RE: [Jailkit-users] SSH Problems

jailkit-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Jailkit-users] SSH Problems

From:	Jon Gullidge
Subject:	RE: [Jailkit-users] SSH Problems
Date:	Sun, 8 Nov 2009 14:11:41 +0000

It was in /etc/shells but hadn't given itself a new line so had joined with the last line. I fixed that but it's made no difference. Although I'm unsure if I need to reload/restart anything? I did reload sshd but not changed.

The only logging from jk is on a successful SU:
Nov 8 13:22:58 crispycrisp su[21351]: Successful su for javadk by root
Nov 8 13:22:58 crispycrisp su[21351]: + pts/1 root:javadk
Nov 8 13:22:58 crispycrisp su[21351]: pam_unix(su:session): session opened for user javadk by root(uid=0)
Nov 8 13:22:58 crispycrisp jk_chrootsh[21352]: now entering jail /home/jail for user javadk (5509)

Via SSH there is no jk log:
Nov 8 13:33:05 crispycrisp sshd[22569]: Accepted keyboard-interactive/pam for javadk from 127.0.0.1 port 52381 ssh2
Nov 8 13:33:05 crispycrisp sshd[22569]: pam_unix(sshd:session): session opened for user javadk by (uid=0)
Nov 8 13:35:56 crispycrisp sshd[22569]: pam_unix(sshd:session): session closed for user javadk
Nov 8 13:36:43 crispycrisp sshd[23000]: error: PAM: Authentication failure for javadk from localhost

I turned debug3 loglevel on for SSHd. It doesn't really show a lot, but here it is incase it shows you more than it does me:
Nov 8 13:39:54 crispycrisp sshd[23440]: debug2: fd 3 setting O_NONBLOCK
Nov 8 13:39:54 crispycrisp sshd[23440]: debug1: Bind to port 60022 on ::.
Nov 8 13:39:54 crispycrisp sshd[23440]: Server listening on :: port 60022.
Nov 8 13:39:54 crispycrisp sshd[23440]: debug2: fd 4 setting O_NONBLOCK
Nov 8 13:39:54 crispycrisp sshd[23440]: debug1: Bind to port 60022 on 0.0.0.0.
Nov 8 13:39:54 crispycrisp sshd[23440]: Server listening on 0.0.0.0 port 60022.
Nov 8 13:40:01 crispycrisp cron[23457]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons )
Nov 8 13:40:11 crispycrisp sshd[23440]: debug3: fd 5 is not O_NONBLOCK
Nov 8 13:40:11 crispycrisp sshd[23488]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Nov 8 13:40:11 crispycrisp sshd[23440]: debug1: Forked child 23488.
Nov 8 13:40:11 crispycrisp sshd[23440]: debug3: send_rexec_state: entering fd = 8 config len 255
Nov 8 13:40:11 crispycrisp sshd[23440]: debug3: ssh_msg_send: type 0
Nov 8 13:40:11 crispycrisp sshd[23440]: debug3: send_rexec_state: done
Nov 8 13:40:11 crispycrisp sshd[23488]: debug1: inetd sockets after dupping: 3, 3
Nov 8 13:40:11 crispycrisp sshd[23488]: Connection from 127.0.0.1 port 50377
Nov 8 13:40:11 crispycrisp sshd[23488]: debug1: Client protocol version 2.0; client software version OpenSSH_5.1
Nov 8 13:40:11 crispycrisp sshd[23488]: debug1: match: OpenSSH_5.1 pat OpenSSH*
Nov 8 13:40:11 crispycrisp sshd[23488]: debug1: Enabling compatibility mode for protocol 2.0
Nov 8 13:40:11 crispycrisp sshd[23488]: debug1: Local version string SSH-2.0-OpenSSH_5.1
Nov 8 13:40:11 crispycrisp sshd[23488]: debug2: fd 3 setting O_NONBLOCK
Nov 8 13:40:11 crispycrisp sshd[23488]: debug2: Network child is on pid 23489
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: preauth child monitor started
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: monitor_read: checking request 0
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_answer_moduli: got parameters: 1024 1024 8192
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 1
Nov 8 13:40:11 crispycrisp sshd[23488]: debug2: monitor_read: 0 used once, disabling now
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: monitor_read: checking request 4
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_answer_sign
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_answer_sign: signature 0x80b2368(271)
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 5
Nov 8 13:40:11 crispycrisp sshd[23488]: debug2: monitor_read: 4 used once, disabling now
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: monitor_read: checking request 6
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_answer_pwnamallow
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: Trying to reverse map address 127.0.0.1.
Nov 8 13:40:11 crispycrisp sshd[23488]: debug2: parse_server_config: config reprocess config len 255
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 7
Nov 8 13:40:11 crispycrisp sshd[23488]: debug2: monitor_read: 6 used once, disabling now
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: monitor_read: checking request 45
Nov 8 13:40:11 crispycrisp sshd[23488]: debug1: PAM: initializing for "javadk"
Nov 8 13:40:11 crispycrisp sshd[23488]: debug1: PAM: setting PAM_RHOST to "localhost"
Nov 8 13:40:11 crispycrisp sshd[23488]: debug1: PAM: setting PAM_TTY to "ssh"
Nov 8 13:40:11 crispycrisp sshd[23488]: debug2: monitor_read: 45 used once, disabling now
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: monitor_read: checking request 3
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_answer_authserv: service=ssh-connection, style=
Nov 8 13:40:11 crispycrisp sshd[23488]: debug2: monitor_read: 3 used once, disabling now
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: monitor_read: checking request 8
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 9
Nov 8 13:40:11 crispycrisp sshd[23488]: debug2: monitor_read: 8 used once, disabling now
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: monitor_read: checking request 48
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_answer_pam_init_ctx
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: PAM: sshpam_init_ctx entering
Nov 8 13:40:11 crispycrisp sshd[23490]: debug3: PAM: sshpam_thread_conv entering, 1 messages
Nov 8 13:40:11 crispycrisp sshd[23490]: debug3: ssh_msg_send: type 1
Nov 8 13:40:11 crispycrisp sshd[23490]: debug3: ssh_msg_recv entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 49
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: monitor_read: checking request 50
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_answer_pam_query
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: PAM: sshpam_query entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: ssh_msg_recv entering
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 51
Nov 8 13:40:11 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:21 crispycrisp sshd[23488]: debug3: monitor_read: checking request 52
Nov 8 13:40:21 crispycrisp sshd[23488]: debug3: mm_answer_pam_respond
Nov 8 13:40:21 crispycrisp sshd[23488]: debug2: PAM: sshpam_respond entering, 1 responses
Nov 8 13:40:21 crispycrisp sshd[23488]: debug3: ssh_msg_send: type 6
Nov 8 13:40:21 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 53
Nov 8 13:40:21 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:21 crispycrisp sshd[23488]: debug3: monitor_read: checking request 50
Nov 8 13:40:21 crispycrisp sshd[23488]: debug3: mm_answer_pam_query
Nov 8 13:40:21 crispycrisp sshd[23488]: debug3: PAM: sshpam_query entering
Nov 8 13:40:21 crispycrisp sshd[23488]: debug3: ssh_msg_recv entering
Nov 8 13:40:24 crispycrisp sshd[23490]: debug3: ssh_msg_send: type 7
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: PAM: Authentication failure
Nov 8 13:40:24 crispycrisp sshd[23488]: error: PAM: Authentication failure for javadk from localhost
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 51
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: monitor_read: checking request 54
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_answer_pam_free_ctx
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: PAM: sshpam_free_ctx entering
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: PAM: sshpam_thread_cleanup entering
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 55
Nov 8 13:40:24 crispycrisp sshd[23488]: debug2: monitor_read: 54 used once, disabling now
Nov 8 13:40:24 crispycrisp sshd[23488]: Failed keyboard-interactive/pam for javadk from 127.0.0.1 port 50377 ssh2
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: monitor_read: checking request 48
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_answer_pam_init_ctx
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: PAM: sshpam_init_ctx entering
Nov 8 13:40:24 crispycrisp sshd[23517]: debug3: PAM: sshpam_thread_conv entering, 1 messages
Nov 8 13:40:24 crispycrisp sshd[23517]: debug3: ssh_msg_send: type 1
Nov 8 13:40:24 crispycrisp sshd[23517]: debug3: ssh_msg_recv entering
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 49
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: monitor_read: checking request 50
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_answer_pam_query
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: PAM: sshpam_query entering
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: ssh_msg_recv entering
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_request_send entering: type 51
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: mm_request_receive entering
Nov 8 13:40:24 crispycrisp sshd[23488]: debug1: do_cleanup
Nov 8 13:40:24 crispycrisp sshd[23488]: debug1: PAM: cleanup
Nov 8 13:40:24 crispycrisp sshd[23488]: debug3: PAM: sshpam_thread_cleanup entering
Nov 8 13:44:57 crispycrisp sshd[23440]: Received SIGHUP; restarting.

Now I know I'm using Pam, PAM set to Yes in sshd_config. I tried the chroot with PAM but it made no difference :/

> Date: Sun, 8 Nov 2009 15:01:10 +0100
> From: address@hidden
> To: address@hidden
> Subject: Re: [Jailkit-users] SSH Problems
>
> Jon Gullidge wrote:
> > If I change it in /etc/passwd to /bin/bash it lets me ssh in fine.
> > Change it back to jk_chrootsh and it fails again.
> > Hope that helps shed a bit more light for you!
>
> 1) is jk_chrootsh in /etc/shells ?
>
> 2) is there any logging from jk_chrootsh in your logs?
> grep jk_ /var/log/*
>
> Olivier
>
>
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users

Chat to your friends for free on selected mobiles. Learn more.

[Prev in Thread]

Current Thread

[Next in Thread]

[Jailkit-users] SSH Problems, Jon Gullidge, 2009/11/08
- Re: [Jailkit-users] SSH Problems, Olivier Sessink, 2009/11/08
  - RE: [Jailkit-users] SSH Problems, Jon Gullidge, 2009/11/08
    - Re: [Jailkit-users] SSH Problems, Olivier Sessink, 2009/11/08
    - RE: [Jailkit-users] SSH Problems, Jon Gullidge <=
    - Re: [Jailkit-users] SSH Problems, Olivier Sessink, 2009/11/08
    - RE: [Jailkit-users] SSH Problems, Jon Gullidge, 2009/11/09

Prev by Date: Re: [Jailkit-users] SSH Problems
Next by Date: Re: [Jailkit-users] SSH Problems
Previous by thread: Re: [Jailkit-users] SSH Problems
Next by thread: Re: [Jailkit-users] SSH Problems
Index(es):
- Date
- Thread