Ok, so I upgraded my os to RedHat 6.1 yesterday, while simultaneously
downgrading my copy of ssh to 1.2.27. After doing this, I started to get
the followign errors:
Oct 21 18:25:32 misanthrope sshd[1748]: error: bind: Address already in use
Oct 21 18:25:32 misanthrope sshd[1748]: fatal: Bind to port 22 failed: Transport
endpoint is not connected.
Oct 21 18:30:22 misanthrope sshd[1772]: refused connect from 216.100.35.70
Oct 21 18:36:57 misanthrope sshd[417]: log: Received signal 15; terminating.
Oct 21 18:37:10 misanthrope sshd[1812]: log: Server listening on port 22.
Oct 21 18:37:10 misanthrope sshd[1812]: log: Generating 768 bit RSA key.
Oct 21 18:37:11 misanthrope sshd[1812]: log: RSA key generation complete.
Oct 21 18:37:45 misanthrope sshd[1820]: refused connect from 216.100.35.70
Oct 21 18:39:07 misanthrope sshd[1812]: log: Received signal 15; terminating.
Oct 21 19:26:51 misanthrope sshd: Starting sshd:
Oct 21 19:26:52 misanthrope sshd: sshd
Oct 21 19:26:52 misanthrope rc: Starting sshd succeeded
Oct 21 19:26:55 misanthrope sshd[422]: log: Server listening on port 22.
Oct 21 19:26:55 misanthrope sshd[422]: log: Generating 768 bit RSA key.
Oct 21 19:26:56 misanthrope sshd[422]: log: RSA key generation complete.
Oct 21 19:27:26 misanthrope sshd[588]: error: bind: Address already in use
Oct 21 19:27:26 misanthrope sshd[588]: fatal: Bind to port 22 failed: Transport
endpoint is not connected.
Oct 21 19:27:41 misanthrope sshd[591]: refused connect from 127.0.0.1
here's my system files:
/etc/rc.d/init.d/sshd
#!/bin/sh
#
# chkconfig: 345 55 45
# description: sshd (secure shell daemon) is a server part of the ssh suite.
# Ssh can be used for remote login, remote file copying, TCP port
# forwarding etc. Ssh offers strong encryption and authentication.
#
# Source function library.
. /etc/rc.d/init.d/functions
# See how we were called.
case "$1" in
start)
echo -n "Starting sshd: "
if test -r /var/run/sshd.pid && kill -0 `cat /var/run/sshd.pid`
then echo "already running according to /var/run/sshd.pid. Not started."
else /usr/sbin/sshd
echo sshd
fi
touch /var/lock/subsys/sshd
;;
stop)
echo -n "Stopping sshd: "
[ -f /var/run/sshd.pid ] || exit 0
kill -TERM `cat /var/run/sshd.pid`
rm -f /var/run/sshd.pid
rm -f /var/lock/subsys/sshd
echo "sshd"
;;
restart)
$0 stop
$0 start
;;
status)
status sshd
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit 0
#/etc/inetd.conf
# inetd.conf This file describes the services that will be available
# through the INETD TCP/IP super server. To re-configure
# the running INETD process, edit this file, then send the
# INETD process a SIGHUP signal.
#
# Version: @(#)/etc/inetd.conf 3.10 05/27/93
#
# Authors: Original taken from BSD UNIX 4.3/TAHOE.
# Fred N. van Kempen, <[EMAIL PROTECTED]>
#
# Modified for Debian Linux by Ian A. Murdock <[EMAIL PROTECTED]>
#
# Modified for RHS Linux by Marc Ewing <[EMAIL PROTECTED]>
#
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
# Echo, discard, daytime, and chargen are used primarily for testing.
#
# To re-read this file after changes, just do a 'killall -HUP inetd'
#
#echo stream tcp nowait root internal
#echo dgram udp wait root internal
#discard stream tcp nowait root internal
#discard dgram udp wait root internal
#daytime stream tcp nowait root internal
#daytime dgram udp wait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp wait root internal
#
# These are standard services.
#
ftp stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/in.proftpd
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
#gopher stream tcp nowait root /usr/sbin/tcpd gn
# do not uncomment smtp unless you *really* know what you are doing.
# smtp is handled by the sendmail daemon now, not smtpd. It does NOT
# run from here, it is started at boot time from /etc/rc.d/rc#.d.
#smtp stream tcp nowait root /usr/bin/smtpd smtpd
#nntp stream tcp nowait root /usr/sbin/tcpd in.nntpd
#
# Shell, login, exec and talk are BSD protocols.
#
#shell stream tcp nowait root /usr/sbin/tcpd in.rshd
#login stream tcp nowait root /usr/sbin/tcpd in.rlogind
#exec stream tcp nowait root /usr/sbin/tcpd in.rexecd
#talk dgram udp wait root /usr/sbin/tcpd in.talkd
#ntalk dgram udp wait root /usr/sbin/tcpd in.ntalkd
#dtalk stream tcp waut nobody /usr/sbin/tcpd in.dtalkd
#
# Pop and imap mail services et al
#
#pop-2 stream tcp nowait root /usr/sbin/tcpd ipop2d
#pop-3 stream tcp nowait root /usr/sbin/tcpd ipop3d
pop3 stream tcp nowait root /usr/sbin/tcpd /usr/local/lib/popper popper -s
#imap stream tcp nowait root /usr/sbin/tcpd imapd
#
# The Internet UUCP service.
#
#uucp stream tcp nowait uucp /usr/sbin/tcpd /usr/lib/uucp/uucico -l
#
# Tftp service is provided primarily for booting. Most sites
# run this only on machines acting as "boot servers." Do not uncomment
# this unless you *need* it.
#
#tftp dgram udp wait root /usr/sbin/tcpd in.tftpd
#bootps dgram udp wait root /usr/sbin/tcpd bootpd
#
# Finger, systat and netstat give out user information which may be
# valuable to potential "system crackers." Many sites choose to disable
# some or all of these services to improve security.
#
# cfinger is for GNU finger, which is currently not in use in RHS Linux
#
#finger stream tcp nowait root /usr/sbin/tcpd in.fingerd
#cfinger stream tcp nowait root /usr/sbin/tcpd in.cfingerd
#systat stream tcp nowait guest /usr/sbin/tcpd /bin/ps -auwwx
#netstat stream tcp nowait guest /usr/sbin/tcpd /bin/netstat -f inet
#
# Time service is used for clock syncronization.
#
#time stream tcp nowait nobody /usr/sbin/tcpd in.timed
#time dgram udp wait nobody /usr/sbin/tcpd in.timed
#
# Authentication
#
#auth stream tcp nowait nobody /usr/sbin/in.identd in.identd -l -e -o
#
# End of inetd.conf
#swat stream tcp nowait.400 root /usr/sbin/swat swat
#swat stream tcp nowait.400 root /usr/sbin/swat swat
#/etc/services
#
# Note that it is presently the policy of IANA to assign a single well-known
# port number for both TCP and UDP; hence, most entries here have two entries
# even if the protocol doesn't support UDP operations.
# Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all ports
# are included, only the more common ones.
tcpmux 1/tcp # TCP port service multiplexer
echo 7/tcp
echo 7/udp
discard 9/tcp sink null
discard 9/udp sink null
systat 11/tcp users
daytime 13/tcp
daytime 13/udp
netstat 15/tcp
qotd 17/tcp quote
msp 18/tcp # message send protocol
msp 18/udp # message send protocol
chargen 19/tcp ttytst source
chargen 19/udp ttytst source
ftp-data 20/tcp
ftp 21/tcp
fsp 21/udp fspd
sshd 22/tcp # SSH Remote Login Protocol
sshd 22/udp # SSH Remote Login Protocol
telnet 23/tcp
# 24 - private
smtp 25/tcp mail
# 26 - unassigned
time 37/tcp timserver
time 37/udp timserver
rlp 39/udp resource # resource location
nameserver 42/tcp name # IEN 116
whois 43/tcp nicname
re-mail-ck 50/tcp # Remote Mail Checking Protocol
re-mail-ck 50/udp # Remote Mail Checking Protocol
domain 53/tcp nameserver # name-domain server
domain 53/udp nameserver
mtp 57/tcp # deprecated
bootps 67/tcp # BOOTP server
bootps 67/udp
bootpc 68/tcp # BOOTP client
bootpc 68/udp
tftp 69/udp
gopher 70/tcp # Internet Gopher
gopher 70/udp
rje 77/tcp netrjs
finger 79/tcp
www 80/tcp http # WorldWideWeb HTTP
www 80/udp # HyperText Transfer Protocol
link 87/tcp ttylink
kerberos 88/tcp kerberos5 krb5 # Kerberos v5
kerberos 88/udp kerberos5 krb5 # Kerberos v5
supdup 95/tcp
# 100 - reserved
hostnames 101/tcp hostname # usually from sri-nic
iso-tsap 102/tcp tsap # part of ISODE.
csnet-ns 105/tcp cso-ns # also used by CSO name server
csnet-ns 105/udp cso-ns
I was getting tcpd messages although I do not have inetd configured to run
sshd as wrappered originally, but as standalone.
and here's /etc/ssh/sshd_config
# This is ssh server systemwide configuration file.
Port 22
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_key
RandomSeed /etc/ssh/ssh_random_seed
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
IgnoreRhosts no
StrictModes yes
QuietMode no
X11Forwarding yes
X11DisplayOffset 10
FascistLogging no
PrintMotd yes
KeepAlive yes
SyslogFacility DAEMON
RhostsAuthentication no
RhostsRSAAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords yes
UseLogin no
# CheckMail no
# PidFile /u/zappa/.ssh/pid
# AllowHosts *.our.com friend.other.com
# DenyHosts lowsecurity.theirs.com *.evil.org evil.org
# Umask 022
# SilentDeny yes
what am I doing wrong?
Brandon
