Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
ssh disconnects immediately after successful login
1,888 views
Skip to first unread message
Kent West
Dec 16, 2015, 8:30:06 AM12/16/15
to
I have a Debian box on my work network.
I have a MacBook Pro at home, with a Debian VM running in VirtualBox.
If I try to connect to my Debian box at work, using either my Mac's OS X
or my Mac's Debian VM, I can connect successfully, but then immediately
the connection is closed:
Kents-MacBook-Pro:~ westk$ ssh -Y we...@westek.acu.edu
we...@westek.acu.edu's password:
Connection to westek.acu.edu closed by remote host.
Connection to westek.acu.edu closed.
Kents-MacBook-Pro:~ westk$
I can ssh to a different Debian box on my work network, and then do an
ssh hop from there to my work box.
Also, if I start up the Virtual Private Network (VPN) client first, so
that I'm essentially on my work network rather than on my home network,
I get connected successfully.
So apparently something about my Debian box at work doesn't like
incoming ssh sessions from non-work networks. However, I can find
nothing to configure that.
Help?
One thing I did notice in the auth logs is that the connection port
seems to change every connection attempt; is that normal?
Dec 16 07:14:42 westek sshd[9309]: Accepted password for westk from
50.26.189.223 port 57119 ssh2
Dec 16 07:14:42 westek sshd[9309]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:14:42 westek systemd-logind[733]: New session c55 of user westk.
Dec 16 07:14:42 westek sshd[9309]: pam_unix(sshd:session): session
closed for user westk
Dec 16 07:14:42 westek systemd-logind[733]: Removed session c55.
Dec 16 07:15:28 westek sshd[9320]: Accepted password for westk from
150.252.166.116 port 50039 ssh2
Dec 16 07:15:28 westek sshd[9320]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:15:28 westek systemd-logind[733]: New session c56 of user westk.
...
Dec 16 07:17:56 westek sshd[9370]: Accepted password for westk from
50.26.189.223 port 57125 ssh2
Dec 16 07:17:56 westek sshd[9370]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:17:56 westek systemd-logind[733]: New session c57 of user westk.
Dec 16 07:17:56 westek sshd[9370]: pam_unix(sshd:session): session
closed for user westk
Dec 16 07:17:56 westek systemd-logind[733]: Removed session c57.
Dec 16 07:18:01 westek sshd[9380]: Accepted password for westk from
50.26.189.223 port 57126 ssh2
Dec 16 07:18:01 westek sshd[9380]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:18:01 westek systemd-logind[733]: New session c58 of user westk.
Dec 16 07:18:01 westek sshd[9380]: pam_unix(sshd:session): session
closed for user westk
Dec 16 07:18:01 westek systemd-logind[733]: Removed session c58.
Dec 16 07:18:10 westek sshd[9389]: Accepted password for westk from
50.26.189.223 port 57127 ssh2
Dec 16 07:18:10 westek sshd[9389]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:18:10 westek systemd-logind[733]: New session c59 of user westk.
Dec 16 07:18:10 westek sshd[9389]: pam_unix(sshd:session): session
closed for user westk
Dec 16 07:18:10 westek systemd-logind[733]: Removed session c59.
Thanks!
--
Kent
I have a MacBook Pro at home, with a Debian VM running in VirtualBox.
If I try to connect to my Debian box at work, using either my Mac's OS X
or my Mac's Debian VM, I can connect successfully, but then immediately
the connection is closed:
Kents-MacBook-Pro:~ westk$ ssh -Y we...@westek.acu.edu
we...@westek.acu.edu's password:
Connection to westek.acu.edu closed by remote host.
Connection to westek.acu.edu closed.
Kents-MacBook-Pro:~ westk$
I can ssh to a different Debian box on my work network, and then do an
ssh hop from there to my work box.
Also, if I start up the Virtual Private Network (VPN) client first, so
that I'm essentially on my work network rather than on my home network,
I get connected successfully.
So apparently something about my Debian box at work doesn't like
incoming ssh sessions from non-work networks. However, I can find
nothing to configure that.
Help?
One thing I did notice in the auth logs is that the connection port
seems to change every connection attempt; is that normal?
Dec 16 07:14:42 westek sshd[9309]: Accepted password for westk from
50.26.189.223 port 57119 ssh2
Dec 16 07:14:42 westek sshd[9309]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:14:42 westek systemd-logind[733]: New session c55 of user westk.
Dec 16 07:14:42 westek sshd[9309]: pam_unix(sshd:session): session
closed for user westk
Dec 16 07:14:42 westek systemd-logind[733]: Removed session c55.
Dec 16 07:15:28 westek sshd[9320]: Accepted password for westk from
150.252.166.116 port 50039 ssh2
Dec 16 07:15:28 westek sshd[9320]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:15:28 westek systemd-logind[733]: New session c56 of user westk.
...
Dec 16 07:17:56 westek sshd[9370]: Accepted password for westk from
50.26.189.223 port 57125 ssh2
Dec 16 07:17:56 westek sshd[9370]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:17:56 westek systemd-logind[733]: New session c57 of user westk.
Dec 16 07:17:56 westek sshd[9370]: pam_unix(sshd:session): session
closed for user westk
Dec 16 07:17:56 westek systemd-logind[733]: Removed session c57.
Dec 16 07:18:01 westek sshd[9380]: Accepted password for westk from
50.26.189.223 port 57126 ssh2
Dec 16 07:18:01 westek sshd[9380]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:18:01 westek systemd-logind[733]: New session c58 of user westk.
Dec 16 07:18:01 westek sshd[9380]: pam_unix(sshd:session): session
closed for user westk
Dec 16 07:18:01 westek systemd-logind[733]: Removed session c58.
Dec 16 07:18:10 westek sshd[9389]: Accepted password for westk from
50.26.189.223 port 57127 ssh2
Dec 16 07:18:10 westek sshd[9389]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 07:18:10 westek systemd-logind[733]: New session c59 of user westk.
Dec 16 07:18:10 westek sshd[9389]: pam_unix(sshd:session): session
closed for user westk
Dec 16 07:18:10 westek systemd-logind[733]: Removed session c59.
Thanks!
--
Kent
Pascal Hambourg
Dec 16, 2015, 2:40:05 PM12/16/15
to
Kent West a écrit :
>
> One thing I did notice in the auth logs is that the connection port
> seems to change every connection attempt; is that normal?
Yes. The client source port used by a typical TCP connection is ephemeral.
> One thing I did notice in the auth logs is that the connection port
> seems to change every connection attempt; is that normal?
David Christensen
Dec 16, 2015, 9:30:05 PM12/16/15
to
On 12/16/2015 05:29 AM, Kent West wrote:
> If I try to connect to my Debian box at work, using either my Mac's OS X
> or my Mac's Debian VM, I can connect successfully, but then immediately
> the connection is closed:
>
> Kents-MacBook-Pro:~ westk$ ssh -Y we...@westek.acu.edu
> we...@westek.acu.edu's password:
> Connection to westek.acu.edu closed by remote host.
> Connection to westek.acu.edu closed.
> Kents-MacBook-Pro:~ westk$
>
> I can ssh to a different Debian box on my work network, and then do an
> ssh hop from there to my work box.
>
> Also, if I start up the Virtual Private Network (VPN) client first, so
> that I'm essentially on my work network rather than on my home network,
> I get connected successfully.
>
> So apparently something about my Debian box at work doesn't like
> incoming ssh sessions from non-work networks. However, I can find
> nothing to configure that.
Which version of Debian?
> If I try to connect to my Debian box at work, using either my Mac's OS X
> or my Mac's Debian VM, I can connect successfully, but then immediately
> the connection is closed:
>
> Kents-MacBook-Pro:~ westk$ ssh -Y we...@westek.acu.edu
> we...@westek.acu.edu's password:
> Connection to westek.acu.edu closed by remote host.
> Connection to westek.acu.edu closed.
> Kents-MacBook-Pro:~ westk$
>
> I can ssh to a different Debian box on my work network, and then do an
> ssh hop from there to my work box.
>
> Also, if I start up the Virtual Private Network (VPN) client first, so
> that I'm essentially on my work network rather than on my home network,
> I get connected successfully.
>
> So apparently something about my Debian box at work doesn't like
> incoming ssh sessions from non-work networks. However, I can find
> nothing to configure that.
The following ideas are for Jessie.
'man ssh' tells me:
-v Verbose mode. Causes ssh to print debugging messages
about its progress. This is helpful in debugging connec-
tion, authentication, and configuration problems. Multi-
ple -v options increase the verbosity. The maximum is 3.
Add the -v option, one or more times, and see what happens.
On the destination computer, take a look at the files in /var/log
(notably auth.log and syslog).
David
Kent West
Dec 16, 2015, 10:00:05 PM12/16/15
to
On 12/16/15 8:19 PM, David Christensen wrote:
> On 12/16/2015 05:29 AM, Kent West wrote:
>> If I try to connect to my Debian box at work, using either my Mac's OS X
>> or my Mac's Debian VM, I can connect successfully, but then immediately
>> the connection is closed:
>>
>> Kents-MacBook-Pro:~ westk$ ssh -Y we...@westek.acu.edu
>> we...@westek.acu.edu's password:
>> Connection to westek.acu.edu closed by remote host.
>> Connection to westek.acu.edu closed.
>> Kents-MacBook-Pro:~ westk$
>>
>> I can ssh to a different Debian box on my work network, and then do an
>> ssh hop from there to my work box.
>>
>> Also, if I start up the Virtual Private Network (VPN) client first, so
>> that I'm essentially on my work network rather than on my home network,
>> I get connected successfully.
>>
>> So apparently something about my Debian box at work doesn't like
>> incoming ssh sessions from non-work networks. However, I can find
>> nothing to configure that.
>
> Which version of Debian?
>
stretch/sid
>
> The following ideas are for Jessie.
>
>
> 'man ssh' tells me:
>
> -v Verbose mode. Causes ssh to print debugging messages
> about its progress. This is helpful in debugging connec-
> tion, authentication, and configuration problems. Multi-
> ple -v options increase the verbosity. The maximum is 3.
>
> Add the -v option, one or more times, and see what happens.
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 102: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to westek.acu.edu [150.252.155.27] port 22.
debug1: Connection established.
debug1: identity file /Users/westk/.ssh/id_rsa type -1
debug1: identity file /Users/westk/.ssh/id_rsa-cert type -1
debug1: identity file /Users/westk/.ssh/id_dsa type -1
debug1: identity file /Users/westk/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version xxxxxxx
debug1: no match: xxxxxxx
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "westek.acu.edu" from
file "/Users/westk/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file
/Users/westk/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs:
ssh-rsa-...@openssh.com,ssh-rsa-...@openssh.com,ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit:
ssh-rsa-...@openssh.com,ssh-rsa-...@openssh.com,ssh-rsa,ssh-dss-...@openssh.com,ssh-dss-...@openssh.com,ssh-dss
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes12...@openssh.com,aes25...@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes12...@openssh.com,aes25...@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit:
hmac-m...@openssh.com,hmac-s...@openssh.com,umac-...@openssh.com,umac-1...@openssh.com,hmac-sha...@openssh.com,hmac-sha...@openssh.com,hmac-ripe...@openssh.com,hmac-sha...@openssh.com,hmac-md...@openssh.com,hmac-md5,hmac-sha1,uma...@openssh.com,umac...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-m...@openssh.com,hmac-s...@openssh.com,umac-...@openssh.com,umac-1...@openssh.com,hmac-sha...@openssh.com,hmac-sha...@openssh.com,hmac-ripe...@openssh.com,hmac-sha...@openssh.com,hmac-md...@openssh.com,hmac-md5,hmac-sha1,uma...@openssh.com,umac...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 129/256
debug2: bits set: 1023/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 70:d8:45:fd:9a:55:05:f6:97:18:01:45:5c:06:77:19
debug3: load_hostkeys: loading entries for host "westek.acu.edu" from
file "/Users/westk/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file
/Users/westk/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "150.252.155.27" from
file "/Users/westk/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file
/Users/westk/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug1: Host 'westek.acu.edu' is known and matches the RSA host key.
debug1: Found key in /Users/westk/.ssh/known_hosts:1
debug2: bits set: 1007/2048
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/westk/.ssh/id_rsa (0x0),
debug2: key: /Users/westk/.ssh/id_dsa (0x0),
debug1: Authentications that can continue: password
debug3: start over, passed a different list password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup password
debug3: remaining preferred: ,keyboard-interactive,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
we...@westek.acu.edu's password:
debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
Authenticated to westek.acu.edu ([150.252.155.27]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t3 r-1 i0/0 o0/0 fd 5/6 cc -1)
Transferred: sent 2208, received 1696 bytes, in 0.0 seconds
Bytes per second: sent 68746.8, received 52805.5
debug1: Exit status -1
Kents-MacBook-Pro:~ westk$
>
>
> On the destination computer, take a look at the files in /var/log
> (notably auth.log and syslog).
>
Dec 16 20:51:53 westek sshd[17550]: Accepted password for westk from
50.26.189.223 port 60677 ssh2
Dec 16 20:51:53 westek sshd[17550]: pam_unix(sshd:session): session
opened for user westk by (uid=0)
Dec 16 20:51:53 westek systemd-logind[733]: New session c70 of user westk.
Dec 16 20:51:53 westek sshd[17550]: pam_unix(sshd:session): session
closed for user westk
Dec 16 20:51:53 westek systemd-logind[733]: Removed session c70.
Dec 16 20:51:59 westek sudo: westk : TTY=pts/4 ; PWD=/home/westk ;
USER=root ; COMMAND=/usr/bin/tail /var/log/auth.log
Dec 16 20:51:59 westek sudo: pam_unix(sudo:session): session opened for
user root by westk(uid=0)
westk@westek:~$ sudo tail -20 /var/log/syslog
Dec 16 20:50:21 westek console-kit-daemon[1519]: (process:17519):
GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
Dec 16 20:50:21 westek console-kit-daemon[1519]: missing action
Dec 16 20:50:21 westek console-kit-daemon[1519]: (process:17524):
GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
Dec 16 20:50:21 westek console-kit-daemon[1519]: missing action
Dec 16 20:50:21 westek console-kit-daemon[1519]: GLib-CRITICAL: Source
ID 1403 was not found when attempting to remove it
Dec 16 20:50:21 westek console-kit-daemon[1519]:
console-kit-daemon[1519]: GLib-CRITICAL: Source ID 1403 was not found
when attempting to remove it
Dec 16 20:51:19 westek systemd[1]: Started Session c69 of user westk.
Dec 16 20:51:19 westek console-kit-daemon[1519]: (process:17541):
GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
Dec 16 20:51:19 westek console-kit-daemon[1519]: missing action
Dec 16 20:51:19 westek console-kit-daemon[1519]: (process:17546):
GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
Dec 16 20:51:19 westek console-kit-daemon[1519]: missing action
Dec 16 20:51:19 westek console-kit-daemon[1519]:
console-kit-daemon[1519]: GLib-CRITICAL: Source ID 1421 was not found
when attempting to remove it
Dec 16 20:51:19 westek console-kit-daemon[1519]: GLib-CRITICAL: Source
ID 1421 was not found when attempting to remove it
Dec 16 20:51:53 westek systemd[1]: Started Session c70 of user westk.
Dec 16 20:51:53 westek console-kit-daemon[1519]: (process:17553):
GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
Dec 16 20:51:53 westek console-kit-daemon[1519]: missing action
Dec 16 20:51:53 westek console-kit-daemon[1519]: (process:17558):
GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
Dec 16 20:51:53 westek console-kit-daemon[1519]: missing action
Dec 16 20:51:53 westek console-kit-daemon[1519]: GLib-CRITICAL: Source
ID 1439 was not found when attempting to remove it
Dec 16 20:51:53 westek console-kit-daemon[1519]:
console-kit-daemon[1519]: GLib-CRITICAL: Source ID 1439 was not found
when attempting to remove it
westk@westek:~$
> David
>
David Christensen
Dec 16, 2015, 11:00:04 PM12/16/15
to
On 12/16/2015 06:54 PM, Kent West wrote:
> westk@westek:~$ cat /etc/debian_version
> stretch/sid
So, Debian Testing (Stretch).
> westk@westek:~$ cat /etc/debian_version
> stretch/sid
You have a newer version of openssh-server (1:6.9p1-3) than I do
(1:6.7p1-5). Check your 'man sshd_config' carefully.
> Kents-MacBook-Pro:~ westk$ ssh -vvv we...@westek.acu.edu
> OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
> debug1: Reading configuration data /etc/ssh_config
> we...@westek.acu.edu's password:
> debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)
> debug2: we sent a password packet, wait for reply
> debug1: Authentication succeeded (password).
> Authenticated to westek.acu.edu ([150.252.155.27]:22).
> debug1: channel 0: new [client-session]
> debug3: ssh_session2_open: channel_new: 0
> debug2: channel 0: send open
> debug1: Entering interactive session.
> debug1: channel 0: free: client-session, nchannels 1
> debug3: channel 0: status: The following connections are open:
> #0 client-session (t3 r-1 i0/0 o0/0 fd 5/6 cc -1)
>
> Connection to westek.acu.edu closed by remote host.
> Connection to westek.acu.edu closed.
> Transferred: sent 2208, received 1696 bytes, in 0.0 seconds
> Bytes per second: sent 68746.8, received 52805.5
> debug1: Exit status -1
...
> debug3: packet_send2: adding 64 (len 58 padlen 6 extra_pad 64)
> debug2: we sent a password packet, wait for reply
> debug1: Authentication succeeded (password).
> Authenticated to westek.acu.edu ([150.252.155.27]:22).
> debug1: channel 0: new [client-session]
> debug3: ssh_session2_open: channel_new: 0
> debug2: channel 0: send open
> debug1: Entering interactive session.
> debug1: channel 0: free: client-session, nchannels 1
> debug3: channel 0: status: The following connections are open:
> #0 client-session (t3 r-1 i0/0 o0/0 fd 5/6 cc -1)
>
> Connection to westek.acu.edu closed by remote host.
> Connection to westek.acu.edu closed.
> Transferred: sent 2208, received 1696 bytes, in 0.0 seconds
> Bytes per second: sent 68746.8, received 52805.5
> debug1: Exit status -1
> westk@westek:~$ sudo tail /var/log/auth.log
> Dec 16 20:51:53 westek sshd[17550]: Accepted password for westk from
> 50.26.189.223 port 60677 ssh2
> Dec 16 20:51:53 westek sshd[17550]: pam_unix(sshd:session): session
> opened for user westk by (uid=0)
> Dec 16 20:51:53 westek systemd-logind[733]: New session c70 of user westk.
> Dec 16 20:51:53 westek sshd[17550]: pam_unix(sshd:session): session
> closed for user westk
> Dec 16 20:51:53 westek systemd-logind[733]: Removed session c70.
As you said, you get in and then you're kicked out.
> Dec 16 20:51:53 westek sshd[17550]: Accepted password for westk from
> 50.26.189.223 port 60677 ssh2
> Dec 16 20:51:53 westek sshd[17550]: pam_unix(sshd:session): session
> opened for user westk by (uid=0)
> Dec 16 20:51:53 westek systemd-logind[733]: New session c70 of user westk.
> Dec 16 20:51:53 westek sshd[17550]: pam_unix(sshd:session): session
> closed for user westk
> Dec 16 20:51:53 westek systemd-logind[733]: Removed session c70.
Is the FQDN form required from the remote host?
ssh we...@westek.acu.edu
What happens if you use the FQDN from from a host on the same LAN
segment as the destination?
What about shorter forms from both locations?
ssh westk@westek
ssh westek
A trouble-shooting idea -- capture the output of 'ssh -vvv ...' into
text files for a failure and for a success, and then 'diff' the two files.
Another thought -- there are two Auth* words: Authentication and
Authorization. It looks like remote login passes the first, but fails
the second. Any ideas why?
A possible work-around -- put your SSH public key on the remote host
into the authorized_keys file on the destination host and see what happens.
> westk@westek:~$ sudo tail -20 /var/log/syslog
> Dec 16 20:51:19 westek systemd[1]: Started Session c69 of user westk.
> Dec 16 20:51:19 westek console-kit-daemon[1519]: (process:17541):
> GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
> Dec 16 20:51:19 westek console-kit-daemon[1519]: missing action
> Dec 16 20:51:19 westek console-kit-daemon[1519]: (process:17546):
> GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
> Dec 16 20:51:19 westek console-kit-daemon[1519]: missing action
> Dec 16 20:51:19 westek console-kit-daemon[1519]:
> console-kit-daemon[1519]: GLib-CRITICAL: Source ID 1421 was not found
> when attempting to remove it
> Dec 16 20:51:19 westek console-kit-daemon[1519]: GLib-CRITICAL: Source
> ID 1421 was not found when attempting to remove it
> Dec 16 20:51:53 westek systemd[1]: Started Session c70 of user westk.
> Dec 16 20:51:53 westek console-kit-daemon[1519]: (process:17553):
> GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
> Dec 16 20:51:53 westek console-kit-daemon[1519]: missing action
> Dec 16 20:51:53 westek console-kit-daemon[1519]: (process:17558):
> GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
> Dec 16 20:51:53 westek console-kit-daemon[1519]: missing action
> Dec 16 20:51:53 westek console-kit-daemon[1519]: GLib-CRITICAL: Source
> ID 1439 was not found when attempting to remove it
> Dec 16 20:51:53 westek console-kit-daemon[1519]:
> console-kit-daemon[1519]: GLib-CRITICAL: Source ID 1439 was not found
> when attempting to remove it
The console-kit-daemon error messages look to be independent of the sshd
> Dec 16 20:51:19 westek console-kit-daemon[1519]: (process:17541):
> GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
> Dec 16 20:51:19 westek console-kit-daemon[1519]: missing action
> Dec 16 20:51:19 westek console-kit-daemon[1519]: (process:17546):
> GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
> Dec 16 20:51:19 westek console-kit-daemon[1519]: missing action
> Dec 16 20:51:19 westek console-kit-daemon[1519]:
> console-kit-daemon[1519]: GLib-CRITICAL: Source ID 1421 was not found
> when attempting to remove it
> Dec 16 20:51:19 westek console-kit-daemon[1519]: GLib-CRITICAL: Source
> ID 1421 was not found when attempting to remove it
> Dec 16 20:51:53 westek systemd[1]: Started Session c70 of user westk.
> Dec 16 20:51:53 westek console-kit-daemon[1519]: (process:17553):
> GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
> Dec 16 20:51:53 westek console-kit-daemon[1519]: missing action
> Dec 16 20:51:53 westek console-kit-daemon[1519]: (process:17558):
> GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
> Dec 16 20:51:53 westek console-kit-daemon[1519]: missing action
> Dec 16 20:51:53 westek console-kit-daemon[1519]: GLib-CRITICAL: Source
> ID 1439 was not found when attempting to remove it
> Dec 16 20:51:53 westek console-kit-daemon[1519]:
> console-kit-daemon[1519]: GLib-CRITICAL: Source ID 1439 was not found
> when attempting to remove it
remote login issue (?).
I wonder if it possible to start another instance of sshd on another
port with debugging enabled and test that?
David
0 new messages