[sf-lug] request for help re ssh -- sshd login failure

Michael Paoli Michael.Paoli at cal.berkeley.edu
Sun Feb 7 09:23:34 PST 2016 

Divide & conquer troubleshooting,

E.g. (I won't do or outline a whole flow chart or the like, I'll leave that
bit of logic flow as an exercise) ...
If one does the test where the client is also on the same server host, does it
work?  And likewise if the server is 127.0.0.1 or other localhost address?
Does password authentication on the server work, e.g. can user use su from
their login ID to their same login ID?
Can other (non-root) accounts be ssh(1)ed into?
What about options to ssh, notably -v, and using that option up to
thrice as options on the ssh(1) command line?
What about logs on the server, what do they say/suggest about
the attempts and failures?  If other accounts also work there, what
does the log show on those, and how do they differ?
Is one using or attempting to use password authentication, or is one
attempting to authenticate using ssh keys?
If keys, do the public and private key properly correspond?  (I'll
leave how to check that as an exercise - hint - read the man page
for ssh-keygen(1)).
What about the permissions on the public and private key files, and the
permissions of all ancestor directories up the physical path to those
files (sshd in particular is quite persnickety about those - and
rightfully so).  If ssh-agent is being use, what key(s) does it show as
available to the client?
Changed default sshd settings?  Uhm, did one verify any working access
and authentication via sshd first, or has one just added more variables to
the situation?
And if one boots server from "live" CD/DVD or the like, sets up
account to log into on that server, does that then work?  And what do
the logs from that look like and how do they compare/differ?
etc., etc.
What information has one found regarding troubleshooting ssh access
by, oh, gee, using The Internet, and, uhm, like a search engine?
What results have been found from such research and investigation?
https://en.wikipedia.org/wiki/Troubleshooting#Half-splitting
https://en.wikipedia.org/wiki/Divide_and_conquer_algorithms

> From: jim <jim at well.com>
> Subject: [sf-lug] request for help re ssh -- sshd login failure
> Date: Sat, 6 Feb 2016 20:27:35 +0000

> Problem : we cannot use ssh to log in on a newly installed
> Ubuntu host.
>
>
> * We have a linux machine on local network 192.168.1.119
>   See specifics for this host ( 119 ) below.
>
> * We installed openssh-server.
>
> * Using an ssh client on a Ubuntu 12.04 host on the local
>   network 192.168.1.109 we cannot log in to 119
>
> * After many attempts using the default ( yes ) settings, we
>   changed the following directive values in /etc/ssh/sshd_config
>   but with no difference in behavior or log messages.
>
>     X11Forwarding no     ## changed from  yes  to  no  20160205
>     UsePAM  no          ## changed from  yes  to  no  20160206
>
>
> 109 $ ssh lerner at 192.168.1.119
> rsa ~/.ssh/known_hosts negotiation successful
> passwd:
> Permission denied, please try again.
> ...
> 109 $
> ## see output of
> 119 $ tail -2 /var/log/auth.log
> ## at bottom of this file :
>
>     ## server listening on 0.0.0.0 port 22
>     ## server listening on :: port 22
>     ## ?? does  ::  mean 192.168.1.119 ??
>     ## ?? i.e. is sshd listing both on lo and eth0 ??
>
>
>
> -------stats for host on 192.168.1.119-------------
>
> ##------
> 119 $ uname -a
> Linux mailin 3.5.0-23-generic #35~precise1-Ubuntu SMP Fri Jan 25  
> 17:15:33 UTC 2013 i686 i686 i386 GNU/Linux
>
>
> ##------
> 119 $ cat /etc/issue
> Ubuntu 12.04.2 LTS \n \l
>
>
> ##------
> 119 $ free
>              total       used       free     shared    buffers cached
> Mem:       4013004    1503756    2509248          0     226992 821120
> -/+ buffers/cache:     455644    3557360
> Swap:      2928628          0    2928628
>
>
> ##------
> 119 $ df -h
> Filesystem      Size  Used Avail Use% Mounted on
> /dev/sda2        19G  4.6G   13G  26% /
> udev            2.0G  4.0K  2.0G   1% /dev
> tmpfs           784M  892K  783M   1% /run
> none            5.0M     0  5.0M   0% /run/lock
> none            2.0G   76K  2.0G   1% /run/shm
> /dev/sda6        37G  176M   35G   1% /var/mail
> /dev/sda5       9.2G  163M  8.6G   2% /home
> /dev/sdb1       3.8G  1.6G  2.2G  42% /media/KINGSTON
>
>
> ##------
> 119 $ sudo iptables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
>
> ##------
> 119 $ tail -2 /var/log/auth.log
> Feb  6 11:29:59 mailin sshd[8549]: Server listening on 0.0.0.0 port 22.
> Feb  6 11:29:59 mailin sshd[8549]: Server listening on :: port 22.

More information about the sf-lug mailing list