Re: [gentoo-user] SSH won't restart
On Saturday 08 September 2007 16:40:34 Grant wrote: I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. This thread went on for a long time, which I mostly ignored TBH. However, I think I just found a solution. openssh, in some circumstances (I believe to be openssl changing ABI), will not restart as you found. It will only not restart when it's being actively used, so you can't do so will logged in. To restart it when your logged out on a remote server is simply a matter of doing this: # (sleep 15 /etc/init.d/sshd restart) Then getting all ssh sessions logged out within 15 seconds. I've just done this on a remote system and can now happily log back in, and restart ssh without issue. -- Mike Williams -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On Tue, 11 Sep 2007 12:30:56 -0700 Grant [EMAIL PROTECTED] wrote: How does my host get root access like that? - Grant Auto-logged in console, perhaps? Or access to the filesystem on a locally administered fileserver or something? -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On Mon, 10 Sep 2007 13:14:20 -0700 Grant [EMAIL PROTECTED] wrote: Thank you but doesn't it look like there must be a problem that is preventing my sshd from starting? Won't '/usr/bin/sshd -p 3' just fail, or is that more likely to work than '/etc/init.d/sshd start'? It seems to me that the problem is probably the initscript is confused, and not that the config files are bad and the daemon can't start. Also, is '/usr/bin/sshd' sufficient? Why not port 22? It is. No reason at all. But if you started it before the original ssh server had been stopped, you'd have to start it on a different port so that it didn't conflict with the original. - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On Mon, 10 Sep 2007 13:48:12 -0700 Grant [EMAIL PROTECTED] wrote: What about just having them reboot and start my manual daemon? Would that accomplish the same thing? That would probably work too, but I don't think rebooting is likely to help. At the very best it's an additional waiting period before the box is back up. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Thank you but doesn't it look like there must be a problem that is preventing my sshd from starting? Won't '/usr/bin/sshd -p 3' just fail, or is that more likely to work than '/etc/init.d/sshd start'? It seems to me that the problem is probably the initscript is confused, and not that the config files are bad and the daemon can't start. Also, is '/usr/bin/sshd' sufficient? Why not port 22? It is. No reason at all. But if you started it before the original ssh server had been stopped, you'd have to start it on a different port so that it didn't conflict with the original. Guys, I'm in! I had my host execute: sshd and now I'm logged in, the sshd initscript was already running, and it restarts perfectly. All is well! Thank you for your help! How does my host get root access like that? - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Hi, On Tue, 11 Sep 2007 12:30:56 -0700 Grant [EMAIL PROTECTED] wrote: How does my host get root access like that? Different possibilities, but hardware access in most cases means root access (although maybe only to encrypted partitions...). Easiest: Reboot (CTRL-ALT-DEL, no password needed), change kernel command line in boot loader to /boot/mykernel root=/dev/whatever init=/bin/bash And that's it, basically. The admin could have made a backup of /etc/shadow, resetted root password, rebooted into normal system, restored /etc/shadow. If it is a virtual server, this might be even easier. -hwh -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On Tuesday 11 September 2007, Grant [EMAIL PROTECTED] wrote about 'Re: [gentoo-user] SSH won't restart': How does my host get root access like that? Physical access to the box = root in many cases. Also, if it's some vserver type setup, root on the host can get root access on the guest machines. -- Boyd Stephen Smith Jr. ,= ,-_-. =. [EMAIL PROTECTED] ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.org/ \_/ signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] SSH won't restart
How does my host get root access like that? Physical access to the box = root in many cases. Also, if it's some vserver type setup, root on the host can get root access on the guest machines. Ok, thanks again everyone. - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. I had a similar issue after a previous update to ssh when I went to restart it to get it to use the new binaries. One of the nice features of sshd is that your current session will say active even if you kill the sshd daemon process. Of course, if you get disconnected then you will not be able to log back in, so it's good to do what you need to quickly if you do need to kill (or if it's really stuck, kill -9) the process. When I had this problem I issued a `kill -9 PID_NUMBER /etc/init.d/sshd start` - just be sure that you're killing the /usr/sbin/sshd process and not one of your sshd login forks at the same time. OK, I've got to be really careful here. I see the following processes in 'ps -ef': root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd root 7573 2988 0 07:28 ?00:00:00 sshd: [EMAIL PROTECTED]/0 Should I: kill -9 2988 /etc/init.d/sshd start Are you sure? :) - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On Mon, 10 Sep 2007 09:58:53 -0700 Grant [EMAIL PROTECTED] wrote: OK, I've got to be really careful here. I see the following processes in 'ps -ef': root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd root 7573 2988 0 07:28 ?00:00:00 sshd: [EMAIL PROTECTED]/0 Should I: kill -9 2988 /etc/init.d/sshd start Are you sure? :) It worked for me, I tested it. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
This process is the ssh daemon: root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd Two things: before killing the process with the KILL signal, I would try killing it with TERM kill -TERM 2988 If that doesn't work then kill the process with the KILL signal. I would also use: /etc/init.d/sshd restart This will give the init script a chance to do some cleanup work before restarting -Best of Luck, Stephen On 9/10/07, Grant [EMAIL PROTECTED] wrote: I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. I had a similar issue after a previous update to ssh when I went to restart it to get it to use the new binaries. One of the nice features of sshd is that your current session will say active even if you kill the sshd daemon process. Of course, if you get disconnected then you will not be able to log back in, so it's good to do what you need to quickly if you do need to kill (or if it's really stuck, kill -9) the process. When I had this problem I issued a `kill -9 PID_NUMBER /etc/init.d/sshd start` - just be sure that you're killing the /usr/sbin/sshd process and not one of your sshd login forks at the same time. OK, I've got to be really careful here. I see the following processes in 'ps -ef': root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd root 7573 2988 0 07:28 ?00:00:00 sshd: [EMAIL PROTECTED]/0 Should I: kill -9 2988 /etc/init.d/sshd start Are you sure? :) - Grant -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
This process is the ssh daemon: root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd Two things: before killing the process with the KILL signal, I would try killing it with TERM kill -TERM 2988 If that doesn't work then kill the process with the KILL signal. I would also use: /etc/init.d/sshd restart This will give the init script a chance to do some cleanup work before restarting Do this: kill -TERM 2988 /etc/init.d/sshd restart and if that doesn't work, do: kill -9 2988 /etc/init.d/sshd restart ? - Grant I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. I had a similar issue after a previous update to ssh when I went to restart it to get it to use the new binaries. One of the nice features of sshd is that your current session will say active even if you kill the sshd daemon process. Of course, if you get disconnected then you will not be able to log back in, so it's good to do what you need to quickly if you do need to kill (or if it's really stuck, kill -9) the process. When I had this problem I issued a `kill -9 PID_NUMBER /etc/init.d/sshd start` - just be sure that you're killing the /usr/sbin/sshd process and not one of your sshd login forks at the same time. OK, I've got to be really careful here. I see the following processes in 'ps -ef': root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd root 7573 2988 0 07:28 ?00:00:00 sshd: [EMAIL PROTECTED]/0 Should I: kill -9 2988 /etc/init.d/sshd start Are you sure? :) - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Grant wrote: Should I: kill -9 2988 /etc/init.d/sshd start Are you sure? :) Sounds scary to kill sshd remotely, specially over ssh :P That's why I usually have a telnet server up during ssh upgrade times. - -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica Servicios Ofrecidos: http://www.buanzo.com.ar/pro/ Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG5Yd+AlpOsGhXcE0RCqCvAJ46Spe77Qukj5oYjCAtBK4lO0cZ4QCcCm24 U/zSADTHUKzZZ/G2dkZZkbo= =5uQv -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Yes. As a personal preference I don't usually chain commands together when trouble shooting something, but there is technically nothing wrong with doing so. -Stephen On 9/10/07, Grant [EMAIL PROTECTED] wrote: This process is the ssh daemon: root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd Two things: before killing the process with the KILL signal, I would try killing it with TERM kill -TERM 2988 If that doesn't work then kill the process with the KILL signal. I would also use: /etc/init.d/sshd restart This will give the init script a chance to do some cleanup work before restarting Do this: kill -TERM 2988 /etc/init.d/sshd restart and if that doesn't work, do: kill -9 2988 /etc/init.d/sshd restart ? - Grant I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. I had a similar issue after a previous update to ssh when I went to restart it to get it to use the new binaries. One of the nice features of sshd is that your current session will say active even if you kill the sshd daemon process. Of course, if you get disconnected then you will not be able to log back in, so it's good to do what you need to quickly if you do need to kill (or if it's really stuck, kill -9) the process. When I had this problem I issued a `kill -9 PID_NUMBER /etc/init.d/sshd start` - just be sure that you're killing the /usr/sbin/sshd process and not one of your sshd login forks at the same time. OK, I've got to be really careful here. I see the following processes in 'ps -ef': root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd root 7573 2988 0 07:28 ?00:00:00 sshd: [EMAIL PROTECTED]/0 Should I: kill -9 2988 /etc/init.d/sshd start Are you sure? :) - Grant -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Killing the ssh daemon does not effect any of the existing connections. The ssh daemon is used to listen for new connections and create a process to handle communications with that request. That is why when you update configuration parameters for sshd, they do not take effect until the next connection. The problem with connecting to the server via telnet is that your password can be easily intercepted - which is one of the major reasons telnet has been depreciated. -Stephen On 9/10/07, Arturo 'Buanzo' Busleiman [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Grant wrote: Should I: kill -9 2988 /etc/init.d/sshd start Are you sure? :) Sounds scary to kill sshd remotely, specially over ssh :P That's why I usually have a telnet server up during ssh upgrade times. - -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica Servicios Ofrecidos: http://www.buanzo.com.ar/pro/ Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG5Yd+AlpOsGhXcE0RCqCvAJ46Spe77Qukj5oYjCAtBK4lO0cZ4QCcCm24 U/zSADTHUKzZZ/G2dkZZkbo= =5uQv -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Yes. As a personal preference I don't usually chain commands together when trouble shooting something, but there is technically nothing wrong with doing so. And now I'm locked out. What do you think guys? - Grant This process is the ssh daemon: root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd Two things: before killing the process with the KILL signal, I would try killing it with TERM kill -TERM 2988 If that doesn't work then kill the process with the KILL signal. I would also use: /etc/init.d/sshd restart This will give the init script a chance to do some cleanup work before restarting Do this: kill -TERM 2988 /etc/init.d/sshd restart and if that doesn't work, do: kill -9 2988 /etc/init.d/sshd restart ? - Grant I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. I had a similar issue after a previous update to ssh when I went to restart it to get it to use the new binaries. One of the nice features of sshd is that your current session will say active even if you kill the sshd daemon process. Of course, if you get disconnected then you will not be able to log back in, so it's good to do what you need to quickly if you do need to kill (or if it's really stuck, kill -9) the process. When I had this problem I issued a `kill -9 PID_NUMBER /etc/init.d/sshd start` - just be sure that you're killing the /usr/sbin/sshd process and not one of your sshd login forks at the same time. OK, I've got to be really careful here. I see the following processes in 'ps -ef': root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd root 7573 2988 0 07:28 ?00:00:00 sshd: [EMAIL PROTECTED]/0 Should I: kill -9 2988 /etc/init.d/sshd start Are you sure? :) - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Stephen Wittig wrote: Killing the ssh daemon does not effect any of the existing connections. The ssh daemon is used to listen for new connections and create a process to handle communications with that request. That is why when you update configuration parameters for sshd, they do not take effect until the next connection. In an ideal world, yes. But humans tend to make mistakes. Grant is now locked-out of his system because of messing around with conditional execution, kill and sshd all in the same command. The problem with connecting to the server via telnet is that your password can be easily intercepted - which is one of the major reasons telnet has been depreciated. I use it over openvpn ;) COme on, 13 years of using Linux, I should've learned a couple of tricks already :P - -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica Servicios Ofrecidos: http://www.buanzo.com.ar/pro/ Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG5ZixAlpOsGhXcE0RCiyMAJwNTQKn52VKaHS+/uwGkOYQSuqB+gCfcMSn fhr6kAdDLTDVAF63dLxFgv0= =GMM7 -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On Mon, 10 Sep 2007 12:12:13 -0700 Grant [EMAIL PROTECTED] wrote: Yes. As a personal preference I don't usually chain commands together when trouble shooting something, but there is technically nothing wrong with doing so. And now I'm locked out. What do you think guys? - Grant Is your ssh session still open? -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On Mon, 10 Sep 2007 13:39:35 -0500 Stephen Wittig [EMAIL PROTECTED] wrote: That's why I usually have a telnet server up during ssh upgrade times. The problem with connecting to the server via telnet is that your password can be easily intercepted - which is one of the major reasons telnet has been depreciated. You can always start a seperate ssh server on a different port, to test the new server and the config files. Then you can get in on a different port and fix it if your upgrade of the usual ssh server gets borked. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On Mon, 10 Sep 2007 12:23:37 -0700 Grant [EMAIL PROTECTED] wrote: My host is pretty good about issuing commands for me. Any ideas there? - Grant start sshd manually to get back in. something like '/usr/bin/sshd -p 3' (that would listen on port 3 for ssh connections) (absolute path is necessary for re-exec) I still don't know what happened; here's what I can do: === [EMAIL PROTECTED] ~ $ ssh [EMAIL PROTECTED] Last login: Mon Sep 10 14:23:18 2007 from pascal.spore.ath.cx davey ~ # ps -eaf | grep sshd root 28869 1 0 14:23 ?00:00:00 /usr/sbin/sshd root 29147 28869 0 14:34 ?00:00:00 sshd: [EMAIL PROTECTED]/0 root 29173 29152 0 14:34 pts/000:00:00 grep --colour=auto sshd davey ~ # kill -9 28869 davey ~ # ps -eaf | grep sshd root 29147 1 0 14:34 ?00:00:00 sshd: [EMAIL PROTECTED]/0 root 29186 29152 0 14:35 pts/000:00:00 grep --colour=auto sshd davey ~ # /etc/init.d/sshd restart * Stopping sshd ... [ !! ] davey ~ # /etc/init.d/sshd zap * Manually resetting sshd to stopped state. davey ~ # /etc/init.d/sshd start * Starting sshd ... [ ok ] davey ~ # exit logout Connection to davey closed. [EMAIL PROTECTED] ~ $ ssh [EMAIL PROTECTED] Last login: Mon Sep 10 14:34:26 2007 from pascal.spore.ath.cx davey ~ # exit logout Connection to davey closed. [EMAIL PROTECTED] ~ $ = as you can see, it worked fine for me. I even make sure to use -9. good luck, grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Yes. As a personal preference I don't usually chain commands together when trouble shooting something, but there is technically nothing wrong with doing so. And now I'm locked out. What do you think guys? - Grant Is your ssh session still open? I wish. :) 100% locked out. Connection refused. - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
My host is pretty good about issuing commands for me. Any ideas there? - Grant start sshd manually to get back in. something like '/usr/bin/sshd -p 3' (that would listen on port 3 for ssh connections) (absolute path is necessary for re-exec) I still don't know what happened; here's what I can do: === [EMAIL PROTECTED] ~ $ ssh [EMAIL PROTECTED] Last login: Mon Sep 10 14:23:18 2007 from pascal.spore.ath.cx davey ~ # ps -eaf | grep sshd root 28869 1 0 14:23 ?00:00:00 /usr/sbin/sshd root 29147 28869 0 14:34 ?00:00:00 sshd: [EMAIL PROTECTED]/0 root 29173 29152 0 14:34 pts/000:00:00 grep --colour=auto sshd davey ~ # kill -9 28869 davey ~ # ps -eaf | grep sshd root 29147 1 0 14:34 ?00:00:00 sshd: [EMAIL PROTECTED]/0 root 29186 29152 0 14:35 pts/000:00:00 grep --colour=auto sshd davey ~ # /etc/init.d/sshd restart * Stopping sshd ... [ !! ] davey ~ # /etc/init.d/sshd zap * Manually resetting sshd to stopped state. davey ~ # /etc/init.d/sshd start * Starting sshd ... [ ok ] davey ~ # exit logout Connection to davey closed. [EMAIL PROTECTED] ~ $ ssh [EMAIL PROTECTED] Last login: Mon Sep 10 14:34:26 2007 from pascal.spore.ath.cx davey ~ # exit logout Connection to davey closed. [EMAIL PROTECTED] ~ $ = as you can see, it worked fine for me. I even make sure to use -9. good luck, grant Thank you but doesn't it look like there must be a problem that is preventing my sshd from starting? Won't '/usr/bin/sshd -p 3' just fail, or is that more likely to work than '/etc/init.d/sshd start'? Also, is '/usr/bin/sshd' sufficient? Why not port 22? - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
If there's a problem with ssh, then you're pretty much stuck with using other remote terminal tool to fix it, else, you can simply kill the process, delete the PID file, then /etc/init.d/sshd zap and /etc/init.d/sshd restart, or start, anyway... (I guess your host could easily issue this commands for you). -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
If there's a problem with ssh, then you're pretty much stuck with using other remote terminal tool to fix it, else, you can simply kill the process, delete the PID file, then /etc/init.d/sshd zap and /etc/init.d/sshd restart, or start, anyway... (I guess your host could easily issue this commands for you). What about just having them reboot and start my manual daemon? Would that accomplish the same thing? - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Hi, On Mon, 10 Sep 2007 14:28:41 -0500 Dan Farrell [EMAIL PROTECTED] wrote: You can always start a seperate ssh server on a different port, to test the new server and the config files. Then you can get in on a different port and fix it if your upgrade of the usual ssh server gets borked. And you can always leave one session open. Plus: It's already configured. Plus: It's pretty secure. Plus: You know exactly whether the new binary works. It's as easy as /usr/sbin/sshd -p 2. (or whatever free port there is) -hwh -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On 9/10/07, Grant [EMAIL PROTECTED] wrote: If there's a problem with ssh, then you're pretty much stuck with using other remote terminal tool to fix it, else, you can simply kill the process, delete the PID file, then /etc/init.d/sshd zap and /etc/init.d/sshd restart, or start, anyway... (I guess your host could easily issue this commands for you). What about just having them reboot and start my manual daemon? Would that accomplish the same thing? I guess so, but while your machine reboot all services go down, can you afford this downtime? If yes, well... If no, you may try alternatives such as my suggestion above :D -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
I think that there may be something significantly wrong with your box (or configuration of sshd). I have never had a server disconnect an active connection when killing the ssh daemon. If there is someone that you can contact in the data center I would ask them to: 1) Backup your current sshd_config file 2) Restore the default sshd_config on the box, and then try restart the daemon Are there any other applications that are not behaving correctly? -Stephen On 9/10/07, Grant [EMAIL PROTECTED] wrote: Yes. As a personal preference I don't usually chain commands together when trouble shooting something, but there is technically nothing wrong with doing so. And now I'm locked out. What do you think guys? - Grant This process is the ssh daemon: root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd Two things: before killing the process with the KILL signal, I would try killing it with TERM kill -TERM 2988 If that doesn't work then kill the process with the KILL signal. I would also use: /etc/init.d/sshd restart This will give the init script a chance to do some cleanup work before restarting Do this: kill -TERM 2988 /etc/init.d/sshd restart and if that doesn't work, do: kill -9 2988 /etc/init.d/sshd restart ? - Grant I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. I had a similar issue after a previous update to ssh when I went to restart it to get it to use the new binaries. One of the nice features of sshd is that your current session will say active even if you kill the sshd daemon process. Of course, if you get disconnected then you will not be able to log back in, so it's good to do what you need to quickly if you do need to kill (or if it's really stuck, kill -9) the process. When I had this problem I issued a `kill -9 PID_NUMBER /etc/init.d/sshd start` - just be sure that you're killing the /usr/sbin/sshd process and not one of your sshd login forks at the same time. OK, I've got to be really careful here. I see the following processes in 'ps -ef': root 2988 1 0 Sep04 ?00:00:00 /usr/sbin/sshd root 7573 2988 0 07:28 ?00:00:00 sshd: [EMAIL PROTECTED]/0 Should I: kill -9 2988 /etc/init.d/sshd start Are you sure? :) - Grant -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Yes, accessing the machine via telnet over an encrypted VPN connection is a safe way to access the box, but given the setup that Grant was describing it did not sound like he had a encrypted VPN setup to telnet over. I also agree that having a secondary way of accessing the box, that is secure, is an important factor when updating a remote server (whether that be another encrypted connection or people you can contact locally in the data center). Other people had already suggested starting a copy of the server manually on the a different port. For Grant: I reread the init script for sshd, and I know see what was most likely the problem. The init script, now, tries to kill all instances with the process name of sshd, not just the daemon (as specified by the pid file). This is why you were locked out when trying to restart the daemon. If you can restart the machine, everything should be working fine after a reboot. This behavior differs from every other distro of linux that I have used, and with previous versions of the init script. Sorry I missed that before emailing the list last time. Complete Side Note: Does anyone know where to issue a bug report to try to have this behavior changed. The correct (and more widely) seen behavior of restart for sshd should be something similar to: start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile ${SSHD_PIDFILE} On 9/10/07, Arturo 'Buanzo' Busleiman [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Stephen Wittig wrote: Killing the ssh daemon does not effect any of the existing connections. The ssh daemon is used to listen for new connections and create a process to handle communications with that request. That is why when you update configuration parameters for sshd, they do not take effect until the next connection. In an ideal world, yes. But humans tend to make mistakes. Grant is now locked-out of his system because of messing around with conditional execution, kill and sshd all in the same command. The problem with connecting to the server via telnet is that your password can be easily intercepted - which is one of the major reasons telnet has been depreciated. I use it over openvpn ;) COme on, 13 years of using Linux, I should've learned a couple of tricks already :P - -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica Servicios Ofrecidos: http://www.buanzo.com.ar/pro/ Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG5ZixAlpOsGhXcE0RCiyMAJwNTQKn52VKaHS+/uwGkOYQSuqB+gCfcMSn fhr6kAdDLTDVAF63dLxFgv0= =GMM7 -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Stephen Wittig wrote: I also agree that having a secondary way of accessing the box, that is secure, is an important factor when updating a remote server (whether that be another encrypted connection or people you can contact locally in the data center). Other people had already suggested starting a copy of the server manually on the a different port. Oh, I was just pointing out the fact that if I upgrade sshd, then I try to access the box using a non-sshd method, just for the sake of redundancy. Even netcat would work, or webmin, or whatever that is NOT what you are upgrading. Complete Side Note: Does anyone know where to issue a bug report to try to have this behavior changed. The correct (and more widely) seen behavior of http://bugzilla.gentoo.org I guess. - -- Arturo Buanzo Busleiman - Consultor Independiente en Seguridad Informatica Servicios Ofrecidos: http://www.buanzo.com.ar/pro/ Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG5dOtAlpOsGhXcE0RCshrAJ9Kk7FMN3SkotC+QRmwRGNshz+8RgCfX+Ag ilHwN7i2G6yQGoh4eJj3Zt4= =ZRn6 -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
For Grant: I reread the init script for sshd, and I know see what was most likely the problem. The init script, now, tries to kill all instances with the process name of sshd, not just the daemon (as specified by the pid file). This is why you were locked out when trying to restart the daemon. If you can restart the machine, everything should be working fine after a reboot. This behavior differs from every other distro of linux that I have used, and with previous versions of the init script. Sorry I missed that before emailing the list last time. That's alright, I really appreciate your attention. One thing though. Your init script discovery doesn't explain why sshd wouldn't restart (stop actually) when I was logged in does it? Given that, do you still think restarting is the way to go? I'm just trying to make sure I don't restart and still not have access. That would be bad because there is a crucial daemon running now that won't come up automatically. Please tell me what you think. - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
The current init script will not try to restart the daemon if everything does not exit cleanly. We already know that the main process won't exit cleanly since it was manually killed. Unless you are comfortable editing the init script I would suggest: 1) Type: ps auxww |grep /usr/sbin/sshd |grep -v grep This will give you the process id of the current sshd daemon. Write it down for later use. 2) On the following page, do steps 1 and 2 (I know this article is specifically related to upgrading sshd on redhat, but these steps are the same for gentoo): http://www.hackinglinuxexposed.com/articles/20020319.html This will give you a temporary sshd server, so that we can kill off all of your old sshd process, while still giving you access to the machine. It will also make sure that there are not any configuration problems with your current sshd_config file that are preventing the daemon from starting. If this copy of sshd daemon won't start then we know the problem is a configuration error or that the binary somehow became corrupted. 3) Kill off the current sshd process from step 1 kill -TERM sshd_pid -- or -- kill -KILL sshd_pid 4) Type: /etc/init.d/sshd zap DO NOT USE the stop or restart commands - they will kill off your temporary ssh server from step 2 5) Type: /etc/init.d/sshd start 6) Try connecting to your server as you normally would. If everything is working, then your can kill off the ssh daemon running on the alternate port. If it still doesn't start then its off two round three problem solving... -Good Luck, Stephen On 9/10/07, Grant [EMAIL PROTECTED] wrote: For Grant: I reread the init script for sshd, and I know see what was most likely the problem. The init script, now, tries to kill all instances with the process name of sshd, not just the daemon (as specified by the pid file). This is why you were locked out when trying to restart the daemon. If you can restart the machine, everything should be working fine after a reboot. This behavior differs from every other distro of linux that I have used, and with previous versions of the init script. Sorry I missed that before emailing the list last time. That's alright, I really appreciate your attention. One thing though. Your init script discovery doesn't explain why sshd wouldn't restart (stop actually) when I was logged in does it? Given that, do you still think restarting is the way to go? I'm just trying to make sure I don't restart and still not have access. That would be bad because there is a crucial daemon running now that won't come up automatically. Please tell me what you think. - Grant -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Complete Side Note: Does anyone know where to issue a bug report to try to have this behavior changed. The correct (and more widely) seen behavior of http://bugzilla.gentoo.org I guess. Now, I know why I have never tried to submit a bug report before :) -- [EMAIL PROTECTED] mailing list
[gentoo-user] SSH won't restart
I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. I also noticed many POSSIBLE BREAK-IN ATTEMPT! log entries for usernames that don't exist. Anything I should do about that? - Grant -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Grant writes: I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. Uh-oh! I know how you feel, I also administrate remote servers. Is there a /var/sun/sshd.pid containing the PID of the running sshd process (you can get it via pidof sshd)? Maybe it's missing, this would explain the failure to stop. If you think the upgrade is necessary and don't want to wait until you or s.o. else has physical access in case sshd doesn't come up again, you could try to restart sshd manually by issuing a kill -SIGHUP $( pidof sshd ). I also noticed many POSSIBLE BREAK-IN ATTEMPT! log entries for usernames that don't exist. Anything I should do about that? I emerged failtoban recently. This allows to monitor ssh attacks (also for other services like ftp and courier), and denies the attacker's IP for a while after some login failures. This keeps sshd logs short and enhances security, in case there are users with simple passwords. Some days ago I received 34 emails from fail2ban telling me about nightly couriersmtp breakin attempts. It does nt work out-of-the-box, but isn't too hard to configure. There are some howtos, but be sure to read current ones, the configuration was changed somewhere between version 0.6 and 0.8. I can mail you my configs if you are interested. Alex -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
Grant wrote: I just upgraded ssh and when I try to restart I get: * Stopping sshd ... [ !! ] I don't see anything about it in '/var/log/sshd/current'. How can I figure out what is wrong? I'm a little nervous because I don't want to shut myself out of this remote server. I had a similar issue after a previous update to ssh when I went to restart it to get it to use the new binaries. One of the nice features of sshd is that your current session will say active even if you kill the sshd daemon process. Of course, if you get disconnected then you will not be able to log back in, so it's good to do what you need to quickly if you do need to kill (or if it's really stuck, kill -9) the process. When I had this problem I issued a `kill -9 PID_NUMBER /etc/init.d/sshd start` - just be *sure* that you're killing the /usr/sbin/sshd process and not one of your sshd login forks at the same time. Alex Schuster wrote: If you think the upgrade is necessary and don't want to wait until you or s.o. else has physical access in case sshd doesn't come up again, you could try to restart sshd manually by issuing a kill -SIGHUP $( pidof sshd ). I don't recommend doing this as it will also kill your current ssh session. If for some reason the SIGHUP doesn't take correctly on the listening daemon you will find yourself locked and kicked out of the server. Use top or htop to determine the actual PID of the daemon only. -- Josh signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] SSH won't restart
Josh Cepek writes: I had a similar issue after a previous update to ssh when I went to restart it to get it to use the new binaries. One of the nice features of sshd is that your current session will say active even if you kill the sshd daemon process. Of course, if you get disconnected then you will not be able to log back in, so it's good to do what you need to quickly if you do need to kill (or if it's really stuck, kill -9) the process. When I had this problem I issued a `kill -9 PID_NUMBER /etc/init.d/sshd start` - just be *sure* that you're killing the /usr/sbin/sshd process and not one of your sshd login forks at the same time. Alex Schuster wrote: If you think the upgrade is necessary and don't want to wait until you or s.o. else has physical access in case sshd doesn't come up again, you could try to restart sshd manually by issuing a kill -SIGHUP $( pidof sshd ). I don't recommend doing this as it will also kill your current ssh session. If for some reason the SIGHUP doesn't take correctly on the listening daemon you will find yourself locked and kicked out of the server. Use top or htop to determine the actual PID of the daemon only. Oh, whoops! Big mistake, you are right - sorry for that, this was bad advice. I did not think about these other sshd processes. Thanks for being watchful and pointing this out. Still, I would prefer -HUP instead of -9, as this would make the sshd server restart itself. Just in case /etc/init.d/sshd start also makes trouble - it really shouldn't, but neither should /etc/init.d/sshd stop. Alex -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] SSH won't restart
On Sat, 8 Sep 2007 22:50:20 +0200 Alex Schuster [EMAIL PROTECTED] wrote: Josh Cepek writes: I had a similar issue after a previous update to ssh when I went to restart it to get it to use the new binaries. One of the nice features of sshd is that your current session will say active even if you kill the sshd daemon process. Of course, if you get disconnected then you will not be able to log back in, so it's good to do what you need to quickly if you do need to kill (or if it's really stuck, kill -9) the process. When I had this problem I issued a `kill -9 PID_NUMBER /etc/init.d/sshd start` - just be *sure* that you're killing the /usr/sbin/sshd process and not one of your sshd login forks at the same time. Alex Schuster wrote: If you think the upgrade is necessary and don't want to wait until you or s.o. else has physical access in case sshd doesn't come up again, you could try to restart sshd manually by issuing a kill -SIGHUP $( pidof sshd ). I don't recommend doing this as it will also kill your current ssh session. If for some reason the SIGHUP doesn't take correctly on the listening daemon you will find yourself locked and kicked out of the server. Use top or htop to determine the actual PID of the daemon only. Oh, whoops! Big mistake, you are right - sorry for that, this was bad advice. I did not think about these other sshd processes. Thanks for being watchful and pointing this out. Still, I would prefer -HUP instead of -9, as this would make the sshd server restart itself. Just in case /etc/init.d/sshd start also makes trouble - it really shouldn't, but neither should /etc/init.d/sshd stop. Alex Don't forget that you could potentially test out the new server on a different port, and then if you can log in there you can use that connection to kill the other sshd, and then you can restart the normal sshd, and then kill the temporary sshd. I recommend this method highly as it gives you another way to get in should something go wrong. Just remember not to 'killall sshd'! -- [EMAIL PROTECTED] mailing list