You are not logged in.

#1 2013-04-17 00:37:43

justcop
Member
Registered: 2013-04-17
Posts: 4

Problems logging in to ssh

I was having some problems logging in with any user except root so I took some advice from a forum post somewhere and updated pam, I also installed another package from AUR called pam-*something* but I can't remeber what it was

Now whenever I try and log in with any account I just get the message

Connection closed by [MY IP ADDRESS]

The system setup means I can only access by ssh, fortunately for some reason I can still login to sftp with the root user to look at any log files and/or change something.
Can anyone give me any hints on what log files i should be looking at and if there is anything I can do to fix the problem

Any help would be greatly appreciated.

Offline

#2 2013-04-17 00:46:58

jasonwryan
Forum & Wiki Admin
From: .nz
Registered: 2009-05-09
Posts: 19,061
Website

Re: Problems logging in to ssh

You can look back through pacman's log to see what else you installed.

You will need to provide more information about your setup: are you using keys or password? Did you edit sshd_config? What is the verbose output of ssh?
Please see How To Ask Questions The Smart Way


Arch + dwm   •   Mercurial repos  •   Github

Registered Linux User #482438

Online

#3 2013-04-17 01:09:10

justcop
Member
Registered: 2013-04-17
Posts: 4

Re: Problems logging in to ssh

Apologies, I've been using linux, mainly ubuntu for several years but my knowledge is still fairly basic, I would be grateful if you could guide me through helping to give you all the information you need to help me but I'll do my best from what you asked already.



1. I use a password to log in to ssh, there are keyfiles that are auomatically generated when I log in from a new device, but I assume you're not referring to that.

2. I did edit sshd_config, all I did was uncomment

PasswordAuthentication yes

I have already reversed this manually but have not been able to reboot to see if that will make any difference as I need my dad to wake up first as the computer is not here with me!

3. The only output I get when I try and login with ssh is as mentioned above

Connection closed by [MY IP ADDRESS OF MACHINE I'M LOGGING IN TO]

If there is some behind the scenes log file I suppose that will be useful.

4. Logging through the pacman log i note

[2013-04-16 19:35] Running 'pacman -S pam'
[2013-04-16 19:35] upgraded pam (1.1.5-4 -> 1.1.6-1)
[2013-04-16 19:36] Running 'pacman -S pam-base'

I think the second one didn't install with pacman but i found it in AUR

If theres anything else I can tell you to help me then just please let me know.

Last edited by justcop (2013-04-17 01:14:40)

Offline

#4 2013-04-17 01:30:41

jasonwryan
Forum & Wiki Admin
From: .nz
Registered: 2009-05-09
Posts: 19,061
Website

Re: Problems logging in to ssh

Run ssh in verbose mode; it will print helpful error messages...

ssh -vvv user@host

Arch + dwm   •   Mercurial repos  •   Github

Registered Linux User #482438

Online

#5 2013-04-17 01:36:58

justcop
Member
Registered: 2013-04-17
Posts: 4

Re: Problems logging in to ssh

output of ssh root@[myip}

OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to MYUSERNAME.homedns.org [MYIP] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/MYUSERNAME/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/MYUSERNAME/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/MYUSERNAME/.ssh/id_rsa-cert type -1
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/MYUSERNAME/.ssh/id_dsa" as a RSA1 public key
debug1: identity file /home/MYUSERNAME/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/MYUSERNAME/.ssh/id_dsa-cert type -1
debug1: identity file /home/MYUSERNAME/.ssh/id_ecdsa type -1
debug1: identity file /home/MYUSERNAME/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0
debug1: match: OpenSSH_6.0 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "MYUSERNAME.homedns.org" from file "/home/MYUSERNAME/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/MYUSERNAME/.ssh/known_hosts:12
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 26:89:6d:b6:14:6f:78:97:c0:17:5f:5b:85:04:57:89
debug3: load_hostkeys: loading entries for host "MYUSERNAME.homedns.org" from file "/home/MYUSERNAME/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/MYUSERNAME/.ssh/known_hosts:12
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "MYIP" from file "/home/MYUSERNAME/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/MYUSERNAME/.ssh/known_hosts:14
debug3: load_hostkeys: loaded 1 keys
debug1: Host 'MYUSERNAME.homedns.org' is known and matches the ECDSA host key.
debug1: Found key in /home/MYUSERNAME/.ssh/known_hosts:12
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/MYUSERNAME/.ssh/id_rsa (0x21222880)
debug2: key: /home/MYUSERNAME/.ssh/id_dsa (0x21224f28)
debug2: key: /home/MYUSERNAME/.ssh/id_ecdsa ((nil))
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/MYUSERNAME/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
Connection closed by MYIP
MYUSERNAME@MYUSERNAME-desktop:~$ ssh -vvv root@MYUSERNAME.homedns.org
OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to MYUSERNAME.homedns.org [MYIP] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/MYUSERNAME/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/MYUSERNAME/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/MYUSERNAME/.ssh/id_rsa-cert type -1
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/MYUSERNAME/.ssh/id_dsa" as a RSA1 public key
debug1: identity file /home/MYUSERNAME/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/MYUSERNAME/.ssh/id_dsa-cert type -1
debug1: identity file /home/MYUSERNAME/.ssh/id_ecdsa type -1
debug1: identity file /home/MYUSERNAME/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0
debug1: match: OpenSSH_6.0 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "MYUSERNAME.homedns.org" from file "/home/MYUSERNAME/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/MYUSERNAME/.ssh/known_hosts:12
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 26:89:6d:b6:14:6f:78:97:c0:17:5f:5b:85:04:57:89
debug3: load_hostkeys: loading entries for host "MYUSERNAME.homedns.org" from file "/home/MYUSERNAME/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/MYUSERNAME/.ssh/known_hosts:12
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "MYIP" from file "/home/MYUSERNAME/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/MYUSERNAME/.ssh/known_hosts:14
debug3: load_hostkeys: loaded 1 keys
debug1: Host 'MYUSERNAME.homedns.org' is known and matches the ECDSA host key.
debug1: Found key in /home/MYUSERNAME/.ssh/known_hosts:12
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/MYUSERNAME/.ssh/id_rsa (0x220a5898)
debug2: key: /home/MYUSERNAME/.ssh/id_dsa (0x220a7f40)
debug2: key: /home/MYUSERNAME/.ssh/id_ecdsa ((nil))
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/MYUSERNAME/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply

Its starting to become clear that this is something to do with the key files, is that what this log says?

Offline

#6 2013-04-17 01:56:24

jasonwryan
Forum & Wiki Admin
From: .nz
Registered: 2009-05-09
Posts: 19,061
Website

Re: Problems logging in to ssh

Yes, your Ubuntu/Debian config seems to be looking for a key, id_rsa.


Arch + dwm   •   Mercurial repos  •   Github

Registered Linux User #482438

Online

#7 2013-04-17 03:02:12

justcop
Member
Registered: 2013-04-17
Posts: 4

Re: Problems logging in to ssh

Do you have any idea specifically how i would solve this?

I have tried logging in from ipad, phone, other computer and this doesnt help

Offline

#8 2013-04-17 03:12:56

jasonwryan
Forum & Wiki Admin
From: .nz
Registered: 2009-05-09
Posts: 19,061
Website

Re: Problems logging in to ssh

My advice would be to set up keys properly; it is the most secure way to manage SSH logins and will likely clear up your issue in the process.

See the wiki page for the details: https://wiki.archlinux.org/index.php/SSH_Keys


Arch + dwm   •   Mercurial repos  •   Github

Registered Linux User #482438

Online

#9 2013-04-17 04:25:05

Inxsible
Forum Fellow
From: Chicago
Registered: 2008-06-09
Posts: 9,073

Re: Problems logging in to ssh

justcop wrote:

Do you have any idea specifically how i would solve this?

I have tried logging in from ipad, phone, other computer and this doesnt help

Are you using one of these keys to login ? If you are using a simple user/password to login you can simply ignore the warnings for id_rsa id_dsa etc. There were a couple of threads on this issue with a workaround given in those as well. I will have to look for them.


Forum Rules

There's no such thing as a stupid question, but there sure are a lot of inquisitive idiots !

Offline

#10 2013-04-17 07:17:59

teateawhy
Member
From: GER
Registered: 2012-03-05
Posts: 1,059
Website

Re: Problems logging in to ssh

justcop wrote:

[2013-04-16 19:36] Running 'pacman -S pam-base'
I think the second one didn't install with pacman but i found it in AUR

You can not install AUR packages with pacman -S ?
Also pacman IS used for installing AUR packages but with -U instead ...

Last edited by teateawhy (2013-04-17 07:18:53)

Offline

Board footer

Powered by FluxBB