Some weeks ago ssh login was no longer possible to a remote Mac. Problem started occuring around upgrading Webmin to version 1.550 and/or changing settings using webmin.
Using: * Mac OS X 10.6.5 + Webmin 1.550 + Virtualmin 3.66GPL
Expected Results: No problems logging in using ssh.
Actual Results: ssh: connect to host host.domain.tld port 22: Operation timed out
Regression: After more investigation it appears that:
- sshd is correctly started when it is configured to not detach (-D), using
$ sudo /usr/sbin/sshd -D -d -d -d -e
debug2: load_server_config: filename /etc/sshd_config debug2: load_server_config: done config len = 493 debug2: parse_server_config: config /etc/sshd_config len 493 debug3: /etc/sshd_config:14 setting Protocol 2 debug3: /etc/sshd_config:30 setting SyslogFacility AUTHPRIV debug3: /etc/sshd_config:32 setting LogLevel DEBUG3 debug3: /etc/sshd_config:39 setting MaxAuthTries 3 debug3: /etc/sshd_config:108 setting UseDNS no debug3: /etc/sshd_config:111 setting MaxStartups 5 debug3: /etc/sshd_config:119 setting Subsystem sftp /usr/libexec/sftp-server debug3: /etc/sshd_config:121 setting IgnoreRhosts yes debug3: /etc/sshd_config:122 setting IgnoreUserKnownHosts no debug3: /etc/sshd_config:123 setting PrintMotd yes debug3: /etc/sshd_config:124 setting StrictModes yes debug3: /etc/sshd_config:125 setting RSAAuthentication yes debug3: /etc/sshd_config:126 setting PermitEmptyPasswords no debug3: /etc/sshd_config:127 setting PasswordAuthentication yes debug3: /etc/sshd_config:128 setting DenyGroups deniedssh debug3: /etc/sshd_config:129 setting PubkeyAuthentication yes debug3: /etc/sshd_config:130 setting GatewayPorts no debug3: /etc/sshd_config:131 setting AllowTcpForwarding yes debug3: /etc/sshd_config:132 setting KeepAlive yes debug1: sshd version OpenSSH_5.2p1 debug3: Not a RSA1 key file /etc/ssh_host_rsa_key. debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug3: Not a RSA1 key file /etc/ssh_host_dsa_key. debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-D' debug1: rexec_argv[2]='-d' debug1: rexec_argv[3]='-d' debug1: rexec_argv[4]='-d' debug1: rexec_argv[5]='-e' debug2: fd 3 setting O_NONBLOCK debug1: Bind to port 22 on ::. Server listening on :: port 22. debug2: fd 4 setting O_NONBLOCK debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: fd 5 clearing O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug3: send_rexec_state: entering fd = 8 config len 493 debug3: ssh_msg_send: type 0 debug3: send_rexec_state: done debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 debug3: recv_rexec_state: entering fd = 5 debug3: ssh_msg_recv entering debug3: recv_rexec_state: done debug2: parse_server_config: config rexec len 493 debug3: rexec:14 setting Protocol 2 debug3: rexec:30 setting SyslogFacility AUTHPRIV debug3: rexec:32 setting LogLevel DEBUG3 debug3: rexec:39 setting MaxAuthTries 3 debug3: rexec:108 setting UseDNS no debug3: rexec:111 setting MaxStartups 5 debug3: rexec:119 setting Subsystem sftp /usr/libexec/sftp-server debug3: rexec:121 setting IgnoreRhosts yes debug3: rexec:122 setting IgnoreUserKnownHosts no debug3: rexec:123 setting PrintMotd yes debug3: rexec:124 setting StrictModes yes debug3: rexec:125 setting RSAAuthentication yes debug3: rexec:126 setting PermitEmptyPasswords no debug3: rexec:127 setting PasswordAuthentication yes debug3: rexec:128 setting DenyGroups deniedssh debug3: rexec:129 setting PubkeyAuthentication yes debug3: rexec:130 setting GatewayPorts no debug3: rexec:131 setting AllowTcpForwarding yes debug3: rexec:132 setting KeepAlive yes debug1: sshd version OpenSSH_5.2p1 debug3: Not a RSA1 key file /etc/ssh_host_rsa_key. debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug3: Not a RSA1 key file /etc/ssh_host_dsa_key. debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: inetd sockets after dupping: 3, 3 debug3: BSM audit: connection from 1.1.1.247 port 53137 debug3: BSM audit: iptype 4 machine ID 010101d9 00000000 00000000 00000000 Connection from 1.1.1.247 port 53137
A successful connection follows...
- sshd does no longer start and accept inbound connections in inetd mode (-i), using
$ sudo /usr/sbin/sshd -i -d -d -d -e
debug2: load_server_config: filename /etc/sshd_config debug2: load_server_config: done config len = 493 debug2: parse_server_config: config /etc/sshd_config len 493 debug3: /etc/sshd_config:14 setting Protocol 2 debug3: /etc/sshd_config:30 setting SyslogFacility AUTHPRIV debug3: /etc/sshd_config:32 setting LogLevel DEBUG3 debug3: /etc/sshd_config:39 setting MaxAuthTries 3 debug3: /etc/sshd_config:108 setting UseDNS no debug3: /etc/sshd_config:111 setting MaxStartups 5 debug3: /etc/sshd_config:119 setting Subsystem sftp /usr/libexec/sftp-server debug3: /etc/sshd_config:121 setting IgnoreRhosts yes debug3: /etc/sshd_config:122 setting IgnoreUserKnownHosts no debug3: /etc/sshd_config:123 setting PrintMotd yes debug3: /etc/sshd_config:124 setting StrictModes yes debug3: /etc/sshd_config:125 setting RSAAuthentication yes debug3: /etc/sshd_config:126 setting PermitEmptyPasswords no debug3: /etc/sshd_config:127 setting PasswordAuthentication yes debug3: /etc/sshd_config:128 setting DenyGroups deniedssh debug3: /etc/sshd_config:129 setting PubkeyAuthentication yes debug3: /etc/sshd_config:130 setting GatewayPorts no debug3: /etc/sshd_config:131 setting AllowTcpForwarding yes debug3: /etc/sshd_config:132 setting KeepAlive yes debug1: sshd version OpenSSH_5.2p1 debug3: Not a RSA1 key file /etc/ssh_host_rsa_key. debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug3: Not a RSA1 key file /etc/ssh_host_dsa_key. debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: inetd sockets after dupping: 3, 4 debug3: BSM audit: connection from UNKNOWN port 65535 BSM audit: getaddrinfo failed for UNKNOWN: nodename nor servname provided, or not known debug3: BSM audit: iptype 0 machine ID 00000000 00000000 00000000 00000000 Connection from UNKNOWN port 65535 SSH-2.0-OpenSSH_5.2
No connection can be established.
Any suggestion in which direction to look for a fix?