# SSH Auth Fail

## alienjon

There's an app on my Android called Home Remote Control Pro.  It's basically a remote-control for your phone to Windows/Mac via a custom java-server and via Linux via ssh.  I initially tried the free version and eventually paid for the full version (no ads and unlimited device connections) and things were working great.  Then one day it all stopped working.  I could no longer connect to my Gentoo desktop and received a simple 'Auth Fail' message in the app.  The app still connects fine to my Windows 10 partition and connects fine to my Ubuntu laptop (via the custom java-server and a ssh server, respectively).  I've had several back and forth emails with the dev, who can't seem to reproduce the issue and when my Ubuntu laptop was able to connect it made me realize that it's a problem with my Gentoo box somewhere.

Some background info:

```
Linux compy_gentoo 4.0.5-gentoo #2 SMP Sat Jul 18 11:32:20 EDT 2015 x86_64 Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz GenuineIntel GNU/Linux
```

```
[ebuild   R    ] net-misc/openssh-6.9_p1-r2::gentoo  USE="X hpn ldap ldns pam pie sctp skey ssl -X509 -bindist -debug -kerberos -libedit (-selinux) -ssh1 -static" 1,498 KiB
```

Also, the following appears in my auth.log when I try to connect:

```
error: Received disconnect from 192.168.1.11: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]
```

That IP is my internal IP (statically set by the router) for my phone.  My computer is statically set to *.*.*.10.  I do not use a public key - this is a password login.  Interestingly, I have an SSH app that connects to this same computer just fine, so there's something about the way this app is connecting that isn't agreeing with my current setup.  Unfortunately, the error that's thrown appears to be fairly generic and I'm not sure how to troubleshoot farther.  Any thoughts?

----------

## massimo

If you're not able to debug the connection setup on the client-side do it on your ssh server (LogLevel DEBUG). You could also capture the traffic using tcpdump/wireshark.

----------

## alienjon

 *massimo wrote:*   

> If you're not able to debug the connection setup on the client-side do it on your ssh server (LogLevel DEBUG). You could also capture the traffic using tcpdump/wireshark.

 

Below are the debugged SSH info and wireshark dump info:

```
09/09/15 07:44:49 AM   compy_gentoo   sshd[4548]   debug1: Forked child 4555.

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   Set /proc/self/oom_score_adj to 0

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: inetd sockets after dupping: 3, 3

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   Connection from 192.168.1.11 port 59961 on 192.168.1.10 port 22

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: no match: JSCH-0.1.53

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Enabling compatibility mode for protocol 2.0

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Client protocol version 2.0; client software version JSCH-0.1.53

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Local version string SSH-2.0-OpenSSH_6.9p1-hpn14v5

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: HPN Disabled: 0, HPN Buffer Size: 87380

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: permanently_set_uid: 22/22 [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: SSH2_MSG_KEXINIT sent [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: SSH2_MSG_KEXINIT received [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: AUTH STATE IS 0 [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: kex: client->server aes128-ctr hmac-sha1 none [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: kex: server->client aes128-ctr hmac-sha1 none [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: SSH2_MSG_NEWKEYS sent [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: expecting SSH2_MSG_NEWKEYS [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: SSH2_MSG_NEWKEYS received [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: KEX done [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: userauth-request for user alienjon service ssh-connection method none [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: attempt 0 failures 0 [preauth]

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Config token is loglevel

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Config token is passwordauthentication

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Config token is usepam

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Config token is printmotd

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Config token is printlastlog

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Config token is useprivilegeseparation

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Config token is subsystem

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: Config token is acceptenv

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: PAM: initializing for "alienjon"

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: PAM: setting PAM_RHOST to "192.168.1.11"

09/09/15 07:44:49 AM   compy_gentoo   sshd[4555]   debug1: PAM: setting PAM_TTY to "ssh"

09/09/15 07:44:50 AM   compy_gentoo   sshd[4555]   error: Received disconnect from 192.168.1.11: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]

09/09/15 07:44:50 AM   compy_gentoo   sshd[4555]   Disconnected from 192.168.1.11 [preauth]

09/09/15 07:44:50 AM   compy_gentoo   sshd[4555]   debug1: do_cleanup [preauth]

09/09/15 07:44:50 AM   compy_gentoo   sshd[4555]   debug1: PAM: cleanup

09/09/15 07:44:50 AM   compy_gentoo   sshd[4555]   debug1: do_cleanup

09/09/15 07:44:50 AM   compy_gentoo   sshd[4555]   debug1: monitor_read_log: child log fd closed

09/09/15 07:44:50 AM   compy_gentoo   sshd[4555]   debug1: Killing privsep child 4560
```

As for the Wireshark info, I really haven't used this program before, and figuring that sending a dump of the info would likely contain sensitive info, I'm including a screenshot (though please let me know if there's any particular information that I could provide which would be helpful, I'd ask for help in how to obtain it otherwise, however): http://charlies-server.com/~alienjon/Media/wireshark.png

The only thing that jumped out to me was in the debug log, where it mentioned "no match: JSCH-0.1.53".  I don't have JSCH installed, though I didn't before either when the program ran fine.  I installed version 0.1.49 (the stable version in my tree - 0.1.53 isn't even in the tree) anyway, but the same error comes up.

----------

## alienjon

 *alienjon wrote:*   

> I installed version 0.1.49 (the stable version in my tree - 0.1.53 isn't even in the tree) anyway, but the same error comes up.

 

After some searching I found that the vaca overlay contains 0.1.53.  Installing this version doesn't change anything.

----------

## alienjon

I figured out the cause.  Apparently my SSH server was configured such that:

```
PasswordAuthentication no
```

JSCH doesn't seem to like this.  Enabling this (commenting out the line) allows the app to connect, but is this something I'll want to keep like this?  I'm not sure how this will or won't effect my system security.

----------

## NeddySeagoon

alienjon,

You should disable root logins.  That's just become the default.

The reason is that you need a user name and password to connect and every Linux has a root user.

Put your normal user in the wheel group and use su - or sudo su -  to become root when its needed.

How secure 

```
PasswordAuthentication yes
```

is depends on the strenght of your password and the size of the hash space.

If an attacker can generate a hash collision, now trivial with MD5, they don't need the same password as you use.

MD5 was dropped as a password hash algorithm years ago now.

The biggest risk is poor passwords and social engineering.

If you disable password login altogether, you will need a ssh key pair. You put the public part on the server and keep the private part secret.

The private key still needs a password to unlock it but the password is never sent over the internet - not even in an encrypted form.

Even if password logins are disabled, sshd still goes through the password login sequence but it always ends in failure.

----------

## alienjon

Hi NeddySeagoon!  Long time no talk  :Smile: 

 *NeddySeagoon wrote:*   

> You should disable root logins.

 

Do you mean uncommenting?:

```
#PermitRootLogin no
```

This app accepts SSH Key files w/ passcodes.  I've never really gone into more depth than simple logins (and my user is in the wheel group, so direct root logins aren't necessary).  I'm going to look into the Gentoo SSH handbook (unless someone has a better suggestion for reading material).

----------

## NeddySeagoon

alienjon,

There is no need.  The commented options in sshd.config are the defaults.  You only need uncomment them if you want to change them.

```
#PermitRootLogin no
```

is therefore the default.

Of course, you should always test these things  :)

Trust but verify.

You might have 

```
PermitRootLogin yes
```

elsewhere in the file.

----------

## depontius

 *NeddySeagoon wrote:*   

> alienjon,
> 
> ```
> #PermitRootLogin no
> ```
> ...

 

Unfortunately either rkhunter or chkrootkit really likes to see this line uncommented - it doesn't like to rely on default behavior.

So I uncomment it, just to keep it from squawking.

----------

## NeddySeagoon

depontius,

Until recently, 

```
#PermitRootLogin yes
```

 was the default.

I found out the hard way as my router KVM only has a root account.

I must have missed it at etc-update then after a reboot ...  :)

----------

## alienjon

It sounds like the key-pair is the better way to go (short of a exceedingly strong password) as it could theoretically utilize both a password (passcode?) in addition to the key pair.  I have a key pair that I use for an SSH terminal (also on my phone) that doesn't seem to work for the app.  Same error on the app, (Auth Fail).  I wonder if this could also be a configuration issue, but - again - works in a terminal emulator.  In the app, the auth.log returns:

```
09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Killing privsep child 15790

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: do_cleanup

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: PAM: cleanup

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: do_cleanup [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   Disconnected from 192.168.1.11 [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   error: Received disconnect from 192.168.1.11: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   Failed none for alienjon from 192.168.1.11 port 43826 ssh2

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: attempt 1 failures 0 [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: userauth-request for user alienjon service ssh-connection method password [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: PAM: setting PAM_TTY to "ssh"

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: PAM: setting PAM_RHOST to "192.168.1.11"

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: PAM: initializing for "alienjon"

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is subsystem

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is acceptenv

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is useprivilegeseparation

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is printlastlog

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is printmotd

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is usepam

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is hostbasedauthentication

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is pubkeyauthentication

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is rsaauthentication

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is permitrootlogin

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is loglevel

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: attempt 0 failures 0 [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Config token is syslogfacility

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: userauth-request for user alienjon service ssh-connection method none [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: KEX done [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: SSH2_MSG_NEWKEYS received [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: expecting SSH2_MSG_NEWKEYS [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: SSH2_MSG_NEWKEYS sent [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: kex: server->client aes128-ctr hmac-sha1 none [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: kex: client->server aes128-ctr hmac-sha1 none [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: AUTH STATE IS 0 [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: SSH2_MSG_KEXINIT received [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: SSH2_MSG_KEXINIT sent [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: permanently_set_uid: 22/22 [preauth]

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Local version string SSH-2.0-OpenSSH_6.9p1-hpn14v5

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: no match: JSCH-0.1.53

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Enabling compatibility mode for protocol 2.0

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: Client protocol version 2.0; client software version JSCH-0.1.53

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: HPN Disabled: 0, HPN Buffer Size: 87380

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   Connection from 192.168.1.11 port 43826 on 192.168.1.10 port 22

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: inetd sockets after dupping: 3, 3

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   Set /proc/self/oom_score_adj to 0

09/13/15 05:50:51 PM   compy_gentoo   sshd[15785]   debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8

09/13/15 05:50:51 PM   compy_gentoo   sshd[2453]   debug1: Forked child 15785.
```

In the terminal emulator, I get:

```
09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_input_channel_req: session 0 req window-change

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_by_channel: session 0 channel 0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: server_input_channel_req: channel 0 request window-change reply 0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15503]   debug1: Setting controlling tty using TIOCSCTTY.

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_input_channel_req: session 0 req shell

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   Starting session: shell on pts/4 for alienjon from 192.168.1.11 port 33095

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_by_channel: session 0 channel 0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: server_input_channel_req: channel 0 request shell reply 1

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_pty_req: session 0 alloc /dev/pts/4

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: Allocating pty.

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: session_new: session 0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_input_channel_req: session 0 req pty-req

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_by_channel: session 0 channel 0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: server_input_channel_req: channel 0 request pty-req reply 1

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: SSH2_MSG_NEWKEYS received

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: spawned a thread

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: spawned a thread

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: set_newkeys: rekeying

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: expecting SSH2_MSG_NEWKEYS

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: SSH2_MSG_NEWKEYS sent

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: dequeue packet: 91

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: spawned a thread

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: spawned a thread

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: set_newkeys: rekeying

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: expecting SSH2_MSG_KEXDH_INIT

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: kex: server->client aes128-ctr hmac-sha1 none

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: kex: client->server aes128-ctr hmac-sha1 none

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: REQUESTED ENC.NAME is 'aes128-ctr'

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: REQUESTED ENC.NAME is 'aes128-ctr'

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: AUTH STATE IS 1

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: SSH2_MSG_KEXINIT received

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: enqueue packet: 91

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: server_input_channel_open: confirm session

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_open: session 0: link with channel 0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_new: session 0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: session_open: channel 0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: channel 0: new [server-session]

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: input_session_request

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: server_input_channel_open: ctype session rchan 0 win 262144 max 32768

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: SSH2_MSG_KEXINIT sent

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: need rekeying

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: server_init_dispatch_20

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: Single to Multithreaded CTR cipher swap - server request

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: Entering interactive session for SSH2.

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: ssh_packet_set_postauth: called

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: permanently_set_uid: 1000/1000

09/13/15 05:40:14 PM   compy_gentoo   sshd[15498]   debug1: PAM: establishing credentials

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   User child is on pid 15498

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   pam_unix(sshd:session): session opened for user alienjon by (uid=0)

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: PAM: establishing credentials

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: monitor_read_log: child log fd closed

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   Accepted publickey for alienjon from 192.168.1.11 port 33095 ssh2: RSA SHA256:{series of characters that I should probably not share in the interwebs}

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: monitor_child_preauth: alienjon has been authenticated by privileged process

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: do_pam_account: called

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: restore_uid: 0/0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: matching key found: file /home/alienjon/.ssh/authorized_keys, line 1 RSA SHA256:{series of characters that I should probably not share in the interwebs}

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: fd 4 clearing O_NONBLOCK

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: temporarily_use_uid: 1000/1000 (e=0/0)

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: trying public key file /home/alienjon/.ssh/authorized_keys

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: attempt 2 failures 0 [preauth]

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: userauth-request for user alienjon service ssh-connection method publickey [preauth]

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   Postponed publickey for alienjon from 192.168.1.11 port 33095 ssh2 [preauth]

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: restore_uid: 0/0

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: matching key found: file /home/alienjon/.ssh/authorized_keys, line 1 RSA SHA256:{series of characters that I should probably not share in the interwebs}

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: fd 4 clearing O_NONBLOCK

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: trying public key file /home/alienjon/.ssh/authorized_keys

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: temporarily_use_uid: 1000/1000 (e=0/0)

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: attempt 1 failures 0 [preauth]

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: test whether pkalg/pkblob are acceptable [preauth]

09/13/15 05:40:14 PM   compy_gentoo   sshd[15481]   debug1: userauth-request for user alienjon service ssh-connection method publickey [preauth]

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: PAM: setting PAM_TTY to "ssh"

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: PAM: setting PAM_RHOST to "192.168.1.11"

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is loglevel

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: PAM: initializing for "alienjon"

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is acceptenv

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is subsystem

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is useprivilegeseparation

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is printlastlog

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is printmotd

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is usepam

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is hostbasedauthentication

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is pubkeyauthentication

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is rsaauthentication

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is permitrootlogin

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: Config token is syslogfacility

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: attempt 0 failures 0 [preauth]

09/13/15 05:39:12 PM   compy_gentoo   sshd[15481]   debug1: userauth-request for user alienjon service ssh-connection method none [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: KEX done [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: SSH2_MSG_NEWKEYS received [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: expecting SSH2_MSG_NEWKEYS [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: SSH2_MSG_NEWKEYS sent [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: expecting SSH2_MSG_KEXDH_INIT [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: kex: server->client aes128-ctr hmac-sha1 none [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: kex: client->server aes128-ctr hmac-sha1 none [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: AUTH STATE IS 0 [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: SSH2_MSG_KEXINIT received [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: SSH2_MSG_KEXINIT sent [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: permanently_set_uid: 22/22 [preauth]

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: Local version string SSH-2.0-OpenSSH_6.9p1-hpn14v5

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: Enabling compatibility mode for protocol 2.0

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: no match: libssh2_1.4.3

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: Client protocol version 2.0; client software version libssh2_1.4.3

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   debug1: HPN Disabled: 0, HPN Buffer Size: 87380

09/13/15 05:39:11 PM   compy_gentoo   sshd[15481]   Connection from 192.168.1.11 port 33095 on 192.168.1.10 port 22
```

----------

