problem connecting with ssh

Hi all,

I can connect as root using ssh just fine:

[root@wkslinux etc]# ssh localhost -l root
root@localhost's password:
Last login: Wed Aug 4 23:16:43 2004 from localhost.localdomain
[root@wkslinux root]#

But when I login as another user (501), The connection is closed right
after I enter the password. Here is the end of the verbose output:

*************************************************
[root@wkslinux etc]# ssh localhost -l oracle -v -v -v
<snip>
oracle@localhost's password: *********
<snip>
debug3: tty_make_modes: 90 1
debug3: tty_make_modes: 91 1
debug3: tty_make_modes: 92 0
debug3: tty_make_modes: 93 0
debug1: channel 0: request shell
debug2: callback done
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: channel_free: channel 0: client-session, nchannels 1
debug3: channel_free: status: The following connections are open:\015
#
0 client-session (t4 r0 i0/0 o0/0 fd 4/5)\015

debug3: channel_close_fds: channel 0: r 4 w 5 e 6
Connection to localhost closed by remote host.
Connection to localhost closed.
debug1: Transferred: stdin 0, stdout 0, stderr 81 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 9328.5
debug1: Exit status -1
*************************************************

Anyone have any ideas? Below is my ssh config file

Thanks,
Tom


[root@wkslinux etc]# cat /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO

# Authentication:

#LoginGraceTime 120
#PermitRootLogin yes
#StrictModes yes

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys

# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in
/etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

#AFSTokenPassing no

# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no

# Set this to 'yes' to enable PAM keyboard-interactive authentication
# Warning: enabling this may bypass the setting of
'PasswordAuthentication'
#PAMAuthenticationViaKbdInt no

#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes

#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no

# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server

tojo wrote on 04.08.2004 23:40:

> Hi all,
>
> I can connect as root using ssh just fine:
>
> [root@wkslinux etc]# ssh localhost -l root
> root@localhost's password:
> Last login: Wed Aug 4 23:16:43 2004 from localhost.localdomain
> [root@wkslinux root]#
>
> But when I login as another user (501), The connection is closed right
> after I enter the password. Here is the end of the verbose output:
[debug]
> Anyone have any ideas? Below is my ssh config file
[sshd_config]

Just a wild guess but have you tried to give the user oracle another
shell or disable .login etc.?
What about other non-root users?

--
Cheers
Walter

tojo je dana Sri 04 Kolovoz 2004. 23:40 napisao:

> Hi all,
>
> I can connect as root using ssh just fine:
>
> [root@wkslinux etc]# ssh localhost -l root
> root@localhost's password:
> Last login: Wed Aug 4 23:16:43 2004 from localhost.localdomain
> [root@wkslinux root]#

> #PermitRootLogin yes

Try enable this .. remove #

PermitRootLogin

--
Sindikat pravosudne policije Hrvatske
http://www.spph.org/ & http://www.spph.hr/
Key ID: D7EAB63D4598BA66

druid je dana Èet 05 Kolovoz 2004. 17:36 napisao:

> PermitRootLogin
>

Default is forbiden ssh root login

--
Sindikat pravosudne policije Hrvatske
http://www.spph.org/ & http://www.spph.hr/
Key ID: D7EAB63D4598BA66

druid wrote on 05.08.2004 17:37:

> druid je dana et 05 Kolovoz 2004. 17:36 napisao:
>
>
>>PermitRootLogin
>>
>
>
> Default is forbiden ssh root login
>

As Tom wrote root login is working but not normal login...

--
Walter

On Wed, 04 Aug 2004 23:40:27 +0200, tojo wrote:

> Hi all,
>
> I can connect as root using ssh just fine:
>
> [root@wkslinux etc]# ssh localhost -l root root@localhost's password:
> Last login: Wed Aug 4 23:16:43 2004 from localhost.localdomain
> [root@wkslinux root]#
>
> But when I login as another user (501), The connection is closed right
> after I enter the password. Here is the end of the verbose output:
>
> ************************************************* [root@wkslinux etc]# ssh
> localhost -l oracle -v -v -v <snip>

(snip)

> #UsePrivilegeSeparation yes

Have you by any chance given user oracle non standard limits in
/etc/security/limits.conf?

This won't work with privilege separation enabled, it tries to change the
limit at the "wrong" time and PAM won't let it.

If this is so, disable privilege separation. Its benefit is debatable
anyway. Even if you havn't, try disabling privilege separation anyway as
it has a reputation for breaking when used in conjunction with PAM.

SuSE have changed the default for privilege separation to off in the
latest patch level of Enterprise 8, which is designed for running Oracle
BTW.

Regards, Ian

On Wed, 04 Aug 2004 23:40:27 +0200, tojo wrote:
> I can connect as root using ssh just fine:
>
> [root@wkslinux etc]# ssh localhost -l root
> root@localhost's password:
> Last login: Wed Aug 4 23:16:43 2004 from localhost.localdomain
> [root@wkslinux root]#
>
> But when I login as another user (501), The connection is closed right
> after I enter the password. Here is the end of the verbose output:

As another poster suggested, verify that you can login as that user on
that machine's console. This verifies if the login shell is valid. If the
login shell isn't good (or if it is something like true or false) then you
will not have a persistent connection. It just might be that the
disconnection is "normal operation" (the shell has completed execution).

BTW, check your log files to see what kind of messages you have there.

Do you have a /var/log/faillog (but I don't remember if sshd writes there?)?

--
Juhan Leemet
Logicognosis, Inc.

On Thu, 05 Aug 2004 19:21:05 +0200, Walter Schiessberg wrote:
> druid wrote on 05.08.2004 17:37:
>> druid je dana et 05 Kolovoz 2004. 17:36 napisao:
>>
>>>PermitRootLogin
>>
>> Default is forbiden ssh root login
>
> As Tom wrote root login is working but not normal login...

Then that is probably another thing to fix? It is generally not a good
idea to allow network root logins, since "root" is a well known account.
This means that a "cracker" only has to guess the password, and not the
username, hence it could be easier to crack. Most suggest logging in as
yourself, then "su -" to "root". This also leaves a log file entry,
indicating who has become root, for better auditing of the system.

--
Juhan Leemet
Logicognosis, Inc.

In article <(E-Mail Removed) >,
(E-Mail Removed) says...
> On Thu, 05 Aug 2004 19:21:05 +0200, Walter Schiessberg wrote:
> > druid wrote on 05.08.2004 17:37:
> >> druid je dana et 05 Kolovoz 2004. 17:36 napisao:
> >>
> >>>PermitRootLogin
> >>
> >> Default is forbiden ssh root login
> >
> > As Tom wrote root login is working but not normal login...
>
> Then that is probably another thing to fix? It is generally not a good
> idea to allow network root logins, since "root" is a well known account.
> This means that a "cracker" only has to guess the password, and not the
> username, hence it could be easier to crack. Most suggest logging in as
> yourself, then "su -" to "root". This also leaves a log file entry,
> indicating who has become root, for better auditing of the system.
>
>
I know all about this. As soon as I get a normal user connected, I can
disable root.

-- Tom