You are not logged in.
- Followed the wiki: https://wiki.archlinux.org/index.php/SSH
- Able to "ssh localhost" and "ssh 192.168.x.x" (on same machine sshd is installed on)
- Cannot "ssh external.ip.address" nor "ssh xxx.dyndns-home.com" -> Permission denied (publickey,password)
- Cannot "ssh 192.168.x.x" into machine from another computer on same network (WinXP, PuTTY) -> "Disconnected. No supported authentication methods available"
- Port 22 is forwarded correctly via the router
/etc/ssh/sshd_config
Protocol 2
LoginGraceTime 2m
PermitRootLogin no
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes
Subsystem sftp /usr/lib/ssh/sftp-server
/etc/hosts.allow
sshd: ALL
/etc/hosts.deny
ALL: ALL
ls -la ~/.ssh
drwx------ 2 me users 4.0K Mar 14 18:45 ./
drwx------ 37 me users 4.0K Mar 14 19:11 ../
-rw------- 1 me users 266 Mar 14 18:44 authorized_keys
-rw------- 1 me users 444 Mar 14 18:43 id_ecdsa
-rw-r--r-- 1 me users 594 Mar 14 18:45 known_hosts
ssh -v me@external.ip.address
OpenSSH_5.8p1, OpenSSL 1.0.0d 8 Feb 2011
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
debug1: Connection established.
debug1: identity file /home/me/.ssh/id_rsa type -1
debug1: identity file /home/me/.ssh/id_rsa-cert type -1
debug1: identity file /home/me/.ssh/id_dsa type -1
debug1: identity file /home/me/.ssh/id_dsa-cert type -1
debug1: identity file /home/me/.ssh/id_ecdsa type -1
debug1: identity file /home/me/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version dropbear_0.46
debug1: no match: dropbear_0.46
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client 3des-cbc hmac-md5 none
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Server host key: RSA 02:fd:a6:62:e7:0b:8c:96:68:1a:25:27:30:82:9c:7b
debug1: Host 'x.x.x.x' is known and matches the RSA host key.
debug1: Found key in /home/me/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/me/.ssh/id_rsa
debug1: Trying private key: /home/me/.ssh/id_dsa
debug1: Trying private key: /home/me/.ssh/id_ecdsa
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/me/.ssh/id_ecdsa':
debug1: read PEM private key done: type ECDSA
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
me@x.x.x.x's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
me@x.x.x.x's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
me@60.240.59.78's password:
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
Permission denied (publickey,password).
cat /ar/log/auth.log
Mar 14 18:39:27 localhost sudo: me : TTY=pts/10 ; PWD=/home/me ; USER=root ; COMMAND=/usr/bin/vim /etc/ssh/sshd_config
Mar 14 18:39:27 localhost sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
Mar 14 18:40:42 localhost sudo: me : TTY=pts/10 ; PWD=/home/me ; USER=root ; COMMAND=/usr/bin/vim /etc/hosts.allow
Mar 14 18:40:42 localhost sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
Mar 14 18:41:06 localhost sudo: me : TTY=pts/10 ; PWD=/home/me ; USER=root ; COMMAND=/usr/bin/vim /etc/hosts
Mar 14 18:41:06 localhost sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
Mar 14 18:41:12 localhost sudo: me : TTY=pts/10 ; PWD=/home/me ; USER=root ; COMMAND=/usr/bin/vim /etc/hosts.deny
Mar 14 18:41:12 localhost sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
Mar 14 18:41:28 localhost sudo: me : TTY=pts/10 ; PWD=/home/me ; USER=root ; COMMAND=/etc/rc.d/sshd stop
Mar 14 18:41:28 localhost sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
Mar 14 18:41:28 localhost sshd[2730]: Received signal 15; terminating.
Mar 14 18:41:30 localhost sudo: me : TTY=pts/10 ; PWD=/home/me ; USER=root ; COMMAND=/etc/rc.d/sshd stop
Mar 14 18:41:30 localhost sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
Mar 14 18:43:01 localhost sudo: me : TTY=pts/10 ; PWD=/home/me ; USER=root ; COMMAND=/etc/rc.d/sshd start
Mar 14 18:43:01 localhost sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
Mar 14 18:43:01 localhost sshd[3252]: Server listening on 0.0.0.0 port 22.
Mar 14 18:43:01 localhost sshd[3252]: Server listening on :: port 22.
Mar 14 18:45:16 localhost sshd[3286]: Accepted publickey for me from ::1 port 44144 ssh2
Mar 14 18:45:16 localhost sshd[3286]: pam_unix_session(sshd:session): session opened for user me by (uid=0)
Mar 14 18:45:18 localhost sshd[3291]: Received disconnect from ::1: 11: disconnected by user
Mar 14 18:45:18 localhost sshd[3286]: pam_unix_session(sshd:session): session closed for user me
Mar 14 18:45:29 localhost sshd[3298]: Accepted publickey for me from 192.168.1.2 port 32867 ssh2
Mar 14 18:45:29 localhost sshd[3298]: pam_unix_session(sshd:session): session opened for user me by (uid=0)
Mar 14 18:45:41 localhost sshd[3300]: Received disconnect from 192.168.1.2: 11: disconnected by user
Mar 14 18:45:41 localhost sshd[3298]: pam_unix_session(sshd:session): session closed for user me
Mar 14 19:07:31 localhost sudo: me : TTY=pts/10 ; PWD=/home/me ; USER=root ; COMMAND=/usr/bin/vim /etc/ssh/sshd_config
Mar 14 19:07:31 localhost sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
Mar 14 19:09:53 localhost sudo: pam_unix(sudo:session): session closed for user me
Mar 14 19:15:09 localhost sudo: me : TTY=pts/10 ; PWD=/var/log ; USER=root ; COMMAND=/bin/cat /var/log/auth.log
Mar 14 19:15:09 localhost sudo: pam_unix(sudo:session): session opened for user root by (uid=1000)
Thanks in advance for any help!
EDIT: Problem disappeared on fresh install after hosts.allow and hosts.deny were deprecated
Last edited by w0ng (2012-03-23 06:46:39)
All configs @ https://github.com/w0ng
Offline
I notice your configuration have these line:
PasswordAuthentication no
ChallengeResponseAuthentication no
So you might want to take a look at this
https://wiki.archlinux.org/index.php/Using_SSH_Keys
Or you can try removing these lines.
tsujeruplive, tnarongisi... ... ... ... ɥsılƃuǝ sı sıɥʇ
Offline
I notice your configuration have these line:
PasswordAuthentication no ChallengeResponseAuthentication no
So you might want to take a look at this
https://wiki.archlinux.org/index.php/Using_SSH_KeysOr you can try removing these lines.
- Tried removing those two lines.
- Restarted sshd.
- Deleted contents of ~/.ssh/
ssh -v me@external.ip.address
OpenSSH_5.8p1, OpenSSL 1.0.0d 8 Feb 2011
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to x.x.x.x [x.x.x.x] port 22.
debug1: Connection established.
debug1: identity file /home/me/.ssh/id_rsa type -1
debug1: identity file /home/me/.ssh/id_rsa-cert type -1
debug1: identity file /home/me/.ssh/id_dsa type -1
debug1: identity file /home/me/.ssh/id_dsa-cert type -1
debug1: identity file /home/me/.ssh/id_ecdsa type -1
debug1: identity file /home/me/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version dropbear_0.46
debug1: no match: dropbear_0.46
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client 3des-cbc hmac-md5 none
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Server host key: RSA 02:fd:a6:62:e7:0b:8c:96:68:1a:25:27:30:82:9c:7b
The authenticity of host '60.240.59.78 (60.240.59.78)' can't be established.
RSA key fingerprint is 02:fd:a6:62:e7:0b:8c:96:68:1a:25:27:30:82:9c:7b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'x.x.x.x' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/me/.ssh/id_rsa
debug1: Trying private key: /home/me/.ssh/id_dsa
debug1: Trying private key: /home/me/.ssh/id_ecdsa
debug1: Next authentication method: password
me@x.x.x.x's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
me@x.x.x.x's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
me@x.x.x.x's password:
debug1: Authentications that can continue: publickey,password
debug1: No more authentication methods to try.
Permission denied (publickey,password).
All configs @ https://github.com/w0ng
Offline
I'm not sure what wrong. I myself have never installed SSH before
Try running "cat /var/log/messages.log | grep ssh".
tsujeruplive, tnarongisi... ... ... ... ɥsılƃuǝ sı sıɥʇ
Offline
Try running the server in debug mode:
/usr/sbin/sshd -Dd -p2222
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
port 33130 was forwarded for utorrent in windows (dual boot) on same machine.
thus, certain it's properly forwarded and working fine
still don't know whats happening. please help
sudo /usr/sbin/sshd -Dd -p 31330
debug1: sshd version OpenSSH_5.8p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: read PEM private key done: type ECDSA
debug1: private host key: #2 type 3 ECDSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-Dd'
debug1: rexec_argv[2]='-p'
debug1: rexec_argv[3]='31330'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 31330 on 0.0.0.0.
Server listening on 0.0.0.0 port 31330.
debug1: Bind to port 31330 on ::.
Server listening on :: port 31330.
netstat -tlnp
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:31330 0.0.0.0:* LISTEN -
tcp 0 0 :::6600 :::* LISTEN 1419/mpd
tcp 0 0 :::31330 :::* LISTEN -
tcp 0 0 :::6667 :::* LISTEN -
ssh -v my.external.ip.address -p 31330
OpenSSH_5.8p1, OpenSSL 1.0.0d 8 Feb 2011
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to x.x.x.x [x.x.x.x] port 31330.
debug1: connect to address x.x.x.x port 31330: Connection refused
ssh: connect to host x.x.x.x port 31330: Connection refused
All configs @ https://github.com/w0ng
Offline
sudo /usr/sbin/sshd -Dd -p 31330
debug1: sshd version OpenSSH_5.8p1 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: read PEM private key done: type ECDSA debug1: private host key: #2 type 3 ECDSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-Dd' debug1: rexec_argv[2]='-p' debug1: rexec_argv[3]='31330' Set /proc/self/oom_score_adj from 0 to -1000 debug1: Bind to port 31330 on 0.0.0.0. Server listening on 0.0.0.0 port 31330. debug1: Bind to port 31330 on ::. Server listening on :: port 31330.
You need to try connecting on port 31330 and see what this says then (eg, it might complain about permissions or something.) If it doesn't give you anything useful, try again with a higher verbosity (add additional -v flags)
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline