Secure Shell
Re: Weird SSH issue. Feb 04 2011 08:18AM
Alex John (alex archeleus com) (1 replies)
Re: Weird SSH issue. Feb 05 2011 12:00AM
Richard Conto (richard conto gmail com)
On FreeBSD 7.x (and earlier), I'd see this if the number of groups "user" was in exceeded NGROUPS. FreeBSD 8.x changed this (NGROUPS increased, among other things.)

On an internal distro (based on LFS) of Linux, I'd see this if the user's shell wasn't valid.

Also, "user (uid=0)" is special to SSH... but that shouldn't be a surprise.

--- Richard

On Feb 4, 2011, at 3:18 AM, Alex John wrote:

> Hello,
>
> On 3 February 2011 07:48, Darren Tucker <dtucker (at) zip.com (dot) au [email concealed]> wrote:
>> On 3/02/11 12:20 AM, Alex John wrote:
>>>
>>> Hello, I'm having trouble connecting to any server outside my local
>>> network since like a week. I could do it without any problems before
>>> that.
>>
>> Sounds like a network problem, any recent changes?
>
> Yes, well the firewall used to be a caching proxy but the admins have
> changed that to something else like a black list (but I still can
> telnet to the server, so I don't think its blacklisted). SSH
> connections used to be going properly to just about anywhere before
> this change.
>
> Here's one possibility:
>> http://www.snailbook.com/faq/mtu-mismatch.auto.html
>>
>
> On 3 February 2011 03:08, zitstif <zitstif (at) gmail (dot) com [email concealed]> wrote:
>> Alex,
>> Out of curiosity, have you tried connecting with a different distro? Or even
>> try using putty?
>
> Yes, I've tried in gentoo/ubuntu/Windows (putty). That's all the
> distros I have at the moment.
>
> On 3 February 2011 04:38, zhong ming wu <mr.z.m.wu (at) gmail (dot) com [email concealed]> wrote:
>> That looks like the output from the client
>>
>> What do u see in server log?
>
> Here's the syslog:
>
> sshd[31757]: Accepted password for user from x.x.x.x port 51435 ssh2
> sshd[31757]: pam_unix(sshd:session): session opened for user user by (uid=0)
> sshd[31757]: lastlog_filetype: Couldn't stat /var/log/lastlog: No such
> file or directory
> sshd[31757]: lastlog_openseek: /var/log/lastlog is not a file or directory!
> sshd[31757]: lastlog_filetype: Couldn't stat /var/log/lastlog: No such
> file or directory
> sshd[31757]: lastlog_openseek: /var/log/lastlog is not a file or directory!
> sshd[31757]: pam_unix(sshd:session): session closed for user user
>
>> Maybe firewall settings changed? It may not block the port but sometimes
>> firewalls can do some weird port/protocol specific proxying
>
> Yeah, any way to pinpoint what exactly its doing to the connection?
>
> Thanks
> Alex

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus