# Stupid SSH question

## KePSuX

I emerged world a few days ago, and now sshd is broken. I'm pretty sure it is running --

```
asianstation init.d # ps -aux | grep ssh

Warning: bad syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html

root      3155  0.0  0.1  2936 1368 ?        S     2003   0:00 /usr/sbin/sshd

eric      3325  0.0  0.0  2500  704 ?        S     2003   0:00 /usr/bin/ssh-agent -- /etc/X11/gdm/gnomerc

root      6336  0.0  0.0  1412  476 pts/1    S    22:57   0:00 grep ssh

```

but when i try to connect from another machine I am getting --

```
[root@server root]# ssh eric@192.168.1.4

Connection closed by 192.168.1.4

```

Oh, and I ran 

```
asianstation init.d # rc-update add sshd default

 * sshd already installed in runlevel default; skipping

```

just for giggles. 

Here is my /etc/ssh/sshd_config file

```
#       $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $

                                                                                

# This is the sshd server system-wide configuration file.  See

# sshd_config(5) for more information.

                                                                                

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

                                                                                

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented.  Uncommented options change a

# default value.

 

#Port 22

#Protocol 2,1

#ListenAddress 0.0.0.0

#ListenAddress ::

 

# HostKey for protocol version 1

#HostKey /etc/ssh/ssh_host_key

# HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

#HostKey /etc/ssh/ssh_host_dsa_key

 

# Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 1h

#ServerKeyBits 768

 

# Logging

#obsoletes QuietMode and FascistLogging

#SyslogFacility AUTH

#LogLevel INFO

 

# Authentication:

 

#LoginGraceTime 2m

#PermitRootLogin yes

#StrictModes yes

 

#RSAAuthentication yes

#PubkeyAuthentication yes

#AuthorizedKeysFile     .ssh/authorized_keys

 

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

#RhostsRSAAuthentication no

# similar for protocol version 2

#HostbasedAuthentication no

# Change to yes if you don't trust ~/.ssh/known_hosts for

# RhostsRSAAuthentication and HostbasedAuthentication

#IgnoreUserKnownHosts no

# Don't read the user's ~/.rhosts and ~/.shosts files

#IgnoreRhosts yes

 

# To disable tunneled clear text passwords, change to no here!

#PasswordAuthentication yes

#PermitEmptyPasswords no

 

# Change to no to disable s/key passwords

#ChallengeResponseAuthentication yes

 

# Kerberos options

#KerberosAuthentication no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes

 

# GSSAPI options

#GSSAPIAuthentication no

#GSSAPICleanupCreds yes

 

# Set this to 'yes' to enable PAM authentication (via challenge-response)

# and session processing. Depending on your PAM configuration, this may

# bypass the setting of 'PasswordAuthentication'

#UsePAM yes

 

#AllowTcpForwarding yes

#GatewayPorts no

X11Forwarding yes

#X11DisplayOffset 10

#X11UseLocalhost yes

#PrintMotd yes

#PrintLastLog yes

#KeepAlive yes

#UseLogin no

#UsePrivilegeSeparation yes

#PermitUserEnvironment no

#Compression yes

#ClientAliveInterval 0

#ClientAliveCountMax 3

#UseDNS yes

#PidFile /var/run/sshd.pid

#MaxStartups 10

 

# no default banner path

#Banner /some/path

 

# override default of no subsystems

Subsystem       sftp    /usr/lib/misc/sftp-server

```

Any ideas? Thanks!

----------

## dinomite

Might you have a firewall that is blocking it (try iptables-save).  See if you can ssh from that machine (ssh localhost); if you can do that, then it's a networking problem.

----------

## KePSuX

```
asianstation root # ssh root@localhost

Connection closed by UNKNOWN

```

Nope. Its on the machine. There isn;t any firewall between the two machines I am ssh'ing between - just a hub.

----------

## k9

I agree that the immediate connection refused error message seems like some sort of firewall issue (perhaps firewall rules on the machine thats running sshd).

Nonetheless, what does this command display?

```
ssh -vvv localhost
```

Is there anything helpful in there?

 *Quote:*   

> 
> 
> ```
> asianstation root # ssh root@localhost
> 
> ...

 

Also, do not try to ssh directly in as root when you have 

```
PermitRootLogin yes
```

 commented out in sshd_config (and I would recommend that you leave this setting the way it is).

----------

## KePSuX

```
eric@asianstation eric $ ssh -vvv eric@localhost

OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.6k 30 Sep 2003

debug1: Reading configuration data /etc/ssh/ssh_config

debug2: ssh_connect: needpriv 0

debug1: Connecting to localhost [127.0.0.1] port 22.

debug1: Connection established.

debug1: identity file /home/eric/.ssh/identity type -1

debug1: identity file /home/eric/.ssh/id_rsa type -1

debug1: identity file /home/eric/.ssh/id_dsa type -1

debug1: Remote protocol version 1.99, remote software version OpenSSH_3.7.1p2

debug1: match: OpenSSH_3.7.1p2 pat OpenSSH*

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2

debug1: SSH2_MSG_KEXINIT sent

Connection closed by UNKNOWN

debug1: Calling cleanup 0x8066760(0x0)

```

It's all greek to me....

 *Quote:*   

>  *Quote:*   
> 
> ```
> asianstation root # ssh root@localhost
> 
> ...

 

I normally don't. Opps.

----------

## gejo

please give me the output of

ifconfig in two pc's  :Smile: 

----------

## gakula

it seems to be a dns problem

try to set "UseDNS No"

----------

## k9

 *Quote:*   

> It's all greek to me.... 

 

From what I can tell, it makes it pretty clear that the ssh client is connecting to sshd, and for some reason the connection is getting dropped after it has already been sucessfully established.

As for how to fix it, I'm not sure at the moment.  If you haven't done this yet, you could try restarting sshd with '/etc/init.d/sshd restart'.

Do you have sshd set up on both of these machines?  Does this problem happen on both of them?

----------

## KePSuX

 *gejo wrote:*   

> please give me the output of
> 
> ifconfig in two pc's 

 

Tried. No Dice. 

 *k9 wrote:*   

>  *Quote:*   It's all greek to me....  
> 
> From what I can tell, it makes it pretty clear that the ssh client is connecting to sshd, and for some reason the connection is getting dropped after it has already been sucessfully established.
> 
> As for how to fix it, I'm not sure at the moment.  If you haven't done this yet, you could try restarting sshd with '/etc/init.d/sshd restart'.
> ...

 

This is interesting. 

```
root@asianstation / # /etc/init.d/sshd restart

 * Starting sshd...

Missing privilege separation directory: /var/empty                        [ !! ] 

```

Yes, both machines are running sshd, this is the only one thats messed up. The working machine is a redhat 9 machine, and this machine is a Gentoo box. It broke when I emerged world. Im sure it has something to do with the above error during the sshd restart. I son't know what that means though. What on earth is /var/empty?

----------

## fleed

I have a /var/empty dir and according to qpkg -f /var/empty/.keep/.keep it was created by net-misc/openssh. Do you have that dir? What are the permissions for that dir? For me it's:

drwxr-xr-x    3 root     root         4096 2003-09-23 23:36 /var/empty/

----------

## MrPyro

On my system (and I assume this is default because I certainly haven't messed with it) /var/empty is the sshd user's home directory (defined in /etc/passwd). Maybe the problem is connected to the sshd user.

```

master var # ls -ld /var/empty/

drwxr-xr-x    3 root     root         4096 Sep 29 14:00 /var/empty/

```

That's what it looks like on my (ssh currently functioning) machine.

----------

## BackSeat

You NEED /var/empty. Create it, and all will be fine.

BS

----------

## KePSuX

 *BackSeat wrote:*   

> You NEED /var/empty. Create it, and all will be fine.
> 
> BS

 

Ok, awesome. Im back up and rocking. How come emerge world removed /var/empty ?

Also, what is the purpose of /var/empty ?

----------

## k9

 *Quote:*   

> Also, what is the purpose of /var/empty ?

 

```
$ man sshd

...

     /var/empty

             chroot(2) directory used by sshd during privilege separation in

             the pre-authentication phase.  The directory should not contain

             any files and must be owned by root and not group or world-

             writable.

...

```

 *Quote:*   

> How come emerge world removed /var/empty ? 

 

Not sure.  Also, I've got  this:

```

drwxr-xr-x    2 root     root         4096 2003-12-08 16:37 ./

drwxr-xr-x   13 root     root         4096 2003-10-30 18:14 ../

-rw-r--r--    1 root     root            0 2003-09-16 22:10 .keep.backup

```

You might want to use "touch /var/empty/.keep.backup" as root to create that file.  I'm certain I didn't manually create that file.  Not sure if that .keep file is significant, but this thread makes it sound like it might be:

https://forums.gentoo.org/viewtopic.php?p=275046#275046

I'm also not sure what the significance is of the .backup appended to the filename.

----------

