On Sat, Mar 19, 2016 at 3:00 PM, arnaud gaboury <[email protected]> wrote:
> OS: fedora 23 server > systemd: 222 > > I gave a try at sshd.socket instead of the usual sshd.service. The latter > was working well on my server but I can't ssh with sshd.socket. > > % systemctl cat sshd.socket > ---------------------------------------------- > # /usr/lib/systemd/system/sshd.socket > [Unit] > Description=OpenSSH Server Socket > Documentation=man:sshd(8) man:sshd_config(5) > Conflicts=sshd.service > > [Socket] > ListenStream=22 > Accept=yes > > [Install] > WantedBy=sockets.target > > # /etc/systemd/system/sshd.socket.d/override.conf > [Socket] > #ListenStream= > ListenStream=192.168.1.94:XXXXX > FreeBind=true > ---------------------------------------------- > > % systemctl status sshd.socket > ----------------------------------------------------------- > ● sshd.socket - OpenSSH Server Socket > Loaded: loaded (/usr/lib/systemd/system/sshd.socket; enabled; vendor > preset: disabled) > Drop-In: /etc/systemd/system/sshd.socket.d > └─override.conf > Active: active (listening) since Sat 2016-03-19 14:42:26 CET; 7min ago > Docs: man:sshd(8) > man:sshd_config(5) > Listen: 0.0.0.0:22 (Stream) > 192.168.1.94:XXXXX (Stream) > Accepted: 9; Connected: 0 > > Mar 19 14:42:26 poppy systemd[1]: Listening on OpenSSH Server Socket. > Mar 19 14:42:26 poppy systemd[1]: Starting OpenSSH Server Socket. > ------------------------------------------- > > As you can see, 9 connections have been accepted, but I do not know why > connection is closed by host. > > > % ssh -v -p XXXXX [email protected] > OpenSSH_7.2p1, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /home/user/.ssh/config > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Connecting to thetradinghall.com [212.147.52.214] port XXXXXX. > debug1: Connection established. > debug1: identity file /home/user/.ssh/gabx-hortensia_ed25519.pub type 4 > debug1: key_load_public: No such file or directory > debug1: identity file /home/user/.ssh/gabx-hortensia_ed25519.pub-cert type > -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2 > debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2 > debug1: match: OpenSSH_7.2 pat OpenSSH* compat 0x04000000 > debug1: Authenticating to thetradinghall.com:42660 as 'poisonivy' > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: algorithm: [email protected] > debug1: kex: host key algorithm: ecdsa-sha2-nistp256 > debug1: kex: server->client cipher: [email protected] MAC: > <implicit> compression: none > debug1: kex: client->server cipher: [email protected] MAC: > <implicit> compression: none > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY > debug1: Server host key: ecdsa-sha2-nistp256 > SHA256:TU3S5iIvTFbyVwHsNtzm1OPcZ6lYWOnfQ06tKnljnXI > debug1: checking without port identifier > debug1: Host 'thetradinghall.com' is known and matches the ECDSA host key. > debug1: Found key in /home/user/.ssh/known_hosts:8 > debug1: found matching key w/out port > debug1: rekey after 134217728 blocks > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: rekey after 134217728 blocks > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_EXT_INFO received > debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512> > debug1: SSH2_MSG_SERVICE_ACCEPT received > > ################################### > ## Welcome to TheTradingHall.com ## > ################################### > > debug1: Authentications that can continue: > publickey,gssapi-keyex,gssapi-with-mic > debug1: Next authentication method: publickey > debug1: Offering ED25519 public key: > /home/gabx/.ssh/gabx-hortensia_ed25519.pub > debug1: Server accepts key: pkalg ssh-ed25519 blen 51 > debug1: Authentication succeeded (publickey). > Authenticated to thetradinghall.com ([212.147.52.214]:XXXXXX). > debug1: channel 0: new [client-session] > debug1: Requesting [email protected] > debug1: Entering interactive session. > debug1: pledge: network > debug1: channel 0: free: client-session, nchannels 1 > Connection to thetradinghall.com closed by remote host. > Connection to thetradinghall.com closed. > Transferred: sent 1948, received 1628 bytes, in 0.0 seconds > Bytes per second: sent 22886566.4, received 19126966.1 > debug1: Exit status -1 > > > ------------------------------------------ > > Nothing in journalctl -unit sshd neither [email protected] > > Thank you for any hint why the connection is closed by the server when in > fact it is accepted. > > I found the solution by modfiying /etc/pam.d/sshd and adding system-remote-login and system-login files.
_______________________________________________ systemd-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/systemd-devel
