*x session setup and teardown. @include common-session # Print the message of the day upon successful login. session optional pam_motd.so # [1] # Print the status of the user's mailbox upon successful login. session optional pam_mail.so standard noenv # [1] # Set up user limits from /etc/security/limits.conf. session required pam_limits.so # Set up SELinux capabilities (need modified pam) # session required pam_selinux.so multiple # Standard Un*x password updating. @include common-password auth required pam_google_authenticator.so I've already tried adding a auth sufficient pam_exec.so /etc/pam.d/ip.sh line above the google-authenticator line, but I can't understand how to check an IP adress in the bash script.

    Read the article

  • cygwin ssh connection to server port 22 connection refused on localhost

    - by Steven Wexler
    I set up a ssh server through ssh-host-config. Then I started the server. net start sshd The CYGWIN sshd service is starting. The CYGWIN sshd service was started successfully. When I try to connect I get: ssh myusername@localhost ssh: connect to host localhost port 22: Connection refused I tried to allow port 22 in Windows Firewall, but that didn't change anything. And because I'm trying to ssh locally I don't think Windows Firewall is the culprit. I'm using Windows 7 and What should I look for to fix this problem?

    Read the article

  • Joining an Ubuntu 14.04 machine to active directory with realm and sssd

    - by tubaguy50035
    I've tried following this guide to set up realmd and sssd with active directory: http://funwithlinux.net/2014/04/join-ubuntu-14-04-to-active-directory-domain-using-realmd/ When I run the command realm –verbose join domain.company.com –user-principal=c-u14-dev1/[email protected] –unattended everything seems to connect. My sssd.conf looks like the following: [nss] filter_groups = root filter_users = root reconnection_retries = 3 [pam] reconnection_retries = 3 [sssd] domains = DOMAIN.COMPANY.COM config_file_version = 2 services = nss, pam [domain/DOMAIN.COMPANY.COM] ad_domain = DOMAIN.COMPANY.COM krb5_realm = DOMAIN.COMPANY.COM realmd_tags = manages-system joined-with-adcli cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = True use_fully_qualified_names = True fallback_homedir = /home/%d/%u access_provider = ad My /etc/pam.d/common-auth looks like this: auth [success=3 default=ignore] pam_krb5.so minimum_uid=1000 auth [success=2 default=ignore] pam_unix.so nullok_secure try_first_pass auth [success=1 default=ignore] pam_sss.so use_first_pass # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around auth required pam_permit.so # and here are more per-package modules (the "Additional" block) auth optional pam_cap.so However, when I try to SSH into the machine with my active directory user, I see the following in auth.log: Aug 21 10:35:59 c-u14-dev1 sshd[11285]: Invalid user nwalke from myip Aug 21 10:35:59 c-u14-dev1 sshd[11285]: input_userauth_request: invalid user nwalke [preauth] Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_krb5(sshd:auth): authentication failure; logname=nwalke uid=0 euid=0 tty=ssh ruser= rhost=myiphostname Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_unix(sshd:auth): check pass; user unknown Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=myiphostname Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=myiphostname user=nwalke Aug 21 10:36:10 c-u14-dev1 sshd[11285]: pam_sss(sshd:auth): received for user nwalke: 10 (User not known to the underlying authentication module) Aug 21 10:36:12 c-u14-dev1 sshd[11285]: Failed password for invalid user nwalke from myip port 34455 ssh2 What do I need to do to allow active directory users the ability to log in?

    Read the article

  • x86_64 and memory issues

    - by Valery
    Recently I've switched from ubuntu 32bit to 64bit version. And now I experiencing some problems. All application take twice more memory. And some application takes even more. For example sshd on new server: root 6608 0.0 0.0 67972 2912 ? Ss 14:43 0:00 sshd: deploy [priv] deploy 6616 0.0 0.0 67972 1724 ? S 14:43 0:00 sshd: deploy@pts/4 root 20892 0.0 0.0 50916 1160 ? Ss 15:53 0:00 /usr/sbin/sshd root 21170 0.0 0.0 67972 2912 ? Ss 15:56 0:00 sshd: deploy [priv] deploy 21173 0.0 0.0 67972 1728 ? S 15:56 0:00 sshd: deploy@pts/0 root 23802 0.0 0.0 67972 2912 ? Ss 16:08 0:00 sshd: deploy [priv] deploy 23804 0.0 0.0 67972 1724 ? S 16:08 0:00 sshd: deploy@pts/1 root 24570 0.0 0.0 67972 2908 ? Ss 12:45 0:00 sshd: deploy [priv] deploy 24573 0.0 0.0 68112 1804 ? S 12:45 0:00 sshd: deploy@pts/3 deploy 25014 0.0 0.0 5168 852 pts/0 S+ 16:13 0:00 grep ssh the same on the old server: root 4867 0.0 0.0 5312 1028 ? Ss Mar23 0:00 /usr/sbin/sshd root 23753 0.0 0.0 8052 2556 ? Ss 16:15 0:00 sshd: deploy [priv] deploy 23755 0.0 0.0 8052 1524 ? S 16:15 0:00 sshd: deploy@pts/0 deploy 23770 0.0 0.0 3004 748 pts/0 D+ 16:15 0:00 grep ssh The same problems with postfix, nginx and some other application.

    Read the article

  • Configuring PAM with pam_mount; getting a dlopen() with an HX_Init error

    - by Jamie
    I'm trying to get automounting upon login working on Ubuntu 10.03 Beta 2. I didn't find a package for pam_mount, so I ended downloading it and building it. This required: sudo apt-get install build-essential pkg-config libxml2-dev libssl-dev libpam-dev Additionally, the libHX-dev is required but as of yesterday (23/4/2010) the package version provided (3.2) wasn't up to snuff (3.4) so I downloaded, compiled and installed that too. cd ./pam_mount-1.36/ && ./configure && make && sudo make install When I tried it (pam_mount) I got this in my auth log: Apr 23 12:18:02 ubuntu sshd[1195]: PAM unable to dlopen(/lib/security/pam_mount.so): /lib/security/pam_mount.so: undefined symbol: HX_init Apr 23 12:18:02 ubuntu sshd[1195]: PAM adding faulty module: /lib/security/pam_mount.so Apr 23 12:18:06 ubuntu sshd[1195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.20.182 user=jrisk Apr 23 12:18:06 ubuntu sshd[1195]: pam_winbind(sshd:auth): getting password (0x00000388) Apr 23 12:18:06 ubuntu sshd[1195]: pam_winbind(sshd:auth): pam_get_item returned a password Apr 23 12:18:06 ubuntu sshd[1195]: pam_winbind(sshd:auth): user 'jrisk' granted access Apr 23 12:18:06 ubuntu sshd[1195]: Accepted password for jrisk from 192.168.20.182 port 4369 ssh2 Apr 23 12:18:06 ubuntu sshd[1195]: pam_unix(sshd:session): session opened for user jrisk by (uid=0) What do I need to do get HX_Init into the system? This is related to an answer I previously got here.

    Read the article

  • SSH from external network refused

    - by wulfsdad
    I've installed open-ssh-server on my home computer(running Lubuntu 12.04.1) in order to connect to it from school. This is how I've set up the sshd_config file: # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for #Port 22 Port 2222 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH #LogLevel INFO LogLevel VERBOSE # Authentication: LoginGraceTime 120 PermitRootLogin no StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding no X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net Banner /etc/sshbanner.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes #specify which accounts can use SSH AllowUsers onlyme I've also configured my router's port forwarding table to include: LAN Ports: 2222-2222 Protocol: TCP LAN IP Address: "IP Address" displayed by viewing "connection information" from right-click menu of system tray Remote Ports[optional]: n/a Remote IP Address[optional]: n/a I've tried various other configurations as well, using primary and secondary dns, and also with specifying remote ports 2222-2222. I've also tried with TCP/UDP (actually two rules because my router requires separate rules for each protocol). With any router port forwarding configuration, I am able to log in with ssh -p 2222 -v localhost But, when I try to log in from school using ssh -p 2222 onlyme@IP_ADDRESS I get a "No route to host" message. Same thing when I use the "Broadcast Address" or "Default Route/Primary DNS". When I use the "subnet mask", ssh just hangs. However, when I use the "secondary DNS" I recieve a "Connection refused" message. :^( Someone please help me figure out how to make this work.

    Read the article

  • SSH: Connection Reset by Peer

    - by hopeless
    I have a Solaris 10 server on another network. I can ping it and telnet to it, but ssh doesn't connect. PuTTY log contains nothing of interest (they both negotiate to ssh v2) and then I get "Event Log: Network error: Software caused connection abort". ssh is defintely running: svcs -a | grep ssh online 12:12:04 svc:/network/ssh:default Here's an extract from the server's /var/adm/messages (anonymised) Jun 8 19:51:05 ******* sshd[26391]: [ID 800047 auth.crit] fatal: Read from socket failed: Connection reset by peer However, if I telnet to the box, I can login to ssh locally. I can also ssh to other (non-Solaris) machines on that network fine so I don't believe that it's a network issue (though, since I'm a few hundred miles away, I can't be sure). The server's firewall is disabled, so that shouldn't be a problem root@******** # svcs -a | grep -i ipf disabled Apr_27 svc:/network/ipfilter:default Any ideas what I should start checking? Update: Based on the feedback below, I've run sshd in debug mode. Here's the client output: $ ssh -vvv root@machine -p 32222 OpenSSH_5.0p1, OpenSSL 0.9.8h 28 May 2008 debug2: ssh_connect: needpriv 0 debug1: Connecting to machine [X.X.X.X] port 32222. debug1: Connection established. debug1: identity file /home/lawrencj/.ssh/identity type -1 debug1: identity file /home/lawrencj/.ssh/id_rsa type -1 debug1: identity file /home/lawrencj/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1 debug1: no match: Sun_SSH_1.1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.0 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent Read from socket failed: Connection reset by peer And here's the server output: root@machine # /usr/lib/ssh/sshd -d -p 32222 debug1: sshd version Sun_SSH_1.1 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: Bind to port 32222 on ::. Server listening on :: port 32222. debug1: Bind to port 32222 on 0.0.0.0. Server listening on 0.0.0.0 port 32222. debug1: Server will not fork when running in debugging mode. Connection from 1.2.3.4 port 2652 debug1: Client protocol version 2.0; client software version OpenSSH_5.0 debug1: match: OpenSSH_5.0 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-Sun_SSH_1.1 debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible Unknown code 0 ) debug1: SSH2_MSG_KEXINIT sent Read from socket failed: Connection reset by peer debug1: Calling cleanup 0x4584c(0x0) This line seems a likely candidate: debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible

    Read the article

  • CYGWin and sshd. Accepts authentication, but won't connect

    - by timramich
    Everything I find relating to this is the "ssh-exchange-identification:" error. This doesn't happen for me. I get two lines: Connection to localhost closed by remote host. Connection to localhost closed. ssh -v localhost spits out: OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to localhost [::1] port 22. debug1: Connection established. debug1: identity file /home/tim/.ssh/id_rsa type -1 debug1: identity file /home/tim/.ssh/id_rsa-cert type -1 debug1: identity file /home/tim/.ssh/id_dsa type -1 debug1: identity file /home/tim/.ssh/id_dsa-cert type -1 debug1: identity file /home/tim/.ssh/id_ecdsa type -1 debug1: identity file /home/tim/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8 debug1: match: OpenSSH_5.8 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ECDSA 64:e3:27:90:ef:48:93:21:38:ea:9b:0e:0b:07:b0:2a debug1: Host 'localhost' is known and matches the ECDSA host key. debug1: Found key in /home/tim/.ssh/known_hosts:1 debug1: ssh_ecdsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: /home/tim/.ssh/id_rsa debug1: Trying private key: /home/tim/.ssh/id_dsa debug1: Trying private key: /home/tim/.ssh/id_ecdsa debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password tim@localhost's password: debug1: Authentication succeeded (password). Authenticated to localhost ([::1]:22). debug1: channel 0: new [client-session] debug1: Requesting [email protected] debug1: Entering interactive session. debug1: channel 0: free: client-session, nchannels 1 Connection to localhost closed by remote host. Connection to localhost closed. Transferred: sent 2008, received 1376 bytes, in 0.0 seconds Bytes per second: sent 64774.0, received 44387.0 debug1: Exit status -1 I'm really at wit's end here because I couldn't get Windows' remote shell to even work. I'm so sick of using VNC just to get to a shell. Plus Windows' shell sucks because there is nothing like screen. Thanks

    Read the article

  • Why would sshd allow root logins by default?

    - by The Journeyman geek
    I'm currently working on hardening my servers against hacking- amongst other things, i'm getting a load of attempts to log on as root over ssh. While i've implemented fail2ban, i'm wondering, why root logons would be allowed by default to start with? Even with non sudo based distros, i can always log on as a normal user and switch - so i'm wondering is there any clear advantage to allowing root logons on ssh, or it just something no one bothers to change?

    Read the article

  • Enabling publickey authentication for server's sshd

    - by aaron
    I have two servers running RHEL 5. Both have nearly identical configurations. I have set up RSA Publickey authetication on both, and one works but the other does not: [my_user@client] $ ssh my_user@server1 --- server1 MOTD Banner --- [my_user@server1] $ and on the other server: [my_user@client] $ ssh my_user@server2 my_user@server2's password: --- server2 MOTD Banner --- [my_user@server2] $ server2's /etc/ssh/sshd_config file snippet: RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys When I run ssh -vvv I get the following snippet: debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug3: Next authentication method: publickey debug1: Offering public key: /home/my_user/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentication that can continue: publickey,gssapi-with-mic,passowrd debug1: Offering public key: /home/my_user/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentication that can continue: publickey,gssapi-with-mic,passowrd debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password my_user@server2's password:

    Read the article

  • Mac OS X Terminal.app Ubuntu 9.10 SSHD and incorrect keyboard mapping

    - by Jesse
    Does anyone have any Idea how to handle this? I can't stand connecting to certain Ubuntu boxes via Mac OS X because of issues with keyboard layout etc. I have set TERM=vt100 and TERM=xterm-color in Ubuntu .bashrc and also in the Terminal.app advanced preferences and nothing seems to fix this issue. Trying to use arrow keys on slim silver keyboard results in ^[[A etc. From Answer OS X 10.6.4 When I try to run /lib/terminfo/x/xterm-color I get permission denied? Maybe this is the issue?! Regular bash login shell. If I sudo often it works. Which leads me to believe the above permissions problem is the cause. Output from stty -a: $ stty -a speed 9600 baud; rows 47; columns 181; line = 0; intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = M-^?; eol2 = M-^?; swtch = <undef>; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R; werase = ^W; lnext = ^V; flush = ^O; min = 1; time = 0; -parenb -parodd cs8 -hupcl -cstopb cread -clocal -crtscts -ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon -ixoff -iuclc ixany imaxbel -iutf8 opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0 isig icanon iexten echo echoe -echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke

    Read the article

  • DD-WRT with both https and sshd running in port 443

    - by Bruno
    I have a buffalo router with dd-wrt v24 SP2. After setting up the basic stuff, I enabled the https access to the admin page. Several days later, while setting up remote ssh, I changed the default port from 22 to 443. And now..well :) You got the picture :) I can ssh the router but I have no web access to it's admin page. Before rushing to a cold-hearted configuration reset, is there any way to change the ssh port from a shell? Or make dd-wrt accessible thru basic http?

    Read the article

  • How to disabled password authentication for specific users in SSHD

    - by Nick
    I have read several posts regarding restricting ALL users to Key authentication ONLY, however I want to force only a single user (svn) onto Key auth only, the rest can be key or password. I read How to disable password authentication for every users except several, however it seems the "match user" part of sshd_config is part of openssh-5.1. I am running CentOS 5.6 and only have OpenSSH 4.3. I have the following repos available at the moment. $ yum repolist Loaded plugins: fastestmirror repo id repo name status base CentOS-5 - Base enabled: 3,535 epel Extra Packages for Enterprise Linux 5 - x86_64 enabled: 6,510 extras CentOS-5 - Extras enabled: 299 ius IUS Community Packages for Enterprise Linux 5 - x86_64 enabled: 218 rpmforge RHEL 5 - RPMforge.net - dag enabled: 10,636 updates CentOS-5 - Updates enabled: 720 repolist: 21,918 I mainly use epel, rpmforge is used to the latest version (1.6) of subversion. Is there any way to achieve this with my current setup? I don't want to restrict the server to keys only because if I lose my key I lose my server ;-)

    Read the article

  • How mature is apache sshd (MINA)?

    - by Yaneeve
    Has anyone ever used apache sshd (based on Apache MINA)? I would like to get some user input. Is it mature? Does it have (annoying) bugs? How is the API? Can useful documentation/tutorials be found? etc. Thanks all for your feedback.

    Read the article

  • How to use sshd_config - PermitUserEnvironment option

    - by laks
    I have client1 and client2 both are linux machines. From client1: client1$ssh root@client2 "env" it displays list of ssh variables from client2. Things I did on client2: I want to add new variable to client2 . So I edited sshd_config to PermitUserEnvironment yes and created a file environment under ssh with following entry Hi=Hello then restart sshd /etc/init.d/sshd Now from client1 trying the same command client1$ssh root@client2 "env" didn't provide the new variable "Hi". ref: http://www.raphink.info/2008/09/forcing-environment-in-ssh.html http://www.netexpertise.eu/en/ssh/environment-variables-and-ssh.html/comment-page-1#comment-1703

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >