Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: tape on January 09, 2005, 06:07:30 PM
-
hi there,
did an SME update from 5.5 > 5.6 >6.01.1 and (near) all went well until i did an "yum update" and checked the machine with rkhunter. rkhunter did complain a vulnerable SSH so i updated this one with the latest one at sme-swerts-knudsen.dk (and of course i did follow the readme file).
But now.. very strange to me.. i can not login via SSH from a remote host and localhost. I alwas get an authentication failure i my /var/log/message. I have set the syslog login from AUTH to DEGUB in my sshd_config but i can not see anything else than this authentication error in the last two lines there if i am logging in.
Anyone with some hints where i can have a look at or what i can do next? *sigh*
best regards from South Germany
Anton
-
Anton
the rkhunter installation disables ssh protocol version 1 usage (which is good I would say) so you explicitely have to select protocol version 2 in your ssh client (putty?).
Regards,
Michael
-
also download putty again to get the latest version.
-
the rkhunter installation disables ssh protocol version 1 usage (which is good I would say) so you explicitely have to select protocol version 2 in your ssh client (putty?).
yep it is putty, but it does no matter. I selected protocol 2 under putty and still get my authentication error. (i have no local access now, so i just did try an remote access via putty). And it is the latest release of putty 0.56. *doublesigh*
-
Maybe go into the server-manager remote access setting and change them to off, then back to on a minute later, for the ssh access part, so it will maybe reset any bad setting the upgrades had done.
-
Maybe go into the server-manager remote access setting and change them to off, then back to on a minute later, for the ssh access part, so it will maybe reset any bad setting the upgrades had done.
nope.. it didnĀ“t work. The log shows the changes are made but with no different. This machine seems to be sick! maybe i should try removing rkhunter next time (if it was the bad part), but have to wait til i am at the machine. very strange machine....
Anton
-
Some time ago I also experienced this problem. It can be solved by removing the all openssh and SMEServer RPMs and reinstall them. Of course console access is required.
For a colleague without command line skills, I wrote a script which does it all.
If interested, download http://egerards.com/sme_ssh_fix/ssh_fix.sh and execute the script. It will remove mentioned RPMs, download the new ones and install them.
-
I presume you regen'd the config file for ssh and informed SME of the change after the install completed:
/sbin/e-smith/expand-template /etc/ssh/sshd_config
/sbin/e-smith/signal-event remoteaccess-update
HTH
-
I presume you regen'd the config file for ssh and informed SME of the change after the install completed:
yes i did, as described in the readme on the ftp site.
many thanks
Anton
-
Some time ago I also experienced this problem. It can be solved by removing the all openssh and SMEServer RPMs and reinstall them. Of course console access is required.
bingo... it works! I tried reinstalling the openssh* packages only but together with the others it worked great.
many thanks and best regards from South Germany
Anton