[scponly] scponly 4.6 (AIX 5.3) scp not working.htm
Higgins, Bobby G
bobby.g.higgins at citigroup.com
Fri Feb 10 11:13:01 EST 2006
The only thing I get in the syslog file is:
Feb 10 15:05:58 p670l11 syslog:info syslogd: restart
Feb 10 15:06:14 p670l11 auth|security:info boks_sshd[372762]: Failed password for tusr4 from 140.100.93.16 port 33633 ssh2
Feb 10 15:06:14 p670l11 auth|security:info syslog: ssh: failed login attempt for tusr4 from uev880.ny.ssmb.com
Feb 10 15:06:18 p670l11 auth|security:info boks_sshd[372762]: Accepted password for tusr4 from 140.100.93.16 port 33633 ssh2
Feb 10 15:07:14 p670l11 auth|security:info boks_sshd[372770]: Accepted password for tusr4 from 140.100.93.16 port 33691 ssh2
However, the write to the socket is still failing and no indication of the failure in the syslog.
I started the moved the daemon to keep it from respawning, killed the daemon, then restarted the daemon in dubug mode with:
# mv boks_sshd boks_sshd.orig
# kill -9 $(ps -ef | grep boks_sshd | awk '{print $2}')
# boks_sshd.orig -ddd
debug3: mm_auth_password: user authenticated
Accepted password for tusr4 from 140.100.93.16 port 33742 ssh2
debug3: mm_send_keystate: Sending new keys: 20359458 203593b8
debug3: mm_newkeys_to_blob: converting 20359458
debug3: mm_newkeys_to_blob: converting 203593b8
debug3: mm_send_keystate: New keys have been sent
debug3: mm_send_keystate: Sending compression state
debug3: mm_request_send entering: type 24
debug3: mm_send_keystate: Finished sending state
debug3: mm_request_receive leaving
debug3: mm_request_receive_expect leaving
debug3: mm_newkeys_from_blob: 203888d8(139)
debug2: mac_init: found hmac-sha1
debug3: mm_get_keystate: Waiting for second key
debug3: mm_newkeys_from_blob: 203888d8(139)
debug2: mac_init: found hmac-sha1
debug3: mm_get_keystate: Getting compression state
debug3: mm_get_keystate: Getting Network I/O buffers
debug3: mm_share_sync: Share sync
debug3: mm_share_sync: Share sync end
debug2: User child is on pid 278732
debug3: mm_request_receive entering
debug3: AIX/UsrInfo: set len 25
debug1: permanently_set_uid: 12356/1
debug2: set_newkeys: mode 0
debug2: set_newkeys: mode 1
debug1: Entering interactive session for SSH2.
debug2: fd 7 setting O_NONBLOCK
debug2: fd 8 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 131072 max 32768
debug1: input_session_request
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request exec reply 0
debug3: boks_ssh_inactive: BoKS not active
debug1: Received SIGCHLD.
debug2: fd 10 setting O_NONBLOCK
debug2: fd 10 is O_NONBLOCK
debug2: fd 12 setting O_NONBLOCK
debug2: notify_done: reading
debug2: channel 0: request exit-status
debug2: channel 0: write failed
debug2: channel 0: close_write
debug2: channel 0: chan_shutdown_write: shutdown() failed for fd10: Socket is not connected
debug2: channel 0: output open -> closed
debug2: channel 0: read<=0 rfd 10 len 0
debug2: channel 0: read failed
debug2: channel 0: close_read
debug2: channel 0: input open -> drain
debug2: channel 0: read 968 from efd 12
debug2: channel 0: ibuf_empty delayed efd 12/(968)
debug2: channel 0: rwin 131072 elen 968 euse 1
debug2: channel 0: sent ext data 968
debug2: channel 0: read 0 from efd 12
debug2: channel 0: closing read-efd 12
debug2: channel 0: ibuf empty
debug2: channel 0: send eof
debug2: channel 0: input drain -> closed
debug2: channel 0: send close
debug3: channel 0: will not send data after close
debug3: channel 0: will not send data after close
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug3: channel 0: status: The following connections are open:
#0 server-session (t4 r0 i3/0 o3/0 fd 10/10)
debug3: channel 0: close_fds r 10 w 10 e -1
Connection closed by 140.100.93.16
debug3: boks_ssh_inactive: BoKS not active
Closing connection to 140.100.93.16
debug3: mm_request_send entering: type 69
debug3: mm_request_receive leaving
debug3: monitor_read: checking request 69
debug3: mm_answer_term: tearing down sessions
Everything other than scp works. When I transfer files for the scponly account using the sftp, the first difference that I notice in the debug output is:
scp OUTPUT:
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 131072 max 32768
debug1: input_session_request
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request exec reply 0--------------------------DIFFERENT
debug3: boks_ssh_inactive: BoKS not active
debug2: fd 10 setting O_NONBLOCK
debug2: fd 10 is O_NONBLOCK
debug2: fd 12 setting O_NONBLOCK
debug2: channel 0: read 968 from efd 12
debug2: channel 0: rwin 131072 elen 968 euse 1
debug2: channel 0: sent ext data 968
debug1: Received SIGCHLD.
debug2: channel 0: request exit-status
debug2: channel 0: write failed
sftp OUTPUT:
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 131072 max 32768
debug1: input_session_request
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request subsystem reply 1----------------------------DIFFERENT
subsystem request for sftp
debug3: boks_ssh_inactive: BoKS not active
debug2: fd 10 setting O_NONBLOCK
debug2: fd 10 is O_NONBLOCK
I have set # *.debug, *.info, *user, *.notice, *.alert, *.auth, and *.emerg in syslog.conf.
I have tried values 1, 5, and 9 in the debuglevel file and get very little information in the syslog file.
Just to make sure that syslog was logging everything, I killed the syslog daemon and restarted it.
_____
[scponly] scponly 4.6 (AIX 5.3) scp not working
Kaleb Pederson kpederson <mailto:scponly%40lists.ccs.neu.edu?Subject=%5Bscponly%5D%20scponly%204.6%20%28AIX%205.3%29%20scp%20not%20working&In-Reply-To=8A7F2C6BF9F09F49A601FF686B9BC6A80163DA5F%40EXNJMB68.nam.nsroot.net> at mail.ewu.edu
Thu Feb 9 14:51:15 EST 2006
* Previous message: [scponly] scponly 4.6 (AIX 5.3) <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/001162.html> scp not working
* Messages sorted by: [ date ] <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/date.html#1163> [ thread ] <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/thread.html#1163> [ subject <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/subject.html#1163> ] [ author ] <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/author.html#1163>
_____
Bobby,
Could you turn on debugging by doing the following:
echo "1" > /opt/scponly/etc/debuglevel
(NOTE:, I'm not sure if it uses sysconfdir... if it does it might be in a
different path. perhaps /etc/opt/scponly/debuglevel)
Once debugging is on, when you connect to scponly it will write some debugging
information to syslog that will help us determine why it isn't working,
assuming you send it on of course.
Thanks.
--Kaleb
On Thursday 09 February 2006 11:25 am, Higgins, Bobby G wrote:
> I have compiled using the AIX C compiler. When a user has the scponly
> shell and attempts 'scp' access the connection fails when trying to write
> the the channel 0 (socket). The 'sftp' access works fine. When a scponly
> user (tusr4) attempts to login with ssh, the session is closed, as it
> should.
>
> I configured with:
> ./configure --prefix=/opt/scponly --disable-winscp-compat
> --enable-rsync-compat --enable-scp-compat --sysconfdir=/etc/opt
>
> Created an account:
> tusr4:!:12356:1::/home/tusr4:/opt/scponly/bin/scponly
>
> On the server boks_sshd -dddd:
> . . .
> debug3: mm_auth_password: user authenticated
> Accepted password for tusr4 from 140.100.93.16 port 43324 ssh2
> debug3: mm_send_keystate: Sending new keys: 20359238 20359198
> debug3: mm_newkeys_to_blob: converting 20359238
> debug3: mm_newkeys_to_blob: converting 20359198
> debug3: mm_send_keystate: New keys have been sent
> debug3: mm_send_keystate: Sending compression state
> debug3: mm_request_send entering: type 24
> debug3: mm_send_keystate: Finished sending state
> debug3: mm_request_receive leaving
> debug3: mm_request_receive_expect leaving
> debug3: mm_newkeys_from_blob: 203886d8(139)
> debug2: mac_init: found hmac-sha1
> debug3: mm_get_keystate: Waiting for second key
> debug3: mm_newkeys_from_blob: 203886d8(139)
> debug2: mac_init: found hmac-sha1
> debug3: mm_get_keystate: Getting compression state
> debug3: mm_get_keystate: Getting Network I/O buffers
> debug3: mm_share_sync: Share sync
> debug3: mm_share_sync: Share sync end
> debug2: User child is on pid 286948
> debug3: mm_request_receive entering
> debug3: AIX/UsrInfo: set len 25
> debug1: permanently_set_uid: 12356/1
> debug2: set_newkeys: mode 0
> debug2: set_newkeys: mode 1
> debug1: Entering interactive session for SSH2.
> debug2: fd 7 setting O_NONBLOCK
> debug2: fd 8 setting O_NONBLOCK
> debug1: server_init_dispatch_20
> debug1: server_input_channel_open: ctype session rchan 0 win 131072 max
> 32768 debug1: input_session_request
> debug1: server_input_channel_open: confirm session
> debug1: server_input_channel_req: channel 0 request exec reply 0
> debug3: boks_ssh_inactive: BoKS not active
> debug1: Received SIGCHLD.
> debug2: fd 10 setting O_NONBLOCK
> debug2: fd 10 is O_NONBLOCK
> debug2: fd 12 setting O_NONBLOCK
> debug2: notify_done: reading
> debug2: channel 0: request exit-status
> debug2: channel 0: write failed
> debug2: channel 0: close_write
> debug2: channel 0: chan_shutdown_write: shutdown() failed for fd10: Socket
> is not connected debug2: channel 0: output open -> closed
> . . .
>
> >From the client scp -vvvv tusr4 at remotehost <https://lists.ccs.neu.edu/bin/listinfo/scponly> :dos.txt DOS.TXT:
>
> . . .
> debug1: Authentication succeeded (password).
> debug2: fd 5 setting O_NONBLOCK
> debug2: fd 6 setting O_NONBLOCK
> debug1: channel 0: new [client-session]
> debug3: ssh_session2_open: channel_new: 0
> debug2: channel 0: send open
> debug1: Entering interactive session.
> debug2: callback start
> debug2: ssh_session2_setup: id 0
> debug1: Sending command: scp -v -f dos.txt
> debug2: channel 0: request exec
> debug2: callback done
> debug2: channel 0: open confirm rwindow 0 rmax 32768
> debug2: channel 0: rcvd adjust 131072
> debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
> debug2: channel 0: rcvd ext data 968
> debug3: channel 0: close_fds r -1 w -1 e -1
> debug2: channel 0: written 968 to efd 7
> debug2: channel 0: rcvd eof
> debug2: channel 0: output open -> drain
> debug2: channel 0: obuf empty
> debug2: channel 0: close_write
> debug2: channel 0: output drain -> closed
> debug2: channel 0: rcvd close
> debug2: channel 0: close_read
> debug2: channel 0: input open -> closed
> debug3: channel 0: will not send data after close
> debug2: channel 0: almost dead
> debug2: channel 0: gc: notify user
> debug2: channel 0: gc: user detached
> debug2: channel 0: send close
> debug2: channel 0: is dead
> debug2: channel 0: garbage collecting
> debug1: channel 0: free: client-session, nchannels 1
> debug3: channel 0: status: The following connections are open:
> #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1)
> debug3: channel 0: close_fds r -1 w -1 e 7
> debug1: fd 0 clearing O_NONBLOCK
> debug1: fd 1 clearing O_NONBLOCK
> debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds
> debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
> debug1: Exit status 1
>
> Bobby Higgins
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20060209/9d0bed41/attachment.bin
_____
* Previous message: [scponly] scponly 4.6 (AIX 5.3) <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/001162.html> scp not working
* Messages sorted by: [ date ] <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/date.html#1163> [ thread ] <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/thread.html#1163> [ subject <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/subject.html#1163> ] [ author ] <https://lists.ccs.neu.edu/pipermail/scponly/2006-February/author.html#1163>
_____
More information about <https://lists.ccs.neu.edu/bin/listinfo/scponly> the scponly mailing list
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the scponly
mailing list