[lug] Problem with sshd
Chip Atkinson
catkinson at circadence.com
Tue Oct 2 14:06:12 MDT 2001
Try netstat -l. Here's what I get with that:
[chip at crossroads FEBE]$ netstat -l | more
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:5634 *:* LISTEN
tcp 0 0 *:trivnet1 *:* LISTEN
tcp 0 0 *:mysql *:* LISTEN
tcp 0 0 *:6000 *:* LISTEN
tcp 0 0 *:www-http *:* LISTEN
tcp 0 0 *:32787 *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:ipp *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
udp 0 0 localhost.localdom:1119 *:*
udp 0 0 *:ipp *:*
<snip>
Also, look at /etc/hosts.allow and /etc/hosts.deny. Both those are
looked at by sshd.
Chip
carl.wagner at level3.com wrote:
> Hi,
>
> I can't seem to log into my Linux box using SSH. And I don't know why.
> This is RH/Krud 7.1
>
> $ ps -ef | grep sshd
> root 756 1 0 01:05 ? 00:00:00 sshd
> root 13059 12514 0 19:48 pts/0 00:00:00 grep sshd
>
> $ chkconfig --list | grep ssh
> sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
>
> $ ipchains -L | grep ssh
> ACCEPT tcp -y---- anywhere anywhere any ->
> ssh
>
> "ssh localhost" works.
>
> I am unable to find the sshd process's port when doing a netstat -a.
>
> Does anyone know what I am doing wrong?
>
>
> Thanks,
> Carl.
>
>
>
> =================================
> from a remote box:
>
> $ ssh -v xx.xx.xx.xx
> SSH Version 1.2.25 [sparc-sun-solaris2.6], protocol version 1.5.
> Standard version. Does not use RSAREF.
> spot: Reading configuration data /etc/ssh_config
> spot: ssh_connect: getuid 102 geteuid 0 anon 0
> spot: Connecting to xx.xx.xx.xx port 22.
> spot: Allocated local port 1023.
> spot: connect: Connection timed out
> spot: Trying again...
> spot: Connecting to xx.xx.xx.xx port 22.
> spot: Allocated local port 1023.
> spot: connect: Connection timed out
> spot: Trying again...
>
>
> ===========================
>
> [root at carl08 ssh]# cat sshd_config
> # $OpenBSD: sshd_config,v 1.38 2001/04/15 21:41:29 deraadt Exp $
>
> # This sshd was compiled with PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
>
> # This is the sshd server system-wide configuration file. See sshd(8)
> # for more information.
>
> Port 22
> #Protocol 2,1
> #ListenAddress 0.0.0.0
> #ListenAddress ::
> HostKey /etc/ssh/ssh_host_key
> HostKey /etc/ssh/ssh_host_rsa_key
> HostKey /etc/ssh/ssh_host_dsa_key
> ServerKeyBits 768
> LoginGraceTime 600
> KeyRegenerationInterval 3600
> PermitRootLogin yes
> #
> # Don't read ~/.rhosts and ~/.shosts files
> IgnoreRhosts yes
> # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
> #IgnoreUserKnownHosts yes
> StrictModes yes
> X11Forwarding no
> X11DisplayOffset 10
> PrintMotd yes
> #PrintLastLog no
> KeepAlive yes
>
> # Logging
> SyslogFacility AUTH
> LogLevel INFO
> #obsoletes QuietMode and FascistLogging
>
> RhostsAuthentication no
> #
> # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
> RhostsRSAAuthentication no
> # similar for protocol version 2
> HostbasedAuthentication no
> #
> RSAAuthentication yes
>
> # To disable tunneled clear text passwords, change to no here!
> PasswordAuthentication yes
> PermitEmptyPasswords no
>
> # Uncomment to disable s/key passwords
> #ChallengeResponseAuthentication no
>
> # Uncomment to enable PAM keyboard-interactive authentication
> # Warning: enabling this may bypass the setting of 'PasswordAuthentication'
> #PAMAuthenticationViaKbdInt yes
>
> # To change Kerberos options
> #KerberosAuthentication no
> #KerberosOrLocalPasswd yes
> #AFSTokenPassing no
> #KerberosTicketCleanup no
>
> # Kerberos TGT Passing does only work with the AFS kaserver
> #KerberosTgtPassing yes
>
> #CheckMail yes
> #UseLogin no
>
> #MaxStartups 10:30:60
> #Banner /etc/issue.net
> #ReverseMappingCheck yes
>
> Subsystem sftp /usr/libexec/openssh/sftp-server
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG
mailing list