login about faq

Hi,

I'm trying to set up a couple of servers on Windows to accept ssh logins. On one of them, virtual001, I have version 6.1.4.83, and I've set it to the default settings. On the other, virtual002, I have version 6.0.12.50. I can connect to virtual002 without problems; when I try to connect to virtual001 it asks me for my password, apparently authenticates that without problem, then immediately closes the connection:



SSH from unix001 to virtual002:

adam@unix001:(no_env):/users/adam $ ssh adam@virtual002 adam@virtual002's password: Authentication successful.
Last login: Fri Feb 04 2011 10:34:52 +0100
Your password will expire in 14 days.
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\adam>exit

adam@unix001:(no_env):/users/adam $



SSH from unix001 to virtual001:

adam@unix001:(no_env):/users/adam $ ssh adam@virtual001
adam@virtual001's password:
Authentication successful.
Last login: Fri Feb 04 2011 12:08:27 +0100
Your password will expire in 14 days.
adam@unix001:(no_env):/users/adam $



The event logs (application) are basically identical for the two boxes in the first few seconds after the connection is established – a success audit, then a string of information entries, then another success audit about 5 second later. At this point they diverge:

18:51:09 SSH Tectia Server None 0 N/A VIRTUAL001

402 Disconnect, Reason: By application, Src: unix001, Src IP: xxx.xxx.xxx.xxx, Dst IFace: listener, Dst IP: xxx.xxx.xxx.xxx, Src Port: 42163, Dst Port: 22, "Connection discarded by broker, Remote Disconnect", Session-Id: 3

18:51:09 SSH Tectia Server None 0 N/A VIRTUAL001

412 Logout, Username: DOMAIN\adam, Reason: By application, Src: unix001, Src IP: xxx.xxx.xxx.xxx, Dst IFace: listener, Dst IP: xxx.xxx.xxx.xxx, Src Port: 42163, Dst Port: 22, "Connection discarded by broker, Remote Disconnect", Session-Id: 3

18:51:04 SSH Tectia Server None 0 N/A VIRTUAL001

1301 Channel outbound statistics, Username: uninitialized, Session-Id: 3, Channel Id: 0, Packet count: 1, Packet size: 84, Packet size: 512

18:51:04 SSH Tectia Server None 0 N/A VIRTUAL001

1300 Channel inbound statistics, Username: uninitialized, Session-Id: 3, Channel Id: 0, Packet count: 0, Packet size: 0

18:51:04 SSH Tectia Server None 0 N/A VIRTUAL001

421 Session_channel_close, Username: DOMAIN\adam, Sub ID: 0, Session-Id: 3

18:51:04 SSH Tectia Server None 0 N/A VIRTUAL001

420 Session_channel_open, Username: DOMAIN\adam, Success, Sub ID: 0, Session-Id: 3

18:51:03 SSH Tectia Server None 0 N/A VIRTUAL001

410 Login_success, Username: DOMAIN\adam, Src: unix001, Src IP: xxx.xxx.xxx.xxx, Dst IFace: listener, Dst IP: xxx.xxx.xxx.xxx, Src Port: 42163, Dst Port: 22, Ver: SSH-2.0-6.0.12.50 SSH Secure Shell, Session-Id: 3



The log-off appears to be a controlled – in fact I get the same messages from virtual002 when I request a logout nearly 8 minutes later:

19:01:11 SSH Tectia Server None 0 N/A VIRTUAL002

402 Disconnect, Reason: By application, Src: unix001, Src IP: xxx.xxx.xxx.xxx, Dst IFace: listener, Dst IP: xxx.xxx.xxx.xxx, Src Port: 42358, Dst Port: 22, "Connection discarded by broker, Remote Disconnect", Session-Id: 2

19:01:11 SSH Tectia Server None 0 N/A VIRTUAL002

412 Logout, Username: DOMAIN\adam, Reason: By application, Src: unix001, Src IP: xxx.xxx.xxx.xxx, Dst IFace: listener, Dst IP: xxx.xxx.xxx.xxx, Src Port: 42358, Dst Port: 22, "Connection discarded by broker, Remote Disconnect", Session-Id: 2

19:01:06 SSH Tectia Server None 0 N/A VIRTUAL002

421 Session_channel_close, Username: DOMAIN\adam, Sub ID: 0, Session-Id: 2

18:53:24 SSH Tectia Server None 0 N/A VIRTUAL002

420 Session_channel_open, Username: DOMAIN\adam, Success, Sub ID: 0, Session-Id: 2

18:53:23 SSH Tectia Server None 0 N/A VIRTUAL002

703 Auth_methods_available, Username: adam, Auth methods: gssapi-with-mic,publickey,keyboard-interactive, Session-Id: 2

18:53:23 SSH Tectia Server None 0 N/A VIRTUAL002

410 Login_success, Username: DOMAIN\adam, Src: unix001, Src IP: xxx.xxx.xxx.xxx, Dst IFace: listener, Dst IP: xxx.xxx.xxx.xxx, Src Port: 42358, Dst Port: 22, Ver: SSH-2.0-6.0.12.50 SSH Secure Shell, Session-Id: 2

UPDATE:

I concentrated on getting the configuration absolutely right on the server that was working (which I did) and then tried to completely replicate the configuration on the 'broken server'. I'm now getting this message:

708 Publickey_auth_error, Username: hyperion, Algorithm: publickey, "Could not find the received public key in user's public key authorization file or directory", Session-Id: 1

This is despite the fact that the key is in place (in fact, that same public key as works on the other server)

asked Mar 02 '11 at 10:36

Adam%201's gravatar image

Adam 1
3223

edited Sep 21 '11 at 17:41

SSH%20KB's gravatar image

SSH KB ♦
509249246237

Hi. Were you able to figure out what was the problem?

(Mar 02 '11 at 14:19) Roman ♦♦ Roman's gravatar image

So does the password authentication work for you now to virtual001? Was the problem in the server configuration of that host?

(Mar 11 '11 at 20:13) Roman ♦♦ Roman's gravatar image

Usually this message on the server means that the client side closed the connection:

"Connection discarded by broker, Remote Disconnect"

Are both windows servers in the same domain (or are both not in a domain)? Are you able to install the same version on both servers? Either using 6.0.12 on both servers or 6.1.4 on both? This would tell us if it's an environment-related or version-specific problem.

Can you the connection again on the client using verbose mode to see if this gives more information?

ssh -v adam@virtual002

If this doesn't give any information you can try starting the server on troubleshooting mode and check for any messages that might reveal why the connection is getting closed.

UPDATE #1:

First you should try to make it work with password authentication. Public-key authentication won't work any better if the user is for some reason not able to login with password authentication.

Here are some things you could try in order to troubleshoot this:

  • Are you able to login to the server with this same account via remote desktop?
  • Are virtual0001 and virtual0002 running the same version of Windows? If not what are the versions?
  • Is the account that you are trying to login as a domain or a local account?
    • Is this the adam account or DOMAIN\adam ?
    • If it's a domain account (named adam) is there also a local account named adam?
      • If so then try login in specifically to the domain account using this syntax:
          ssh DOMAIN\\adam@virtual001 
      • Or to the local account using:
          ssh virtual001\\adam@virtual001 
        (using two backslashes to escape them on a Unix shell so that it send one backslash)
  • When you say that "I can't access or reset the local user's password" can you elaborate on why this is not possible?
  • If you create a new local account on virtual0001, are you able to ssh to that?
link

answered Mar 02 '11 at 12:30

Roman's gravatar image

Roman ♦♦
7735817

edited Mar 16 '11 at 19:34

Hi Roman - I wasn't able to figure out the problem, I'm afraid. I've moved on a little - I concentrated on getting the configuration absolutely right on the server that was working (which I did) and then tried to completely replicate the configuration on the 'broken server'. I'm now getting this message: 708 Publickey_auth_error, Username: hyperion, Algorithm: publickey, "Could not find the received public key in user's public key authorization file or directory", Session-Id: 1

This is despite the fact that the key is in place (in fact, that same public key as works on the other server).

(Mar 11 '11 at 14:15) Adam 1 Adam%201's gravatar image

Can you verify that the key is indeed in the correct location? Try logging in using password authentication and list the contents of the .ssh2\ under your home directory.

(Mar 11 '11 at 20:20) Roman ♦♦ Roman's gravatar image

Hi Roman - the key is definitely in place - in fact, in every possible place it can be (%D.ssh2\authorized_keys as well as locations specified in settings/user-config-dir and auth-publickey/authorized-keys-directory). I've double checked the config files on both servers (one of which works perfectly) - only hostnames and ip addresses (all of which are correct) and the setting windows-terminal-mode differ. The same keys exist in the same locations on both machines. I can't log in with password - although I have admin access to both machines, I can't access or reset the local user's password.

(Mar 16 '11 at 12:12) Adam 1 Adam%201's gravatar image

Hi Adam, see the additional questions I added above to my answer. Can you please edit your original question to include answers to those?

(Mar 16 '11 at 19:35) Roman ♦♦ Roman's gravatar image

Hi Roman - I'm going to ask a new question...

(Mar 17 '11 at 11:13) Adam 1 Adam%201's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×69
×63
×2
×2

Asked: Mar 02 '11 at 10:36

Seen: 7,328 times

Last updated: Sep 21 '11 at 17:41

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.