SSH disconnects right after accepting

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

SSH disconnects right after accepting

bonne
OpenBSD 6.4

Putty just reports "Authenticating with public key "XXX" from agent" and
then I am disconnected. If I run sshd with -ddd, I get the following
output. I can't seem to get any error, and therefor I can't tell what is
wrong. Anyone has any idea? Thanks


debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 204
debug2: parse_server_config: config /etc/ssh/sshd_config len 204
debug3: /etc/ssh/sshd_config:25 setting LogLevel DEBUG
debug3: /etc/ssh/sshd_config:30 setting PermitRootLogin no
debug3: /etc/ssh/sshd_config:39 setting AuthorizedKeysFile
.ssh/authorized_keys
debug3: /etc/ssh/sshd_config:86 setting Subsystem sftp
/usr/libexec/sftp-server
debug1: sshd version OpenSSH_7.9, LibreSSL 2.8.2
debug1: private host key #0: ssh-rsa SHA256:XXX
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:XXX
debug1: private host key #2: ssh-ed25519 SHA256:XXX
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-ddd'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: fd 5 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 8 config len 204
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
Connection from 172.17.4.3 port 63721 on 172.17.1.2 port 22 rdomain "0"
debug1: Client protocol version 2.0; client software version
PuTTY_Release_0.70
debug1: no match: PuTTY_Release_0.70
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug2: fd 3 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing pledge sandbox
debug2: Network child is on pid 89382
debug3: preauth child monitor started
debug3: privsep user:group 27:27 [preauth]
debug1: permanently_set_uid: 27/27 [preauth]
debug1: list_hostkey_types:
rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug3: send packet: type 20 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug3: receive packet: type 20 [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug2: local server KEXINIT proposal [preauth]
debug2: KEX algorithms:
curve25519-sha256,[hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
[preauth]
debug2: host key algorithms:
rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug2: ciphers ctos: [hidden email]
,aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],
[hidden email] [preauth]
debug2: ciphers stoc: [hidden email]
,aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],
[hidden email] [preauth]
debug2: MACs ctos: [hidden email],[hidden email],
[hidden email],[hidden email],
[hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[preauth]
debug2: MACs stoc: [hidden email],[hidden email],
[hidden email],[hidden email],
[hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
[preauth]
debug2: compression ctos: none,[hidden email] [preauth]
debug2: compression stoc: none,[hidden email] [preauth]
debug2: languages ctos:  [preauth]
debug2: languages stoc:  [preauth]
debug2: first_kex_follows 0  [preauth]
debug2: reserved 0  [preauth]
debug2: peer client KEXINIT proposal [preauth]
debug2: KEX algorithms:
[hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1
[preauth]
debug2: host key algorithms:
ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
[preauth]
debug2: ciphers ctos: aes256-ctr,aes256-cbc,[hidden email]
,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[hidden email],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
[preauth]
debug2: ciphers stoc: aes256-ctr,aes256-cbc,[hidden email]
,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[hidden email],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
[preauth]
debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,
[hidden email],[hidden email],
[hidden email],[hidden email] [preauth]
debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,
[hidden email],[hidden email],
[hidden email],[hidden email] [preauth]
debug2: compression ctos: none,zlib [preauth]
debug2: compression stoc: none,zlib [preauth]
debug2: languages ctos:  [preauth]
debug2: languages stoc:  [preauth]
debug2: first_kex_follows 0  [preauth]
debug2: reserved 0  [preauth]
debug1: kex: algorithm: [hidden email] [preauth]
debug1: kex: host key algorithm: ssh-ed25519 [preauth]
debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256
compression: none [preauth]
debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256
compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug3: receive packet: type 30 [preauth]
debug3: mm_sshkey_sign entering [preauth]
debug3: mm_request_send entering: type 6 [preauth]
debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
debug3: mm_request_receive_expect entering: type 7 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 6
debug3: mm_answer_sign
debug3: mm_answer_sign: hostkey proof signature 0x55e2cd00(83)
debug3: mm_request_send entering: type 7
debug2: monitor_read: 6 used once, disabling now
debug3: send packet: type 31 [preauth]
debug3: send packet: type 21 [preauth]
debug2: set_newkeys: mode 1 [preauth]
debug1: rekey after 4294967296 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug3: receive packet: type 21 [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug2: set_newkeys: mode 0 [preauth]
debug1: rekey after 4294967296 blocks [preauth]
debug1: KEX done [preauth]
debug3: receive packet: type 5 [preauth]
debug3: send packet: type 6 [preauth]
debug3: receive packet: type 50 [preauth]
debug1: userauth-request for user user service ssh-connection method none
[preauth]
debug1: attempt 0 failures 0 [preauth]
debug3: mm_getpwnamallow entering [preauth]
debug3: mm_request_send entering: type 8 [preauth]
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
debug3: mm_request_receive_expect entering: type 9 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 8
debug3: mm_answer_pwnamallow
debug2: parse_server_config: config reprocess config len 204
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send entering: type 9
debug2: monitor_read: 8 used once, disabling now
debug2: input_userauth_request: setting up authctxt for user [preauth]
debug3: mm_inform_authserv entering [preauth]
debug3: mm_request_send entering: type 4 [preauth]
debug2: input_userauth_request: try method none [preauth]
debug3: user_specific_delay: user specific delay 0.000ms [preauth]
debug3: ensure_minimum_time_since: elapsed 117.488ms, delaying 63.923ms
(requested 5.669ms) [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 4
debug3: mm_answer_authserv: service=ssh-connection, style=
debug2: monitor_read: 4 used once, disabling now
debug3: userauth_finish: failure partial=0 next
methods="publickey,password,keyboard-interactive" [preauth]
debug3: send packet: type 51 [preauth]
debug3: receive packet: type 50 [preauth]
debug1: userauth-request for user user service ssh-connection method
publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug2: input_userauth_request: try method publickey [preauth]
debug1: userauth_pubkey: test pkalg ssh-rsa pkblob RSA SHA256:XXX [preauth]
debug3: mm_key_allowed entering [preauth]
debug3: mm_request_send entering: type 22 [preauth]
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
debug3: mm_request_receive_expect entering: type 23 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 22
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 0x5c404e80
debug1: temporarily_use_uid: 1000/1000 (e=0/0)
debug1: trying public key file /home/user/.ssh/authorized_keys
debug1: fd 4 clearing O_NONBLOCK
debug1: /home/user/.ssh/authorized_keys:5: matching key found: RSA
SHA256:XXX
debug1: /home/user/.ssh/authorized_keys:5: key options: agent-forwarding
port-forwarding pty user-rc x11-forwarding
Accepted key RSA SHA256:XXX found at /home/user/.ssh/authorized_keys:5
debug1: restore_uid: 0/0
debug3: mm_answer_keyallowed: publickey authentication test: RSA key is
allowed
debug3: mm_request_send entering: type 23
debug3: send packet: type 60 [preauth]
debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth]
debug3: user_specific_delay: user specific delay 0.000ms [preauth]
debug3: ensure_minimum_time_since: elapsed 84.236ms, delaying 6.470ms
(requested 5.669ms) [preauth]
Postponed publickey for user from 172.17.4.3 port 63721 ssh2 [preauth]
debug3: receive packet: type 50 [preauth]
debug1: userauth-request for user user service ssh-connection method
publickey [preauth]
debug1: attempt 2 failures 0 [preauth]
debug2: input_userauth_request: try method publickey [preauth]
debug3: userauth_pubkey: have ssh-rsa signature for RSA SHA256:XXX [preauth]
debug3: mm_key_allowed entering [preauth]
debug3: mm_request_send entering: type 22 [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 22
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 0x5c404dc0
debug1: temporarily_use_uid: 1000/1000 (e=0/0)
debug1: trying public key file /home/user/.ssh/authorized_keys
debug1: fd 4 clearing O_NONBLOCK
debug1: /home/user/.ssh/authorized_keys:5: matching key found: RSA
SHA256:XXX
debug1: /home/user/.ssh/authorized_keys:5: key options: agent-forwarding
port-forwarding pty user-rc x11-forwarding
Accepted key RSA SHA256:XXX found at /home/user/.ssh/authorized_keys:5
debug1: restore_uid: 0/0
debug3: mm_answer_keyallowed: publickey authentication: RSA key is allowed
debug3: mm_request_send entering: type 23
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
debug3: mm_request_receive_expect entering: type 23 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_sshkey_verify entering [preauth]
debug3: mm_request_send entering: type 24 [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 24
debug3: mm_answer_keyverify: publickey 0x5f9500c0 signature verified
debug1: auth_activate_options: setting new authentication options
debug3: mm_request_send entering: type 25
Accepted publickey for user from 172.17.4.3 port 63721 ssh2: RSA SHA256:XXX
debug1: monitor_child_preauth: user has been authenticated by privileged
process
debug3: mm_get_keystate: Waiting for new keys
debug3: mm_request_receive_expect entering: type 26
debug3: mm_request_receive entering
debug3: mm_get_keystate: GOT new keys
debug3: mm_sshkey_verify: waiting for MONITOR_ANS_KEYVERIFY [preauth]
debug3: mm_request_receive_expect entering: type 25 [preauth]
debug3: mm_request_receive entering [preauth]
debug1: auth_activate_options: setting new authentication options [preauth]
debug2: userauth_pubkey: authenticated 1 pkalg ssh-rsa [preauth]
debug3: user_specific_delay: user specific delay 0.000ms [preauth]
debug3: ensure_minimum_time_since: elapsed 68.769ms, delaying 21.937ms
(requested 5.669ms) [preauth]
debug3: send packet: type 52 [preauth]
debug3: mm_request_send entering: type 26 [preauth]
debug3: mm_send_keystate: Finished sending state [preauth]
debug1: monitor_read_log: child log fd closed
debug3: ssh_sandbox_parent_finish: finished
User child is on pid 24651
debug3: monitor_apply_keystate: packet_set_state
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: ssh_packet_set_postauth: called
debug3: ssh_packet_set_state: done
debug3: notify_hostkeys: key 0: ssh-rsa SHA256:XXX
debug3: notify_hostkeys: key 1: ecdsa-sha2-nistp256 SHA256:XXX
debug3: notify_hostkeys: key 2: ssh-ed25519 SHA256:XXX
debug3: notify_hostkeys: sent 3 hostkeys
debug3: send packet: type 80
debug1: active: key options: agent-forwarding port-forwarding pty user-rc
x11-forwarding
debug3: sending debug message: /home/user/.ssh/authorized_keys:5: key
options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: send packet: type 4
debug3: sending debug message: /home/user/.ssh/authorized_keys:5: key
options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: send packet: type 4
debug1: Entering interactive session for SSH2.
debug2: fd 6 setting O_NONBLOCK
debug2: fd 7 setting O_NONBLOCK
debug1: server_init_dispatch
debug3: receive packet: type 90
debug1: server_input_channel_open: ctype session rchan 256 win 16384 max
16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug2: session_new: allocate (allocated 0 max 10)
debug3: session_unused: session id 0 unused
debug3: mm_request_receive entering
debug1: do_cleanup
Reply | Threaded
Open this post in threaded view
|

Re: SSH disconnects right after accepting

Aaron Mason
Hi

Does it work fine if you log in with the user's password?

On Fri, Feb 8, 2019 at 11:25 AM Lars Bonnesen <[hidden email]> wrote:

>
> OpenBSD 6.4
>
> Putty just reports "Authenticating with public key "XXX" from agent" and
> then I am disconnected. If I run sshd with -ddd, I get the following
> output. I can't seem to get any error, and therefor I can't tell what is
> wrong. Anyone has any idea? Thanks
>
>
> debug2: load_server_config: filename /etc/ssh/sshd_config
> debug2: load_server_config: done config len = 204
> debug2: parse_server_config: config /etc/ssh/sshd_config len 204
> debug3: /etc/ssh/sshd_config:25 setting LogLevel DEBUG
> debug3: /etc/ssh/sshd_config:30 setting PermitRootLogin no
> debug3: /etc/ssh/sshd_config:39 setting AuthorizedKeysFile
> .ssh/authorized_keys
> debug3: /etc/ssh/sshd_config:86 setting Subsystem sftp
> /usr/libexec/sftp-server
> debug1: sshd version OpenSSH_7.9, LibreSSL 2.8.2
> debug1: private host key #0: ssh-rsa SHA256:XXX
> debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:XXX
> debug1: private host key #2: ssh-ed25519 SHA256:XXX
> debug1: rexec_argv[0]='/usr/sbin/sshd'
> debug1: rexec_argv[1]='-ddd'
> debug2: fd 3 setting O_NONBLOCK
> debug1: Bind to port 22 on 0.0.0.0.
> Server listening on 0.0.0.0 port 22.
> debug2: fd 4 setting O_NONBLOCK
> debug1: Bind to port 22 on ::.
> Server listening on :: port 22.
> debug1: fd 5 clearing O_NONBLOCK
> debug1: Server will not fork when running in debugging mode.
> debug3: send_rexec_state: entering fd = 8 config len 204
> debug3: ssh_msg_send: type 0
> debug3: send_rexec_state: done
> debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
> debug1: inetd sockets after dupping: 3, 3
> Connection from 172.17.4.3 port 63721 on 172.17.1.2 port 22 rdomain "0"
> debug1: Client protocol version 2.0; client software version
> PuTTY_Release_0.70
> debug1: no match: PuTTY_Release_0.70
> debug1: Local version string SSH-2.0-OpenSSH_7.9
> debug2: fd 3 setting O_NONBLOCK
> debug3: ssh_sandbox_init: preparing pledge sandbox
> debug2: Network child is on pid 89382
> debug3: preauth child monitor started
> debug3: privsep user:group 27:27 [preauth]
> debug1: permanently_set_uid: 27/27 [preauth]
> debug1: list_hostkey_types:
> rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
> debug3: send packet: type 20 [preauth]
> debug1: SSH2_MSG_KEXINIT sent [preauth]
> debug3: receive packet: type 20 [preauth]
> debug1: SSH2_MSG_KEXINIT received [preauth]
> debug2: local server KEXINIT proposal [preauth]
> debug2: KEX algorithms:
> curve25519-sha256,[hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
> [preauth]
> debug2: host key algorithms:
> rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
> debug2: ciphers ctos: [hidden email]
> ,aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],
> [hidden email] [preauth]
> debug2: ciphers stoc: [hidden email]
> ,aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],
> [hidden email] [preauth]
> debug2: MACs ctos: [hidden email],[hidden email],
> [hidden email],[hidden email],
> [hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
> [preauth]
> debug2: MACs stoc: [hidden email],[hidden email],
> [hidden email],[hidden email],
> [hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
> [preauth]
> debug2: compression ctos: none,[hidden email] [preauth]
> debug2: compression stoc: none,[hidden email] [preauth]
> debug2: languages ctos:  [preauth]
> debug2: languages stoc:  [preauth]
> debug2: first_kex_follows 0  [preauth]
> debug2: reserved 0  [preauth]
> debug2: peer client KEXINIT proposal [preauth]
> debug2: KEX algorithms:
> [hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1
> [preauth]
> debug2: host key algorithms:
> ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
> [preauth]
> debug2: ciphers ctos: aes256-ctr,aes256-cbc,[hidden email]
> ,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[hidden email],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
> [preauth]
> debug2: ciphers stoc: aes256-ctr,aes256-cbc,[hidden email]
> ,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[hidden email],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
> [preauth]
> debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,
> [hidden email],[hidden email],
> [hidden email],[hidden email] [preauth]
> debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,
> [hidden email],[hidden email],
> [hidden email],[hidden email] [preauth]
> debug2: compression ctos: none,zlib [preauth]
> debug2: compression stoc: none,zlib [preauth]
> debug2: languages ctos:  [preauth]
> debug2: languages stoc:  [preauth]
> debug2: first_kex_follows 0  [preauth]
> debug2: reserved 0  [preauth]
> debug1: kex: algorithm: [hidden email] [preauth]
> debug1: kex: host key algorithm: ssh-ed25519 [preauth]
> debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256
> compression: none [preauth]
> debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256
> compression: none [preauth]
> debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
> debug3: receive packet: type 30 [preauth]
> debug3: mm_sshkey_sign entering [preauth]
> debug3: mm_request_send entering: type 6 [preauth]
> debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
> debug3: mm_request_receive_expect entering: type 7 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 6
> debug3: mm_answer_sign
> debug3: mm_answer_sign: hostkey proof signature 0x55e2cd00(83)
> debug3: mm_request_send entering: type 7
> debug2: monitor_read: 6 used once, disabling now
> debug3: send packet: type 31 [preauth]
> debug3: send packet: type 21 [preauth]
> debug2: set_newkeys: mode 1 [preauth]
> debug1: rekey after 4294967296 blocks [preauth]
> debug1: SSH2_MSG_NEWKEYS sent [preauth]
> debug1: expecting SSH2_MSG_NEWKEYS [preauth]
> debug3: receive packet: type 21 [preauth]
> debug1: SSH2_MSG_NEWKEYS received [preauth]
> debug2: set_newkeys: mode 0 [preauth]
> debug1: rekey after 4294967296 blocks [preauth]
> debug1: KEX done [preauth]
> debug3: receive packet: type 5 [preauth]
> debug3: send packet: type 6 [preauth]
> debug3: receive packet: type 50 [preauth]
> debug1: userauth-request for user user service ssh-connection method none
> [preauth]
> debug1: attempt 0 failures 0 [preauth]
> debug3: mm_getpwnamallow entering [preauth]
> debug3: mm_request_send entering: type 8 [preauth]
> debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
> debug3: mm_request_receive_expect entering: type 9 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 8
> debug3: mm_answer_pwnamallow
> debug2: parse_server_config: config reprocess config len 204
> debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
> debug3: mm_request_send entering: type 9
> debug2: monitor_read: 8 used once, disabling now
> debug2: input_userauth_request: setting up authctxt for user [preauth]
> debug3: mm_inform_authserv entering [preauth]
> debug3: mm_request_send entering: type 4 [preauth]
> debug2: input_userauth_request: try method none [preauth]
> debug3: user_specific_delay: user specific delay 0.000ms [preauth]
> debug3: ensure_minimum_time_since: elapsed 117.488ms, delaying 63.923ms
> (requested 5.669ms) [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 4
> debug3: mm_answer_authserv: service=ssh-connection, style=
> debug2: monitor_read: 4 used once, disabling now
> debug3: userauth_finish: failure partial=0 next
> methods="publickey,password,keyboard-interactive" [preauth]
> debug3: send packet: type 51 [preauth]
> debug3: receive packet: type 50 [preauth]
> debug1: userauth-request for user user service ssh-connection method
> publickey [preauth]
> debug1: attempt 1 failures 0 [preauth]
> debug2: input_userauth_request: try method publickey [preauth]
> debug1: userauth_pubkey: test pkalg ssh-rsa pkblob RSA SHA256:XXX [preauth]
> debug3: mm_key_allowed entering [preauth]
> debug3: mm_request_send entering: type 22 [preauth]
> debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
> debug3: mm_request_receive_expect entering: type 23 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 22
> debug3: mm_answer_keyallowed entering
> debug3: mm_answer_keyallowed: key_from_blob: 0x5c404e80
> debug1: temporarily_use_uid: 1000/1000 (e=0/0)
> debug1: trying public key file /home/user/.ssh/authorized_keys
> debug1: fd 4 clearing O_NONBLOCK
> debug1: /home/user/.ssh/authorized_keys:5: matching key found: RSA
> SHA256:XXX
> debug1: /home/user/.ssh/authorized_keys:5: key options: agent-forwarding
> port-forwarding pty user-rc x11-forwarding
> Accepted key RSA SHA256:XXX found at /home/user/.ssh/authorized_keys:5
> debug1: restore_uid: 0/0
> debug3: mm_answer_keyallowed: publickey authentication test: RSA key is
> allowed
> debug3: mm_request_send entering: type 23
> debug3: send packet: type 60 [preauth]
> debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth]
> debug3: user_specific_delay: user specific delay 0.000ms [preauth]
> debug3: ensure_minimum_time_since: elapsed 84.236ms, delaying 6.470ms
> (requested 5.669ms) [preauth]
> Postponed publickey for user from 172.17.4.3 port 63721 ssh2 [preauth]
> debug3: receive packet: type 50 [preauth]
> debug1: userauth-request for user user service ssh-connection method
> publickey [preauth]
> debug1: attempt 2 failures 0 [preauth]
> debug2: input_userauth_request: try method publickey [preauth]
> debug3: userauth_pubkey: have ssh-rsa signature for RSA SHA256:XXX [preauth]
> debug3: mm_key_allowed entering [preauth]
> debug3: mm_request_send entering: type 22 [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 22
> debug3: mm_answer_keyallowed entering
> debug3: mm_answer_keyallowed: key_from_blob: 0x5c404dc0
> debug1: temporarily_use_uid: 1000/1000 (e=0/0)
> debug1: trying public key file /home/user/.ssh/authorized_keys
> debug1: fd 4 clearing O_NONBLOCK
> debug1: /home/user/.ssh/authorized_keys:5: matching key found: RSA
> SHA256:XXX
> debug1: /home/user/.ssh/authorized_keys:5: key options: agent-forwarding
> port-forwarding pty user-rc x11-forwarding
> Accepted key RSA SHA256:XXX found at /home/user/.ssh/authorized_keys:5
> debug1: restore_uid: 0/0
> debug3: mm_answer_keyallowed: publickey authentication: RSA key is allowed
> debug3: mm_request_send entering: type 23
> debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
> debug3: mm_request_receive_expect entering: type 23 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_sshkey_verify entering [preauth]
> debug3: mm_request_send entering: type 24 [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 24
> debug3: mm_answer_keyverify: publickey 0x5f9500c0 signature verified
> debug1: auth_activate_options: setting new authentication options
> debug3: mm_request_send entering: type 25
> Accepted publickey for user from 172.17.4.3 port 63721 ssh2: RSA SHA256:XXX
> debug1: monitor_child_preauth: user has been authenticated by privileged
> process
> debug3: mm_get_keystate: Waiting for new keys
> debug3: mm_request_receive_expect entering: type 26
> debug3: mm_request_receive entering
> debug3: mm_get_keystate: GOT new keys
> debug3: mm_sshkey_verify: waiting for MONITOR_ANS_KEYVERIFY [preauth]
> debug3: mm_request_receive_expect entering: type 25 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug1: auth_activate_options: setting new authentication options [preauth]
> debug2: userauth_pubkey: authenticated 1 pkalg ssh-rsa [preauth]
> debug3: user_specific_delay: user specific delay 0.000ms [preauth]
> debug3: ensure_minimum_time_since: elapsed 68.769ms, delaying 21.937ms
> (requested 5.669ms) [preauth]
> debug3: send packet: type 52 [preauth]
> debug3: mm_request_send entering: type 26 [preauth]
> debug3: mm_send_keystate: Finished sending state [preauth]
> debug1: monitor_read_log: child log fd closed
> debug3: ssh_sandbox_parent_finish: finished
> User child is on pid 24651
> debug3: monitor_apply_keystate: packet_set_state
> debug2: set_newkeys: mode 0
> debug1: rekey after 4294967296 blocks
> debug2: set_newkeys: mode 1
> debug1: rekey after 4294967296 blocks
> debug1: ssh_packet_set_postauth: called
> debug3: ssh_packet_set_state: done
> debug3: notify_hostkeys: key 0: ssh-rsa SHA256:XXX
> debug3: notify_hostkeys: key 1: ecdsa-sha2-nistp256 SHA256:XXX
> debug3: notify_hostkeys: key 2: ssh-ed25519 SHA256:XXX
> debug3: notify_hostkeys: sent 3 hostkeys
> debug3: send packet: type 80
> debug1: active: key options: agent-forwarding port-forwarding pty user-rc
> x11-forwarding
> debug3: sending debug message: /home/user/.ssh/authorized_keys:5: key
> options: agent-forwarding port-forwarding pty user-rc x11-forwarding
> debug3: send packet: type 4
> debug3: sending debug message: /home/user/.ssh/authorized_keys:5: key
> options: agent-forwarding port-forwarding pty user-rc x11-forwarding
> debug3: send packet: type 4
> debug1: Entering interactive session for SSH2.
> debug2: fd 6 setting O_NONBLOCK
> debug2: fd 7 setting O_NONBLOCK
> debug1: server_init_dispatch
> debug3: receive packet: type 90
> debug1: server_input_channel_open: ctype session rchan 256 win 16384 max
> 16384
> debug1: input_session_request
> debug1: channel 0: new [server-session]
> debug2: session_new: allocate (allocated 0 max 10)
> debug3: session_unused: session id 0 unused
> debug3: mm_request_receive entering
> debug1: do_cleanup



--
Aaron Mason - Programmer, open source addict
I've taken my software vows - for beta or for worse

Reply | Threaded
Open this post in threaded view
|

Re: SSH disconnects right after accepting

Aaron Mason
Can you share your sshd_config file, and ~user/.ssh/rc  and
~user/.ssh/config files (if they exist) please.

On Fri, Feb 8, 2019 at 12:07 PM Lars Bonnesen <[hidden email]> wrote:

>
> No, clear text login also does not work. Only when I log on through the console, not say.
>
> Regards, Lars.
>
> On Fri, Feb 8, 2019, 02:03 Aaron Mason <[hidden email] wrote:
>>
>> Hi
>>
>> Does it work fine if you log in with the user's password?
>>
>> On Fri, Feb 8, 2019 at 11:25 AM Lars Bonnesen <[hidden email]> wrote:
>> >
>> > OpenBSD 6.4
>> >
>> > Putty just reports "Authenticating with public key "XXX" from agent" and
>> > then I am disconnected. If I run sshd with -ddd, I get the following
>> > output. I can't seem to get any error, and therefor I can't tell what is
>> > wrong. Anyone has any idea? Thanks
>> >
>> >
>> > debug2: load_server_config: filename /etc/ssh/sshd_config
>> > debug2: load_server_config: done config len = 204
>> > debug2: parse_server_config: config /etc/ssh/sshd_config len 204
>> > debug3: /etc/ssh/sshd_config:25 setting LogLevel DEBUG
>> > debug3: /etc/ssh/sshd_config:30 setting PermitRootLogin no
>> > debug3: /etc/ssh/sshd_config:39 setting AuthorizedKeysFile
>> > .ssh/authorized_keys
>> > debug3: /etc/ssh/sshd_config:86 setting Subsystem sftp
>> > /usr/libexec/sftp-server
>> > debug1: sshd version OpenSSH_7.9, LibreSSL 2.8.2
>> > debug1: private host key #0: ssh-rsa SHA256:XXX
>> > debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:XXX
>> > debug1: private host key #2: ssh-ed25519 SHA256:XXX
>> > debug1: rexec_argv[0]='/usr/sbin/sshd'
>> > debug1: rexec_argv[1]='-ddd'
>> > debug2: fd 3 setting O_NONBLOCK
>> > debug1: Bind to port 22 on 0.0.0.0.
>> > Server listening on 0.0.0.0 port 22.
>> > debug2: fd 4 setting O_NONBLOCK
>> > debug1: Bind to port 22 on ::.
>> > Server listening on :: port 22.
>> > debug1: fd 5 clearing O_NONBLOCK
>> > debug1: Server will not fork when running in debugging mode.
>> > debug3: send_rexec_state: entering fd = 8 config len 204
>> > debug3: ssh_msg_send: type 0
>> > debug3: send_rexec_state: done
>> > debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
>> > debug1: inetd sockets after dupping: 3, 3
>> > Connection from 172.17.4.3 port 63721 on 172.17.1.2 port 22 rdomain "0"
>> > debug1: Client protocol version 2.0; client software version
>> > PuTTY_Release_0.70
>> > debug1: no match: PuTTY_Release_0.70
>> > debug1: Local version string SSH-2.0-OpenSSH_7.9
>> > debug2: fd 3 setting O_NONBLOCK
>> > debug3: ssh_sandbox_init: preparing pledge sandbox
>> > debug2: Network child is on pid 89382
>> > debug3: preauth child monitor started
>> > debug3: privsep user:group 27:27 [preauth]
>> > debug1: permanently_set_uid: 27/27 [preauth]
>> > debug1: list_hostkey_types:
>> > rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
>> > debug3: send packet: type 20 [preauth]
>> > debug1: SSH2_MSG_KEXINIT sent [preauth]
>> > debug3: receive packet: type 20 [preauth]
>> > debug1: SSH2_MSG_KEXINIT received [preauth]
>> > debug2: local server KEXINIT proposal [preauth]
>> > debug2: KEX algorithms:
>> > curve25519-sha256,[hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
>> > [preauth]
>> > debug2: host key algorithms:
>> > rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
>> > debug2: ciphers ctos: [hidden email]
>> > ,aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],
>> > [hidden email] [preauth]
>> > debug2: ciphers stoc: [hidden email]
>> > ,aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],
>> > [hidden email] [preauth]
>> > debug2: MACs ctos: [hidden email],[hidden email],
>> > [hidden email],[hidden email],
>> > [hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> > [preauth]
>> > debug2: MACs stoc: [hidden email],[hidden email],
>> > [hidden email],[hidden email],
>> > [hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> > [preauth]
>> > debug2: compression ctos: none,[hidden email] [preauth]
>> > debug2: compression stoc: none,[hidden email] [preauth]
>> > debug2: languages ctos:  [preauth]
>> > debug2: languages stoc:  [preauth]
>> > debug2: first_kex_follows 0  [preauth]
>> > debug2: reserved 0  [preauth]
>> > debug2: peer client KEXINIT proposal [preauth]
>> > debug2: KEX algorithms:
>> > [hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1
>> > [preauth]
>> > debug2: host key algorithms:
>> > ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
>> > [preauth]
>> > debug2: ciphers ctos: aes256-ctr,aes256-cbc,[hidden email]
>> > ,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[hidden email],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
>> > [preauth]
>> > debug2: ciphers stoc: aes256-ctr,aes256-cbc,[hidden email]
>> > ,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[hidden email],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
>> > [preauth]
>> > debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,
>> > [hidden email],[hidden email],
>> > [hidden email],[hidden email] [preauth]
>> > debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,
>> > [hidden email],[hidden email],
>> > [hidden email],[hidden email] [preauth]
>> > debug2: compression ctos: none,zlib [preauth]
>> > debug2: compression stoc: none,zlib [preauth]
>> > debug2: languages ctos:  [preauth]
>> > debug2: languages stoc:  [preauth]
>> > debug2: first_kex_follows 0  [preauth]
>> > debug2: reserved 0  [preauth]
>> > debug1: kex: algorithm: [hidden email] [preauth]
>> > debug1: kex: host key algorithm: ssh-ed25519 [preauth]
>> > debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256
>> > compression: none [preauth]
>> > debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256
>> > compression: none [preauth]
>> > debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
>> > debug3: receive packet: type 30 [preauth]
>> > debug3: mm_sshkey_sign entering [preauth]
>> > debug3: mm_request_send entering: type 6 [preauth]
>> > debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
>> > debug3: mm_request_receive_expect entering: type 7 [preauth]
>> > debug3: mm_request_receive entering [preauth]
>> > debug3: mm_request_receive entering
>> > debug3: monitor_read: checking request 6
>> > debug3: mm_answer_sign
>> > debug3: mm_answer_sign: hostkey proof signature 0x55e2cd00(83)
>> > debug3: mm_request_send entering: type 7
>> > debug2: monitor_read: 6 used once, disabling now
>> > debug3: send packet: type 31 [preauth]
>> > debug3: send packet: type 21 [preauth]
>> > debug2: set_newkeys: mode 1 [preauth]
>> > debug1: rekey after 4294967296 blocks [preauth]
>> > debug1: SSH2_MSG_NEWKEYS sent [preauth]
>> > debug1: expecting SSH2_MSG_NEWKEYS [preauth]
>> > debug3: receive packet: type 21 [preauth]
>> > debug1: SSH2_MSG_NEWKEYS received [preauth]
>> > debug2: set_newkeys: mode 0 [preauth]
>> > debug1: rekey after 4294967296 blocks [preauth]
>> > debug1: KEX done [preauth]
>> > debug3: receive packet: type 5 [preauth]
>> > debug3: send packet: type 6 [preauth]
>> > debug3: receive packet: type 50 [preauth]
>> > debug1: userauth-request for user user service ssh-connection method none
>> > [preauth]
>> > debug1: attempt 0 failures 0 [preauth]
>> > debug3: mm_getpwnamallow entering [preauth]
>> > debug3: mm_request_send entering: type 8 [preauth]
>> > debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
>> > debug3: mm_request_receive_expect entering: type 9 [preauth]
>> > debug3: mm_request_receive entering [preauth]
>> > debug3: mm_request_receive entering
>> > debug3: monitor_read: checking request 8
>> > debug3: mm_answer_pwnamallow
>> > debug2: parse_server_config: config reprocess config len 204
>> > debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
>> > debug3: mm_request_send entering: type 9
>> > debug2: monitor_read: 8 used once, disabling now
>> > debug2: input_userauth_request: setting up authctxt for user [preauth]
>> > debug3: mm_inform_authserv entering [preauth]
>> > debug3: mm_request_send entering: type 4 [preauth]
>> > debug2: input_userauth_request: try method none [preauth]
>> > debug3: user_specific_delay: user specific delay 0.000ms [preauth]
>> > debug3: ensure_minimum_time_since: elapsed 117.488ms, delaying 63.923ms
>> > (requested 5.669ms) [preauth]
>> > debug3: mm_request_receive entering
>> > debug3: monitor_read: checking request 4
>> > debug3: mm_answer_authserv: service=ssh-connection, style=
>> > debug2: monitor_read: 4 used once, disabling now
>> > debug3: userauth_finish: failure partial=0 next
>> > methods="publickey,password,keyboard-interactive" [preauth]
>> > debug3: send packet: type 51 [preauth]
>> > debug3: receive packet: type 50 [preauth]
>> > debug1: userauth-request for user user service ssh-connection method
>> > publickey [preauth]
>> > debug1: attempt 1 failures 0 [preauth]
>> > debug2: input_userauth_request: try method publickey [preauth]
>> > debug1: userauth_pubkey: test pkalg ssh-rsa pkblob RSA SHA256:XXX [preauth]
>> > debug3: mm_key_allowed entering [preauth]
>> > debug3: mm_request_send entering: type 22 [preauth]
>> > debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
>> > debug3: mm_request_receive_expect entering: type 23 [preauth]
>> > debug3: mm_request_receive entering [preauth]
>> > debug3: mm_request_receive entering
>> > debug3: monitor_read: checking request 22
>> > debug3: mm_answer_keyallowed entering
>> > debug3: mm_answer_keyallowed: key_from_blob: 0x5c404e80
>> > debug1: temporarily_use_uid: 1000/1000 (e=0/0)
>> > debug1: trying public key file /home/user/.ssh/authorized_keys
>> > debug1: fd 4 clearing O_NONBLOCK
>> > debug1: /home/user/.ssh/authorized_keys:5: matching key found: RSA
>> > SHA256:XXX
>> > debug1: /home/user/.ssh/authorized_keys:5: key options: agent-forwarding
>> > port-forwarding pty user-rc x11-forwarding
>> > Accepted key RSA SHA256:XXX found at /home/user/.ssh/authorized_keys:5
>> > debug1: restore_uid: 0/0
>> > debug3: mm_answer_keyallowed: publickey authentication test: RSA key is
>> > allowed
>> > debug3: mm_request_send entering: type 23
>> > debug3: send packet: type 60 [preauth]
>> > debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth]
>> > debug3: user_specific_delay: user specific delay 0.000ms [preauth]
>> > debug3: ensure_minimum_time_since: elapsed 84.236ms, delaying 6.470ms
>> > (requested 5.669ms) [preauth]
>> > Postponed publickey for user from 172.17.4.3 port 63721 ssh2 [preauth]
>> > debug3: receive packet: type 50 [preauth]
>> > debug1: userauth-request for user user service ssh-connection method
>> > publickey [preauth]
>> > debug1: attempt 2 failures 0 [preauth]
>> > debug2: input_userauth_request: try method publickey [preauth]
>> > debug3: userauth_pubkey: have ssh-rsa signature for RSA SHA256:XXX [preauth]
>> > debug3: mm_key_allowed entering [preauth]
>> > debug3: mm_request_send entering: type 22 [preauth]
>> > debug3: mm_request_receive entering
>> > debug3: monitor_read: checking request 22
>> > debug3: mm_answer_keyallowed entering
>> > debug3: mm_answer_keyallowed: key_from_blob: 0x5c404dc0
>> > debug1: temporarily_use_uid: 1000/1000 (e=0/0)
>> > debug1: trying public key file /home/user/.ssh/authorized_keys
>> > debug1: fd 4 clearing O_NONBLOCK
>> > debug1: /home/user/.ssh/authorized_keys:5: matching key found: RSA
>> > SHA256:XXX
>> > debug1: /home/user/.ssh/authorized_keys:5: key options: agent-forwarding
>> > port-forwarding pty user-rc x11-forwarding
>> > Accepted key RSA SHA256:XXX found at /home/user/.ssh/authorized_keys:5
>> > debug1: restore_uid: 0/0
>> > debug3: mm_answer_keyallowed: publickey authentication: RSA key is allowed
>> > debug3: mm_request_send entering: type 23
>> > debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
>> > debug3: mm_request_receive_expect entering: type 23 [preauth]
>> > debug3: mm_request_receive entering [preauth]
>> > debug3: mm_sshkey_verify entering [preauth]
>> > debug3: mm_request_send entering: type 24 [preauth]
>> > debug3: mm_request_receive entering
>> > debug3: monitor_read: checking request 24
>> > debug3: mm_answer_keyverify: publickey 0x5f9500c0 signature verified
>> > debug1: auth_activate_options: setting new authentication options
>> > debug3: mm_request_send entering: type 25
>> > Accepted publickey for user from 172.17.4.3 port 63721 ssh2: RSA SHA256:XXX
>> > debug1: monitor_child_preauth: user has been authenticated by privileged
>> > process
>> > debug3: mm_get_keystate: Waiting for new keys
>> > debug3: mm_request_receive_expect entering: type 26
>> > debug3: mm_request_receive entering
>> > debug3: mm_get_keystate: GOT new keys
>> > debug3: mm_sshkey_verify: waiting for MONITOR_ANS_KEYVERIFY [preauth]
>> > debug3: mm_request_receive_expect entering: type 25 [preauth]
>> > debug3: mm_request_receive entering [preauth]
>> > debug1: auth_activate_options: setting new authentication options [preauth]
>> > debug2: userauth_pubkey: authenticated 1 pkalg ssh-rsa [preauth]
>> > debug3: user_specific_delay: user specific delay 0.000ms [preauth]
>> > debug3: ensure_minimum_time_since: elapsed 68.769ms, delaying 21.937ms
>> > (requested 5.669ms) [preauth]
>> > debug3: send packet: type 52 [preauth]
>> > debug3: mm_request_send entering: type 26 [preauth]
>> > debug3: mm_send_keystate: Finished sending state [preauth]
>> > debug1: monitor_read_log: child log fd closed
>> > debug3: ssh_sandbox_parent_finish: finished
>> > User child is on pid 24651
>> > debug3: monitor_apply_keystate: packet_set_state
>> > debug2: set_newkeys: mode 0
>> > debug1: rekey after 4294967296 blocks
>> > debug2: set_newkeys: mode 1
>> > debug1: rekey after 4294967296 blocks
>> > debug1: ssh_packet_set_postauth: called
>> > debug3: ssh_packet_set_state: done
>> > debug3: notify_hostkeys: key 0: ssh-rsa SHA256:XXX
>> > debug3: notify_hostkeys: key 1: ecdsa-sha2-nistp256 SHA256:XXX
>> > debug3: notify_hostkeys: key 2: ssh-ed25519 SHA256:XXX
>> > debug3: notify_hostkeys: sent 3 hostkeys
>> > debug3: send packet: type 80
>> > debug1: active: key options: agent-forwarding port-forwarding pty user-rc
>> > x11-forwarding
>> > debug3: sending debug message: /home/user/.ssh/authorized_keys:5: key
>> > options: agent-forwarding port-forwarding pty user-rc x11-forwarding
>> > debug3: send packet: type 4
>> > debug3: sending debug message: /home/user/.ssh/authorized_keys:5: key
>> > options: agent-forwarding port-forwarding pty user-rc x11-forwarding
>> > debug3: send packet: type 4
>> > debug1: Entering interactive session for SSH2.
>> > debug2: fd 6 setting O_NONBLOCK
>> > debug2: fd 7 setting O_NONBLOCK
>> > debug1: server_init_dispatch
>> > debug3: receive packet: type 90
>> > debug1: server_input_channel_open: ctype session rchan 256 win 16384 max
>> > 16384
>> > debug1: input_session_request
>> > debug1: channel 0: new [server-session]
>> > debug2: session_new: allocate (allocated 0 max 10)
>> > debug3: session_unused: session id 0 unused
>> > debug3: mm_request_receive entering
>> > debug1: do_cleanup
>>
>>
>>
>> --
>> Aaron Mason - Programmer, open source addict
>> I've taken my software vows - for beta or for worse



--
Aaron Mason - Programmer, open source addict
I've taken my software vows - for beta or for worse

Reply | Threaded
Open this post in threaded view
|

Re: [SUSPECTED SPAM] SSH disconnects right after accepting

Damien Miller
In reply to this post by bonne
On Fri, 8 Feb 2019, Lars Bonnesen wrote:

> OpenBSD 6.4
>
> Putty just reports "Authenticating with public key "XXX" from agent" and
> then I am disconnected. If I run sshd with -ddd, I get the following
> output. I can't seem to get any error, and therefor I can't tell what is
> wrong. Anyone has any idea? Thanks

Darren has been unable to replicate this problem using PuTTY as a client.

Could you please try to see whether sshd is dumping core? You can follow
the instructions at the end of "man sysctl" - search for "nosuidcoredump"
to enable coredumps for the sshd process. Once that is done, you can
try to reproduce your problem and then check the /var/crash/sshd
directory.

-d

Reply | Threaded
Open this post in threaded view
|

Re: SSH disconnects right after accepting

Максим
In reply to this post by bonne
Hello,
Did you edit /etc/login.conf recently?

-- 
Best Regards
Maksim Rodin


08.02.2019, 03:27, "Lars Bonnesen" <[hidden email]>:

> OpenBSD 6.4
>
> Putty just reports "Authenticating with public key "XXX" from agent" and
> then I am disconnected. If I run sshd with -ddd, I get the following
> output. I can't seem to get any error, and therefor I can't tell what is
> wrong. Anyone has any idea? Thanks
>
> debug2: load_server_config: filename /etc/ssh/sshd_config
> debug2: load_server_config: done config len = 204
> debug2: parse_server_config: config /etc/ssh/sshd_config len 204
> debug3: /etc/ssh/sshd_config:25 setting LogLevel DEBUG
> debug3: /etc/ssh/sshd_config:30 setting PermitRootLogin no
> debug3: /etc/ssh/sshd_config:39 setting AuthorizedKeysFile
> .ssh/authorized_keys
> debug3: /etc/ssh/sshd_config:86 setting Subsystem sftp
> /usr/libexec/sftp-server
> debug1: sshd version OpenSSH_7.9, LibreSSL 2.8.2
> debug1: private host key #0: ssh-rsa SHA256:XXX
> debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:XXX
> debug1: private host key #2: ssh-ed25519 SHA256:XXX
> debug1: rexec_argv[0]='/usr/sbin/sshd'
> debug1: rexec_argv[1]='-ddd'
> debug2: fd 3 setting O_NONBLOCK
> debug1: Bind to port 22 on 0.0.0.0.
> Server listening on 0.0.0.0 port 22.
> debug2: fd 4 setting O_NONBLOCK
> debug1: Bind to port 22 on ::.
> Server listening on :: port 22.
> debug1: fd 5 clearing O_NONBLOCK
> debug1: Server will not fork when running in debugging mode.
> debug3: send_rexec_state: entering fd = 8 config len 204
> debug3: ssh_msg_send: type 0
> debug3: send_rexec_state: done
> debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
> debug1: inetd sockets after dupping: 3, 3
> Connection from 172.17.4.3 port 63721 on 172.17.1.2 port 22 rdomain "0"
> debug1: Client protocol version 2.0; client software version
> PuTTY_Release_0.70
> debug1: no match: PuTTY_Release_0.70
> debug1: Local version string SSH-2.0-OpenSSH_7.9
> debug2: fd 3 setting O_NONBLOCK
> debug3: ssh_sandbox_init: preparing pledge sandbox
> debug2: Network child is on pid 89382
> debug3: preauth child monitor started
> debug3: privsep user:group 27:27 [preauth]
> debug1: permanently_set_uid: 27/27 [preauth]
> debug1: list_hostkey_types:
> rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
> debug3: send packet: type 20 [preauth]
> debug1: SSH2_MSG_KEXINIT sent [preauth]
> debug3: receive packet: type 20 [preauth]
> debug1: SSH2_MSG_KEXINIT received [preauth]
> debug2: local server KEXINIT proposal [preauth]
> debug2: KEX algorithms:
> curve25519-sha256,[hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
> [preauth]
> debug2: host key algorithms:
> rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
> debug2: ciphers ctos: [hidden email]
> ,aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],
> [hidden email] [preauth]
> debug2: ciphers stoc: [hidden email]
> ,aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],
> [hidden email] [preauth]
> debug2: MACs ctos: [hidden email],[hidden email],
> [hidden email],[hidden email],
> [hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
> [preauth]
> debug2: MACs stoc: [hidden email],[hidden email],
> [hidden email],[hidden email],
> [hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
> [preauth]
> debug2: compression ctos: none,[hidden email] [preauth]
> debug2: compression stoc: none,[hidden email] [preauth]
> debug2: languages ctos: [preauth]
> debug2: languages stoc: [preauth]
> debug2: first_kex_follows 0 [preauth]
> debug2: reserved 0 [preauth]
> debug2: peer client KEXINIT proposal [preauth]
> debug2: KEX algorithms:
> [hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,rsa2048-sha256,rsa1024-sha1,diffie-hellman-group1-sha1
> [preauth]
> debug2: host key algorithms:
> ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
> [preauth]
> debug2: ciphers ctos: aes256-ctr,aes256-cbc,[hidden email]
> ,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[hidden email],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
> [preauth]
> debug2: ciphers stoc: aes256-ctr,aes256-cbc,[hidden email]
> ,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,[hidden email],blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
> [preauth]
> debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,
> [hidden email],[hidden email],
> [hidden email],[hidden email] [preauth]
> debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5,
> [hidden email],[hidden email],
> [hidden email],[hidden email] [preauth]
> debug2: compression ctos: none,zlib [preauth]
> debug2: compression stoc: none,zlib [preauth]
> debug2: languages ctos: [preauth]
> debug2: languages stoc: [preauth]
> debug2: first_kex_follows 0 [preauth]
> debug2: reserved 0 [preauth]
> debug1: kex: algorithm: [hidden email] [preauth]
> debug1: kex: host key algorithm: ssh-ed25519 [preauth]
> debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256
> compression: none [preauth]
> debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256
> compression: none [preauth]
> debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
> debug3: receive packet: type 30 [preauth]
> debug3: mm_sshkey_sign entering [preauth]
> debug3: mm_request_send entering: type 6 [preauth]
> debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
> debug3: mm_request_receive_expect entering: type 7 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 6
> debug3: mm_answer_sign
> debug3: mm_answer_sign: hostkey proof signature 0x55e2cd00(83)
> debug3: mm_request_send entering: type 7
> debug2: monitor_read: 6 used once, disabling now
> debug3: send packet: type 31 [preauth]
> debug3: send packet: type 21 [preauth]
> debug2: set_newkeys: mode 1 [preauth]
> debug1: rekey after 4294967296 blocks [preauth]
> debug1: SSH2_MSG_NEWKEYS sent [preauth]
> debug1: expecting SSH2_MSG_NEWKEYS [preauth]
> debug3: receive packet: type 21 [preauth]
> debug1: SSH2_MSG_NEWKEYS received [preauth]
> debug2: set_newkeys: mode 0 [preauth]
> debug1: rekey after 4294967296 blocks [preauth]
> debug1: KEX done [preauth]
> debug3: receive packet: type 5 [preauth]
> debug3: send packet: type 6 [preauth]
> debug3: receive packet: type 50 [preauth]
> debug1: userauth-request for user user service ssh-connection method none
> [preauth]
> debug1: attempt 0 failures 0 [preauth]
> debug3: mm_getpwnamallow entering [preauth]
> debug3: mm_request_send entering: type 8 [preauth]
> debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
> debug3: mm_request_receive_expect entering: type 9 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 8
> debug3: mm_answer_pwnamallow
> debug2: parse_server_config: config reprocess config len 204
> debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
> debug3: mm_request_send entering: type 9
> debug2: monitor_read: 8 used once, disabling now
> debug2: input_userauth_request: setting up authctxt for user [preauth]
> debug3: mm_inform_authserv entering [preauth]
> debug3: mm_request_send entering: type 4 [preauth]
> debug2: input_userauth_request: try method none [preauth]
> debug3: user_specific_delay: user specific delay 0.000ms [preauth]
> debug3: ensure_minimum_time_since: elapsed 117.488ms, delaying 63.923ms
> (requested 5.669ms) [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 4
> debug3: mm_answer_authserv: service=ssh-connection, style=
> debug2: monitor_read: 4 used once, disabling now
> debug3: userauth_finish: failure partial=0 next
> methods="publickey,password,keyboard-interactive" [preauth]
> debug3: send packet: type 51 [preauth]
> debug3: receive packet: type 50 [preauth]
> debug1: userauth-request for user user service ssh-connection method
> publickey [preauth]
> debug1: attempt 1 failures 0 [preauth]
> debug2: input_userauth_request: try method publickey [preauth]
> debug1: userauth_pubkey: test pkalg ssh-rsa pkblob RSA SHA256:XXX [preauth]
> debug3: mm_key_allowed entering [preauth]
> debug3: mm_request_send entering: type 22 [preauth]
> debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
> debug3: mm_request_receive_expect entering: type 23 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 22
> debug3: mm_answer_keyallowed entering
> debug3: mm_answer_keyallowed: key_from_blob: 0x5c404e80
> debug1: temporarily_use_uid: 1000/1000 (e=0/0)
> debug1: trying public key file /home/user/.ssh/authorized_keys
> debug1: fd 4 clearing O_NONBLOCK
> debug1: /home/user/.ssh/authorized_keys:5: matching key found: RSA
> SHA256:XXX
> debug1: /home/user/.ssh/authorized_keys:5: key options: agent-forwarding
> port-forwarding pty user-rc x11-forwarding
> Accepted key RSA SHA256:XXX found at /home/user/.ssh/authorized_keys:5
> debug1: restore_uid: 0/0
> debug3: mm_answer_keyallowed: publickey authentication test: RSA key is
> allowed
> debug3: mm_request_send entering: type 23
> debug3: send packet: type 60 [preauth]
> debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa [preauth]
> debug3: user_specific_delay: user specific delay 0.000ms [preauth]
> debug3: ensure_minimum_time_since: elapsed 84.236ms, delaying 6.470ms
> (requested 5.669ms) [preauth]
> Postponed publickey for user from 172.17.4.3 port 63721 ssh2 [preauth]
> debug3: receive packet: type 50 [preauth]
> debug1: userauth-request for user user service ssh-connection method
> publickey [preauth]
> debug1: attempt 2 failures 0 [preauth]
> debug2: input_userauth_request: try method publickey [preauth]
> debug3: userauth_pubkey: have ssh-rsa signature for RSA SHA256:XXX [preauth]
> debug3: mm_key_allowed entering [preauth]
> debug3: mm_request_send entering: type 22 [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 22
> debug3: mm_answer_keyallowed entering
> debug3: mm_answer_keyallowed: key_from_blob: 0x5c404dc0
> debug1: temporarily_use_uid: 1000/1000 (e=0/0)
> debug1: trying public key file /home/user/.ssh/authorized_keys
> debug1: fd 4 clearing O_NONBLOCK
> debug1: /home/user/.ssh/authorized_keys:5: matching key found: RSA
> SHA256:XXX
> debug1: /home/user/.ssh/authorized_keys:5: key options: agent-forwarding
> port-forwarding pty user-rc x11-forwarding
> Accepted key RSA SHA256:XXX found at /home/user/.ssh/authorized_keys:5
> debug1: restore_uid: 0/0
> debug3: mm_answer_keyallowed: publickey authentication: RSA key is allowed
> debug3: mm_request_send entering: type 23
> debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
> debug3: mm_request_receive_expect entering: type 23 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_sshkey_verify entering [preauth]
> debug3: mm_request_send entering: type 24 [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 24
> debug3: mm_answer_keyverify: publickey 0x5f9500c0 signature verified
> debug1: auth_activate_options: setting new authentication options
> debug3: mm_request_send entering: type 25
> Accepted publickey for user from 172.17.4.3 port 63721 ssh2: RSA SHA256:XXX
> debug1: monitor_child_preauth: user has been authenticated by privileged
> process
> debug3: mm_get_keystate: Waiting for new keys
> debug3: mm_request_receive_expect entering: type 26
> debug3: mm_request_receive entering
> debug3: mm_get_keystate: GOT new keys
> debug3: mm_sshkey_verify: waiting for MONITOR_ANS_KEYVERIFY [preauth]
> debug3: mm_request_receive_expect entering: type 25 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug1: auth_activate_options: setting new authentication options [preauth]
> debug2: userauth_pubkey: authenticated 1 pkalg ssh-rsa [preauth]
> debug3: user_specific_delay: user specific delay 0.000ms [preauth]
> debug3: ensure_minimum_time_since: elapsed 68.769ms, delaying 21.937ms
> (requested 5.669ms) [preauth]
> debug3: send packet: type 52 [preauth]
> debug3: mm_request_send entering: type 26 [preauth]
> debug3: mm_send_keystate: Finished sending state [preauth]
> debug1: monitor_read_log: child log fd closed
> debug3: ssh_sandbox_parent_finish: finished
> User child is on pid 24651
> debug3: monitor_apply_keystate: packet_set_state
> debug2: set_newkeys: mode 0
> debug1: rekey after 4294967296 blocks
> debug2: set_newkeys: mode 1
> debug1: rekey after 4294967296 blocks
> debug1: ssh_packet_set_postauth: called
> debug3: ssh_packet_set_state: done
> debug3: notify_hostkeys: key 0: ssh-rsa SHA256:XXX
> debug3: notify_hostkeys: key 1: ecdsa-sha2-nistp256 SHA256:XXX
> debug3: notify_hostkeys: key 2: ssh-ed25519 SHA256:XXX
> debug3: notify_hostkeys: sent 3 hostkeys
> debug3: send packet: type 80
> debug1: active: key options: agent-forwarding port-forwarding pty user-rc
> x11-forwarding
> debug3: sending debug message: /home/user/.ssh/authorized_keys:5: key
> options: agent-forwarding port-forwarding pty user-rc x11-forwarding
> debug3: send packet: type 4
> debug3: sending debug message: /home/user/.ssh/authorized_keys:5: key
> options: agent-forwarding port-forwarding pty user-rc x11-forwarding
> debug3: send packet: type 4
> debug1: Entering interactive session for SSH2.
> debug2: fd 6 setting O_NONBLOCK
> debug2: fd 7 setting O_NONBLOCK
> debug1: server_init_dispatch
> debug3: receive packet: type 90
> debug1: server_input_channel_open: ctype session rchan 256 win 16384 max
> 16384
> debug1: input_session_request
> debug1: channel 0: new [server-session]
> debug2: session_new: allocate (allocated 0 max 10)
> debug3: session_unused: session id 0 unused
> debug3: mm_request_receive entering
> debug1: do_cleanup