Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Connection drops after entering password.

142 views
Skip to first unread message

Anthony Agnello

unread,
Oct 2, 2003, 1:37:55 PM10/2/03
to

Has anyone seen the error that I'm getting below? After you ssh to the box
and enter the password the connection just closes.

SSH Version
{ root@xxxxxxxx} # ssh -V
OpenSSH_3.7p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003

OS Version
{ root@xxxxxxxx } # oslevel -r
AIX 4330-09

SSH Connect Failure
{ root@xxxxxxxxx } # ssh -l xxxxxxxxx -v localhost
OpenSSH_3.7p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /.ssh/identity type -1
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.7p1
debug1: match: OpenSSH_3.7p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'localhost' is known and matches the DSA host key.
debug1: Found key in /.ssh/known_hosts:2
debug1: ssh_dss_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /.ssh/identity
debug1: Trying private key: /.ssh/id_rsa
debug1: Trying private key: /.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: password
aagnello@localhost's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: channel 0: free: client-session, nchannels 1
Connection to localhost closed by remote host.
Connection to localhost closed.
debug1: Transferred: stdin 0, stdout 0, stderr 81 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 3480.0
debug1: Exit status -1


/var/adm/messages
Oct 2 13:05:29 xxxxxxxxx sshd[18860]: Accepted password for xxxxxxxxx
xxx.xxx.xxx port 1775 ssh2
Oct 2 13:05:29 xxxxxxxxx sshd[21276]: fatal: Failed to set process
credentials


Thanks,

............................................................................

Tony Agnello
UNIX Technical Services
IBM Global Services - SDC Northeast
1701 North St, Endicott, NY 13760
...........................................................................

_______________________________________________
openssh-unix-dev mailing list
openssh-...@mindrot.org
http://www.mindrot.org/mailman/listinfo/openssh-unix-dev

Darren Tucker

unread,
Oct 2, 2003, 11:08:18 PM10/2/03
to
This is a multi-part message in MIME format.
--------------281E815902BCC1D607AE91F8
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Anthony Agnello wrote:
>
> Has anyone seen the error that I'm getting below? After you ssh to the box
> and enter the password the connection just closes.
>
> SSH Version
> { root@xxxxxxxx} # ssh -V
> OpenSSH_3.7p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003
>
> OS Version
> { root@xxxxxxxx } # oslevel -r
> AIX 4330-09

[snip]


> /var/adm/messages
> Oct 2 13:05:29 xxxxxxxxx sshd[18860]: Accepted password for xxxxxxxxx
> xxx.xxx.xxx port 1775 ssh2
> Oct 2 13:05:29 xxxxxxxxx sshd[21276]: fatal: Failed to set process
> credentials

The call to setpcred() is failing for some reason. Does it happen for all
accounts or only some? Do those accounts work OK with telnet?

You can try the attached patch which will make the error non-fatal and log
the errno returned, which might help figure out what's going on.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
--------------281E815902BCC1D607AE91F8
Content-Type: text/plain; charset=us-ascii;
name="openssh-setpcred.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="openssh-setpcred.patch"

Index: session.c
===================================================================
RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.c,v
retrieving revision 1.257
diff -u -p -r1.257 session.c
--- session.c 2 Oct 2003 10:07:09 -0000 1.257
+++ session.c 3 Oct 2003 02:53:35 -0000
@@ -1229,7 +1229,8 @@ do_setusercontext(struct passwd *pw)

#ifdef HAVE_SETPCRED
if (setpcred(pw->pw_name, (char **)NULL) == -1)
- fatal("Failed to set process credentials");
+ error("Failed to set process credentials: %s",
+ strerror(errno));
#endif /* HAVE_SETPCRED */
#ifdef HAVE_LOGIN_CAP
# ifdef __bsdi__

--------------281E815902BCC1D607AE91F8
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
openssh-unix-dev mailing list
openssh-...@mindrot.org
http://www.mindrot.org/mailman/listinfo/openssh-unix-dev

--------------281E815902BCC1D607AE91F8--

0 new messages