SSH client closes on non-root login
908 views
Skip to first unread message
Enrico Rovere
Jan 15, 2017, 8:17:45 AM1/15/17
to Alt-F
DNS-320L, RC5, PuTTY.
I can't login to a SSH with anything but root and webUI password. When I try logging in as a configured user, the terminal window closes after entering the password.
I'm not sure what I'm doing wrong here, can anyone help me? I'd rather not have my dad use SFTP as root.
Thanks in advance (:
João Cardoso
Jan 15, 2017, 12:04:59 PM1/15/17
to Alt-F
On Sunday, 15 January 2017 13:17:45 UTC, Enrico Rovere wrote:
DNS-320L, RC5, PuTTY.I can't login to a SSH with anything but root and webUI password. When I try logging in as a configured user, the terminal window closes after entering the password.
Generally that means that user home folder is not available. Examine the system log (System->Utilities, Logs)
Enrico Rovere
Jan 15, 2017, 12:12:28 PM1/15/17
to Alt-F
Jan 15 13:50:58 DNS-320L-032050 authpriv.info dropbear[880]: Exit (enrico): Error changing directory
Jan 15 13:50:58 DNS-320L-032050 authpriv.err dropbear[880]: chown /dev/pts/0 0 0 failed: Operation not permitted
Jan 15 13:50:58 DNS-320L-032050 authpriv.info dropbear[872]: Exit (enrico): Exited normally
Jan 15 13:50:58 DNS-320L-032050 authpriv.err dropbear[880]: chown /dev/pts/0 0 0 failed: Operation not permitted
Jan 15 13:50:58 DNS-320L-032050 authpriv.info dropbear[872]: Exit (enrico): Exited normally
I found this in the log,but I don't know what to do to fix the issue. Could you please point me in the right direction?
João Cardoso
Jan 15, 2017, 2:02:07 PM1/15/17
to Alt-F
I can't reproduce that.
Can you post more "dropbear" lines from the log?
Can "enrico" use telnet to login the box, instead of ssh (putty?)
And what is the output of
id enricogrep enrico /etc/passwdgrep enrico /etc/group
ls -l /home
Can you create a dummy test user using the webUI, Setup->Users, and see if he can login?
Enrico Rovere
Jan 15, 2017, 5:39:29 PM1/15/17
to al...@googlegroups.com
Can "enrico" use telnet to login the box, instead of ssh (putty?)
Still using putty to telnet on port 23. I can, but I get:
DNS-320L-032050 login: enrico
Password:
login: can't chdir to home directory '/home/Enrico'
$ whoami
enrico
Can you create a dummy test user using the webUI, Setup->Users, and see if he can login?
Created another user, 'maurizio', same thing.
Jan 15 23:29:44 DNS-320L-032050 authpriv.info dropbear[755]: Child connection from $PUBLICIP Jan 15 23:29:50 DNS-320L-032050 authpriv.notice dropbear[755]: Password auth succeeded for 'maurizio' from $PUBLICIP Jan 15 23:29:50 DNS-320L-032050 authpriv.info dropbear[758]: Exit (maurizio): Error changing directory Jan 15 23:29:50 DNS-320L-032050 authpriv.err dropbear[758]: chown /dev/pts/0 0 0 failed: Operation not permitted
Jan 15 23:29:50 DNS-320L-032050 authpriv.info dropbear[755]: Exit (maurizio): Exited normally
Also:
[root@DNS-320L-032050]# id enrico
uid=1000(enrico) gid=100(users) groups=100(users),34(backup)
[root@DNS-320L-032050]# grep enrico /etc/passwd
enrico:x:1000:100:Enrico:/home/Enrico:/bin/sh
[root@DNS-320L-032050]# grep enrico /etc/group
backup:x:34:enrico,maurizio
users:x:100:enrico,maurizio
[root@DNS-320L-032050]# ls -l home
ls: home: No such file or directory
Enrico Rovere
Jan 16, 2017, 8:22:30 AM1/16/17
to Alt-F
I renamed the disks SDA and SDB when I configured the box, could it be relevant?
João Cardoso
Jan 16, 2017, 11:00:42 AM1/16/17
to Alt-F
So, users don't have a home directory, they can't login.
A 'Users' folder should have been created by the webUI first login wizard in the base of the specified filesystem, and each created user has a directory with its Real Name there. When the "Users" is found at disk discovery/mount time, it is mapped to /home:
[root@dns-323]# ls -l /homelrwxrwxrwx 1 root root 15 Jan 10 19:10 /home -> /mnt/sda2/Users
[root@dns-323]# ls -l //mnt/sda2/Userstotal 16drwxr-xr-x 4 root root 4096 Jun 25 2016 .drwxr-xr-x 8 root root 4096 Jan 10 19:11 ..drwx--s--x 2 jcard users 4096 Jan 15 18:51 Joao Cardosodrwx--s--x 2 manulima users 4096 Dec 16 20:37 Manuela Lima
So, whatever happened it has to do with your renaming. What exactly have you done?
You cant rename disks, only give a label to a filesystem, which changes the "mountpoint", i.e., a filesystem is mounted at /mnt/filesystem_device_name, such as /mnt/sda2, or /mnt/filesystem_label, such as /mnt/Videos; a folder named "Users" must exists at the base of one filesystem, e.g. /mnt/sda2/Users
Have you already save settings and rebooted after the renaming? The discovery is done at boot time.
Enrico Rovere
Jan 16, 2017, 12:07:44 PM1/16/17
to al...@googlegroups.com
So, users don't have a home directory, they can't login.A 'Users' folder should have been created by the webUI first login wizard in the base of the specified filesystem, and each created user has a directory with its Real Name there. When the "Users" is found at disk discovery/mount time, it is mapped to /home:[root@dns-323]# ls -l /homelrwxrwxrwx 1 root root 15 Jan 10 19:10 /home -> /mnt/sda2/Users[root@dns-323]# ls -l //mnt/sda2/Userstotal 16drwxr-xr-x 4 root root 4096 Jun 25 2016 .drwxr-xr-x 8 root root 4096 Jan 10 19:11 ..drwx--s--x 2 jcard users 4096 Jan 15 18:51 Joao Cardosodrwx--s--x 2 manulima users 4096 Dec 16 20:37 Manuela LimaSo, whatever happened it has to do with your renaming. What exactly have you done?You cant rename disks, only give a label to a filesystem, which changes the "mountpoint", i.e., a filesystem is mounted at /mnt/filesystem_device_name, such as /mnt/sda2, or /mnt/filesystem_label, such as /mnt/Videos; a folder named "Users" must exists at the base of one filesystem, e.g. /mnt/sda2/UsersHave you already save settings and rebooted after the renaming? The discovery is done at boot time.
Sorry, I meant I set a label for the left and right disks, SDA and SDB, respectively, using the WebUI. From my prospective, everything is mounted correctly, at /mnt/SDA and /mnt/SDB.
A folder for each user is created correctly under /mnt/SDA/Users. I already saved and rebooted the box multiple times, since I did this change a while back.
Here's the folder structure:
[root@DNS-320L-032050]# ls -l
total 8
drwxr-xr-x 7 root root 4096 Jan 15 10:42 SDA
drwxr-xr-x 5 root root 4096 Jan 15 10:42 SDB
[root@DNS-320L-032050]# cd /mnt/SDA
[root@DNS-320L-032050]# ls -l
total 132
drwxr-xr-x 9 root root 4096 Jan 15 13:37 Alt-F
drwxr-xr-x 2 root root 4096 Dec 12 19:13 Logs
dr-xr-xr-x 4 root root 4096 Dec 2 10:08 Public
drwxr-xr-x 4 root root 4096 Jan 15 13:36 Users
-rw-rw-rw- 1 root root 48363 Jan 15 10:42 alt-f.log
-rw-rw-rw- 1 root root 48487 Jan 11 12:04 alt-f.log-previous
drwx------ 2 root root 16384 Dec 2 10:07 lost+found
-rwxr--r-- 1 root root 332 Dec 6 23:46 user.sh
Sorry for all the trouble.
João Cardoso
Jan 16, 2017, 1:30:17 PM1/16/17
to Alt-F
You missed looking at what is under /mnt/SDA/Users, users directories (named after their real names, not their nick name) should be found there, with the correct ownership and permissions, that's why I show you what I find in my system.
login: can't chdir to home directory '/home/Enrico'
Does /mnt/SDA/Users/Enrico exists? belonging to 'enrico' (Enrico nick name)?
It is also possible that the Users directory has not been detected, you can see that at /var/log/hot_aux.log. In my log, I can see
hot_aux: Start fscking sda4hot_aux: Users directory found in sda2hot_aux: Public directory found in sda2
and then a link should automatically be created to it:
[root@dns-323]# ls -l /homelrwxrwxrwx 1 root root 15 Jan 10 19:10 /home -> /mnt/sda2/Users
So, you need to check
-that each user directory is found under /mnt/SDA/Users/
-that it was discovered in hot_aux.log
-the link from /home to /mnt/SDA/Users exists.
please post the output of:
ls -l / /mnt/SDA/Users/
Sorry for all the trouble.
No problem
Enrico Rovere
Jan 16, 2017, 1:43:25 PM1/16/17
to Alt-F
Does /mnt/SDA/Users/Enrico exists? belonging to 'enrico' (Enrico nick name)?
root@DNS-320L-032050]# cd /mnt/SDA/Users
[root@DNS-320L-032050]# ls -l
total 8
drwx--s--x 17 enrico users 4096 Jan 9 19:15 Enrico
drwx--s--x 2 maurizio users 4096 Jan 15 13:36 Maurizio
I believe it does, and I believe it's got the right permissions, since I can correctly access the relative Samba share from Windows, using 'Enrico' 's credentials. Still:
[root@DNS-320L-032050]# ls -l /home
ls: /home: No such file or directory
It is also possible that the Users directory has not been detected, you can see that at /var/log/hot_aux.log. In my log, I can seehot_aux: Start fscking sda4hot_aux: Users directory found in sda2hot_aux: Public directory found in sda2and then a link should automatically be created to it:[root@dns-323]# ls -l /homelrwxrwxrwx 1 root root 15 Jan 10 19:10 /home -> /mnt/sda2/Users
Here's the content of hot_aux.log:
DATE=Sun Jan 15 10:42:22 CET 2017 USER=root HOME=/ OLDPWD=/ MDEV=sda2 TERM=vt102 SUBSYSTEM=sda PATH=/sbin:/usr/sbin:/bin:/usr/bin SHELL=/bin/sh PWD=/dev hot_aux: Start fscking sda2 hot_aux: Finish fscking sda2: fsck 1.41.14 (22-Dec-2010) SDA: clean, 47767/122068992 files, 306956579/488246928 blocks hot_aux: Users directory found in SDA DATE=Sun Jan 15 10:42:23 CET 2017 USER=root HOME=/ OLDPWD=/ MDEV=sdb2 TERM=vt102 SUBSYSTEM=sdb PATH=/sbin:/usr/sbin:/bin:/usr/bin SHELL=/bin/sh PWD=/dev hot_aux: Start fscking sdb2 hot_aux: Public directory found in SDA hot_aux: Alt-F directory found in SDA hot_aux: Finish fscking sdb2: fsck 1.41.14 (22-Dec-2010) SDB: clean, 217214/122068992 files, 388147116/488246928 blocks hot_aux: Backup directory found in SDB hot_aux: Alt-F directory found in SDB but not used, as file NOAUFS exists on it. hot_aux: Executing "/mnt/SDB/user.sh start" in background Downloading https://downloads.sourceforge.net/project/alt-f/pkgs/stable/Packages Updated list of available packages in /usr/lib/ipkg/lists/feed_1 Downloading https://downloads.sourceforge.net/project/alt-f/pkgs/unstable/Packages Updated list of available packages in /usr/lib/ipkg/lists/feed_2 Successfully terminated. hot_aux: Restarting transmission-daemon: Stopping transmission-daemon: OK. Starting transmission-daemon: OK.
João Cardoso
Jan 17, 2017, 11:32:20 AM1/17/17
to Alt-F
On Monday, 16 January 2017 18:43:25 UTC, Enrico Rovere wrote:
Does /mnt/SDA/Users/Enrico exists? belonging to 'enrico' (Enrico nick name)?root@DNS-320L-032050]# cd /mnt/SDA/Users[root@DNS-320L-032050]# ls -ltotal 8drwx--s--x 17 enrico users 4096 Jan 9 19:15 Enricodrwx--s--x 2 maurizio users 4096 Jan 15 13:36 Maurizio
That's OK, the Users folder exists and has the users home folders with the correct permissions and ownership.
I believe it does, and I believe it's got the right permissions, since I can correctly access the relative Samba share from Windows, using 'Enrico' 's credentials. Still:[root@DNS-320L-032050]# ls -l /homels: /home: No such file or directory
This should exists, it should be created by hot_aux.sh when the Users folder is discovered. This is the reason why login fails.
It is also possible that the Users directory has not been detected, you can see that at /var/log/hot_aux.log. In my log, I can seehot_aux: Start fscking sda4hot_aux: Users directory found in sda2
hot_aux: Public directory found in sda2and then a link should automatically be created to it:[root@dns-323]# ls -l /homelrwxrwxrwx 1 root root 15 Jan 10 19:10 /home -> /mnt/sda2/UsersHere's the content of hot_aux.log:DATE=Sun Jan 15 10:42:22 CET 2017 USER=root HOME=/ OLDPWD=/ MDEV=sda2 TERM=vt102 SUBSYSTEM=sda PATH=/sbin:/usr/sbin:/bin:/usr/bin SHELL=/bin/sh PWD=/dev hot_aux: Start fscking sda2 hot_aux: Finish fscking sda2: fsck 1.41.14 (22-Dec-2010) SDA: clean, 47767/122068992 files, 306956579/488246928 blocks hot_aux: Users directory found in SDA
OK, hot_aux.sh founds it and the /home link should be created linking to it.
DATE=Sun Jan 15 10:42:23 CET 2017 USER=root HOME=/ OLDPWD=/ MDEV=sdb2 TERM=vt102 SUBSYSTEM=sdb PATH=/sbin:/usr/sbin:/bin:/usr/bin SHELL=/bin/sh PWD=/dev hot_aux: Start fscking sdb2 hot_aux: Public directory found in SDA hot_aux: Alt-F directory found in SDA
Now, if a /mnt/SDA/Alt-F/home (or /Alt-F/home) *folder* exists here or a link named 'home' has been every deleted here, things might fail.
Please post the output of the command
ls -la /Alt-F
to confirm the existence (or not) of a 'home' folder or link.
I think that you can recover by executing the command
ln -s /mnt/SDA/Users /home
Please post its output. If that succeeds without error messages, you should be able to login as a normal user
For diagnose please post also the again the output of:
ls -l /
ls -la /Alt-F
I still don't know what the issue cause is, perhaps direct manipulation of the Alt-F folder by you? Please read the /Alt-F/README.txt file.
hot_aux: Finish fscking sdb2: fsck 1.41.14 (22-Dec-2010) SDB: clean, 217214/122068992 files, 388147116/488246928 blocks hot_aux: Backup directory found in SDB hot_aux: Alt-F directory found in SDB but not used, as file NOAUFS exists on it.
You have a non-active folder Alt-F folder in SDB, the one from SDA is being used as it is found earlier. There is no harm, but if you don't need the SDB one it you can delete it (Packages->Alt-F, "Packages Installed On" section)
Enrico Rovere
Jan 17, 2017, 12:51:00 PM1/17/17
to Alt-F
I think that you can recover by executing the commandln -s /mnt/SDA/Users /homePlease post its output. If that succeeds without error messages, you should be able to login as a normal userFor diagnose please post also the again the output of:ls -l /ls -la /Alt-F
I ran:
[root@DNS-320L-032050]# ln -s /mnt/SDA/Users /home
[root@DNS-320L-032050]# ls -l /
total 41
lrwxrwxrwx 1 root root 14 Jan 15 10:42 Alt-F -> /mnt/SDA/Alt-F
lrwxrwxrwx 1 root root 15 Jan 15 10:42 Backup -> /mnt/SDB/Backup
-rw-r--r-- 1 root root 15122 Mar 18 2015 COPYING
-rw-r--r-- 1 root root 329 Apr 19 2016 LICENSE
-rw-r--r-- 1 root root 126 Jan 15 10:42 README.txt
drwxr-xr-x 2 root root 973 Jun 25 2016 bin
drwxr-xr-x 2 root root 3 Jun 17 2016 boot
drwxr-xr-x 3 root root 1700 Jan 16 19:38 dev
drwxr-xr-x 29 root root 4096 Jan 17 02:26 etc
lrwxrwxrwx 1 root root 14 Jan 17 17:49 home -> /mnt/SDA/Users
-rwxr-xr-x 1 root root 5343 Dec 20 2015 init
drwxr-xr-x 2 root root 596 Jun 25 2016 lib
drwxr-xr-x 4 root root 80 Jan 15 10:42 mnt
drwxr-xr-x 2 root root 4096 Dec 10 15:59 opt
dr-xr-xr-x 63 root root 0 Jan 1 1970 proc
drwxr-x--- 2 root root 100 Jan 17 02:26 root
drwxrwxrwt 5 root root 100 Jan 1 1970 rootmnt
drwxr-xr-x 2 root root 760 Jan 15 10:42 sbin
dr-xr-xr-x 11 root root 0 Jan 1 1970 sys
drwxrwxrwt 11 root root 340 Jan 17 17:45 tmp
drwxr-xr-x 22 root root 4096 Jul 4 2016 usr
drwxr-xr-x 3 root root 4096 Dec 2 10:13 var
[root@DNS-320L-032050]# ls -la /Alt-F
lrwxrwxrwx 1 root root 14 Jan 15 10:42 /Alt-F -> /mnt/SDA/Alt-F
I'm now able to login as both 'enrico' and 'maurizio', both via SSH and telnet.
login as: enrico
enrico@$DOMAIN's password:
$ whoami
enrico
You have a non-active folder Alt-F folder in SDB, the one from SDA is being used as it is found earlier. There is no harm, but if you don't need the SDB one it you can delete it (Packages->Alt-F, "Packages Installed On" section)
Yes, I originally had packages installed on SDB, then I moved them to SDA. I now deleted the SDB folder via the WebUI.
Not being a Linux expert, I assume /home and /mnt/SDA/Users were not symlinked as expected, and creating a link fixed the issue. I already tried rebooting the box, and I can still login fine. I'm sure I didn't touch the contents of /Alt-F, so I can't tell what caused the issue. Do I need to do anything else?
João Cardoso
Jan 17, 2017, 2:45:58 PM1/17/17
to Alt-F
Yes. But to know why it was not created you had to run the 'ls -la /Alt-F' command before creating the symlink.
The symlink is always automatically created when the Users folder is find at boot time, and I would like to know why did that failed for you before.
and creating a link fixed the issue. I already tried rebooting the box, and I can still login fine. I'm sure I didn't touch the contents of /Alt-F,
You might not done that intentionally, but if you have defined SDA to be a network share the Alt-F folder will then appear when browsing.
so I can't tell what caused the issue.
Do I need to do anything else?
If you have already rebooted and are able to ssh/telnet login as a normal user without issues, you are OK.
Enrico Rovere
Jan 17, 2017, 3:52:30 PM1/17/17
to Alt-F
Yes. But to know why it was not created you had to run the 'ls -la /Alt-F' command before creating the symlink.
The symlink is always automatically created when the Users folder is find at boot time, and I would like to know why did that failed for you before.
I understand. I ran the commands on mobile, and didn't save the log for that part. I'm quite sure no /Alt-F/home was present, but again, I can't prove it.
You might not done that intentionally, but if you have defined SDA to be a network share the Alt-F folder will then appear when browsing.
Only the folders relative to the users are being shared on the network, so I'd rule that option out as well. Being my first NAS, I naively believed a user couldn't use SSH, so I used root for a while, and I'm convinced I've never been able to log in as a non-root user.
If you have already rebooted and are able to ssh/telnet login as a normal user without issues, you are OK.
Thank you very much for your patience, and for your great firmware. If I ever come across anything that could be useful to find out why this happened, I'll update this thread.
Reply all
Reply to author
Forward
0 new messages