Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Can scp to server but not ssh

136 views
Skip to first unread message

Duane Drake

unread,
Aug 29, 2000, 3:00:00 AM8/29/00
to
I have recently set up an ssh server but am having difficulty getting shell
access. I can directly copy files to the server by using scp so the
authentication seems to be working. When using ssh though, it fails after
starting the interactive session, and immediately logs out. with the
following messages:

d...@198.25.22.45 password:
shell.none.net: Requesting pty.
shell.none.net: Requesting shell.
shell.none.net: Entering interactive session.
Connection to 198.25.22.45 closed.
shell.none.net: Transferred: stdin 0, stdout 478, stderr 39 bytes in 0.4
seconds
shell.none.net: Bytes per second: stdin 0.0, stdout 1285.5, stderr 104.9
shell.none.net: Exit status 0

The /var/log/messages file on the server 198.25.22.45 says:
"syslogin_perform_logout: logout() returned an error". It is almost as if
the user drd does not have the proper authority to start his shell. The
user can log in locally on tty without any problem.

I have not been able to track this error down.

Any help is greatly appreciated.

Thanks,

Duane Drake


John Hovell

unread,
Aug 29, 2000, 10:32:53 PM8/29/00
to
What version/ build are you using?

SSH 1 or 2? Open-SSH?

Did you build from source or use RPM's? SSH is a pretty compatible service, so
you giving us all the details you can on your system/install will help us
figure out what went wrong.

Thanks,
John

Duane Drake

unread,
Aug 30, 2000, 3:00:00 AM8/30/00
to
Thansk for your reponse.

I am running OpenSSH-2.1.1p4. I built it from source on RH6.2 with the
following options:

--with-tcp-wrappers
--with-ipv4-default

My sshd_config file is:

# This is ssh server systemwide configuration file.

Port 22
ListenAddress 198.25.22.45
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 1024
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin no
IgnoreRhosts yes
IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding no
PrintMotd yes
SyslogFacility AUTH
LogLevel INFO
RhostsAuthentication no
RhostsRSAAuthentication no
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
AllowUsers drd

The /etc/pam.d/sshd file is:

#%PAM-1.0
auth required /lib/security/pam_pwdb.so shadow nodelay
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_pwdb.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_pwdb.so shadow nullok use_authtok
session required /lib/security/pam_pwdb.so
session required /lib/security/pam_limits.so

I have tried allowing root to login by making it an AllowUser and setting
PermitRootLogin to yes. Root gets in partway, then is logged out because of
securetty not letting it in.

It is a pretty well locked down system set up by following "Securing and
Optimizing Linux: RedHat Edition" by Gerhard Mourani.

The system is not on DNS yet, so I am using hosts to resolve names. Could
this be part of the problem? I created keys but the server is defualting to
password authentication, but that doesn't work either as described above.

Thanks again!

Duane Drake


"John Hovell" <john....@home.com> wrote in message
news:39AC7254...@home.com...

sanjeev

unread,
Aug 30, 2000, 3:00:00 AM8/30/00
to
May be you have not be given shell as /bin/bash but/bin/falls.
In the case of /bin/falls, you will be allowed to connect but without any shell
prompt.


Duane Drake wrote:

Richard E. Silverman

unread,
Aug 30, 2000, 3:00:00 AM8/30/00
to
>>>>> "sanjeev" == sanjeev <san...@swl.rwth-aachen.de> writes:

sanjeev> May be you have not be given shell as /bin/bash
sanjeev> but /bin/falls. In the case of /bin/falls, you will be
sanjeev> allowed to connect but without any shell prompt.

This can't be the problem. sshd uses the target account's shell to run
remote commands. If the shell were /bin/false, he wouldn't be able to run
any commands, either.

--
Richard Silverman
sl...@shore.net

Duane Drake

unread,
Aug 31, 2000, 4:25:09 PM8/31/00
to
Any more input on this? I even set my ipchains to allow all access on all
ports (not on the internet of course) to see if it was the firewall, but
without any luck.

Thanks again,

Duane Drake


"Duane Drake" <d...@nowhere.com> wrote in message
news:39ac14e1$1...@news2.one.net...

Richard E. Silverman

unread,
Sep 2, 2000, 11:41:23 PM9/2/00
to

Are you starting sshd from inetd using "sshd -i"? If so, you need to
upgrade to OpenSSH-2.2.0. There is a bug in 2.1.1 which causes the
interactive shell's standard input to be opened on a file (often
/var/log/lastlog) instead of the appropriate pty; the shell reads the file
looking for commands, then reaches eof and logs out. csh-style shells
seem to do this invisibly, but if you're having this problem and you
change your shell to sh or bash, you'll see something like this:

% ssh box
-bash: ’9ttyp0: No such file or directory
-bash: h0000949969f5.ne.mediaone.net: command not found
-bash: âŒ9pts/8: No such file or directory
-bash: user-2ive2l2.dialup.mindspring.com: command not found
Connection to box closed.

(The garbage being bits and pieces from the lastlog file, including the
names of machines from which people have logged in recently).

I've only ever seen this bug when using sshd -i, but I don't know that
there aren't other circumstances that will tickle it as well.

--
Richard Silverman
sl...@shore.net

0 new messages