From owner-freebsd-stable@FreeBSD.ORG Thu Nov 18 03:15:09 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0836116A4CE; Thu, 18 Nov 2004 03:15:09 +0000 (GMT) Received: from carver.gumbysoft.com (carver.gumbysoft.com [66.220.23.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id DF12A43D5D; Thu, 18 Nov 2004 03:15:08 +0000 (GMT) (envelope-from dwhite@gumbysoft.com) Received: by carver.gumbysoft.com (Postfix, from userid 1000) id D1CE272DD4; Wed, 17 Nov 2004 19:15:08 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by carver.gumbysoft.com (Postfix) with ESMTP id CCDB872DCB; Wed, 17 Nov 2004 19:15:08 -0800 (PST) Date: Wed, 17 Nov 2004 19:15:08 -0800 (PST) From: Doug White To: "Simon L. Nielsen" In-Reply-To: <20041112201212.GB772@zaphod.nitro.dk> Message-ID: <20041117191129.I29048@carver.gumbysoft.com> References: <20041112201212.GB772@zaphod.nitro.dk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-stable@freebsd.org cc: Dag-Erling Smorgrav Subject: Re: sshd stops accepting connections X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Nov 2004 03:15:09 -0000 On Fri, 12 Nov 2004, Simon L. Nielsen wrote: > Today I suddenly couldn't log in via ssh to a server I upgraded to > FreeBSD 5.3-RELEASE 4 days ago. When I tried connect to port 22 using > telnet(1) the following just happend: > > [simon@zaphod:~] telnet 192.168.3.2 22 > Trying 192.168.3.2... > Connected to jet.nitro.dk. > Escape character is '^]'. > Connection closed by foreign host. You get this if: . hosts.allow doesn't allow the client to connect. . sshd can't fork the child to handle the connection. . PAM is messed up and causes the PAM thread to abend. . the sshd privsep user has gone missing > The servar had been running FreeBSD 5.2.1 for a while without > problems. After logging in on the console and sending the sshd master > process a -HUP I could log in again (and I get the normal banner when > connecting to the port with telnet(1)). I can't rally see in the log > what happened, but there is a lot of "stale" sshd's hanging around, > like: > > root 46015 0,0 0,4 4928 2220 ?? I Ons08pm 0:00,01 sshd: blah [pam] (sshd) > root 58286 0,0 0,4 4920 2236 ?? Is Tor12pm 0:00,04 sshd: pascal [priv] (sshd) > sshd 58287 0,0 0,0 0 0 ?? Z Tor12pm 0:00,03 > root 58288 0,0 0,4 4928 2236 ?? I Tor12pm 0:00,01 sshd: pascal [pam] (sshd) > root 58932 0,0 0,4 4920 2236 ?? Is Tor01pm 0:00,05 sshd: ole_gudiksen [priv] (sshd) > sshd 58934 0,0 0,0 0 0 ?? Z Tor01pm 0:00,06 > root 58935 0,0 0,4 4928 2236 ?? I Tor01pm 0:00,01 sshd: ole_gudiksen [pam] (sshd) What ps is this? I didn't think FreeBSD's ps ouptut . > From all.log: > > Nov 11 12:04:38 nfishbone sshd[58286]: fatal: Timeout before authentication for 82.211.207.191 > Nov 11 13:02:34 nfishbone sshd[58932]: fatal: Timeout before authentication for 192.38.66.33 These are genrally normal and probaly not related to your problem... > The only odd thing I could find in the logs with regard to ssh was a > few lines like: > > Nov 11 22:35:49 nfishbone sshd[62378]: syslogin_perform_logout: logout() returned an error These are also OK and not related to your problem. -- Doug White | FreeBSD: The Power to Serve dwhite@gumbysoft.com | www.FreeBSD.org