Project

General

Profile

Bug #11378

SSSD exited on restart

Added by Tobias Hoffmann about 5 years ago. Updated about 3 years ago.

Status:
Closed: Cannot reproduce
Priority:
Important
Assignee:
John Hixson
Category:
OS
Target version:
Seen in:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

Hi,

ssh logins are still not possible after recent update.
when i restart sssd services with:

# service ix-sssd restart
# service sssd restart

i get following lines in /var/log/messages :

Sep  8 10:28:07 dynage-stor01 smbd[17348]: in openpam_check_error_code(): pam_sm
_setcred(): unexpected return value 12                                          
Sep  8 10:29:48 dynage-stor01 smbd[20694]: in openpam_check_error_code(): pam_sm
_acct_mgmt(): unexpected return value 12                                        
Sep  8 10:36:31 dynage-stor01 generate_sssd_conf.py: [common.pipesubr:71] Popen(
)ing: 
Sep  8 10:36:47 dynage-stor01 kernel: pid 22623 (sssd_be), uid 0: exited on sign
al 6 

klist looks valid.

History

#1 Updated by Tobias Hoffmann about 5 years ago

  • File ixdiagnose.tgz added

#2 Updated by Jordan Hubbard about 5 years ago

  • Category changed from OS to 36
  • Assignee set to John Hixson
  • Priority changed from No priority to Important
  • Target version set to Unspecified

#3 Updated by John Hixson about 5 years ago

  • Status changed from Unscreened to 15
  • Target version changed from Unspecified to 261

What user are you trying to ssh in as? Can you copy and paste a terminal session into this ticket just for clarity? SSSD is not relevant here.

#4 Updated by Tobias Hoffmann about 5 years ago

Hi John,

Usualy I log in as root, my public key in /root/ssh/authorized_keys, no problem.
if im using a AD user crashtest:

[root@dynage-stor01] ~# getent passwd crashtest
crashtest:*:21114:20513:crashtest:/home/crashtest:/bin/sh

I created symlinks to homedir /var/home / /home

lrwxr-xr-x   1 root    wheel       15 Sep  3 21:00 home@ -> /mnt/pool/homes

i get this (ssh verbose):

kiilo@kiilo-XPS-13-9343:~$ ssh -l crashtest 130.60.169.45 -vvv
OpenSSH_6.7p1 Ubuntu-5ubuntu1.3, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 130.60.169.45 [130.60.169.45] port 22.
debug1: Connection established.
debug1: identity file /home/kiilo/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Ubuntu-5ubuntu1.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
debug1: match: OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420 pat OpenSSH_6.6.1* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "130.60.169.45" from file "/home/kiilo/.ssh/known_hosts" 
debug3: load_hostkeys: found key type ECDSA in file /home/kiilo/.ssh/known_hosts:3
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-ed25519,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se,none
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se,none
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: setup umac-64-etm@openssh.com
debug1: kex: server->client aes128-ctr umac-64-etm@openssh.com none
debug2: mac_setup: setup umac-64-etm@openssh.com
debug1: kex: client->server aes128-ctr umac-64-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 16:f7:c2:1b:09:c0:9f:de:b3:49:de:02:df:76:a9:b3
debug3: load_hostkeys: loading entries for host "130.60.169.45" from file "/home/kiilo/.ssh/known_hosts" 
debug3: load_hostkeys: found key type ECDSA in file /home/kiilo/.ssh/known_hosts:3
debug3: load_hostkeys: loaded 1 keys
debug1: Host '130.60.169.45' is known and matches the ECDSA host key.
debug1: Found key in /home/kiilo/.ssh/known_hosts:3
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/kiilo/.ssh/id_rsa (0x7fb9071ec790),
debug2: key: /home/kiilo/.ssh/id_dsa ((nil)),
debug2: key: /home/kiilo/.ssh/id_ecdsa ((nil)),
debug2: key: /home/kiilo/.ssh/id_ed25519 ((nil)),
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/kiilo/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/kiilo/.ssh/id_dsa
debug3: no such identity: /home/kiilo/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/kiilo/.ssh/id_ecdsa
debug3: no such identity: /home/kiilo/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/kiilo/.ssh/id_ed25519
debug3: no such identity: /home/kiilo/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
crashtest@130.60.169.45's password: 
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
crashtest@130.60.169.45's password:

log /var/log/auth.log:

Sep  9 09:08:44 dynage-stor01 sshd[88678]: Connection closed by 130.60.169.66 [preauth]
Sep  9 09:09:06 dynage-stor01 sshd[88797]: Request to sssd failed. Connection refused
Sep  9 09:09:06 dynage-stor01 sshd[88797]: Failed password for tohoff from 130.60.169.66 port 52193 ssh2
Sep  9 09:09:07 dynage-stor01 sshd[88797]: Connection closed by 130.60.169.66 [preauth]
Sep  9 09:09:19 dynage-stor01 sshd[88834]: Request to sssd failed. Connection refused
Sep  9 09:09:19 dynage-stor01 sshd[88834]: Failed password for crashtest from 130.60.169.66 port 52195 ssh2

status sssd:

[root@dynage-stor01] /mnt/pool# service sssd status
sssd is not running.

#5 Updated by John Hixson about 5 years ago

okay. For the sake of a clean slate, can you please disable AD, reboot your box, then enable it? Do not mess with anything from the command line, do not start SSSD, nothing. Then try and ssh in again as requested before, and if it doesn't work, please attach another debug.

#6 Updated by Tobias Hoffmann about 5 years ago

i can't restart this host right now Users are connected and working, but i have a staging setup running in KVM (same configuration)
and there same result, after AD off / reboot / AD on:

kiilo@kiilo-XPS-13-9343:~$ ssh -l crashtest 130.60.169.105 -vvv
OpenSSH_6.7p1 Ubuntu-5ubuntu1.3, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 130.60.169.105 [130.60.169.105] port 22.
debug1: Connection established.
debug1: identity file /home/kiilo/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/kiilo/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Ubuntu-5ubuntu1.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
debug1: match: OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420 pat OpenSSH_6.6.1* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "130.60.169.105" from file "/home/kiilo/.ssh/known_hosts" 
debug3: load_hostkeys: found key type ECDSA in file /home/kiilo/.ssh/known_hosts:24
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-ed25519,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se,none
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se,none
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: setup umac-64-etm@openssh.com
debug1: kex: server->client aes128-ctr umac-64-etm@openssh.com none
debug2: mac_setup: setup umac-64-etm@openssh.com
debug1: kex: client->server aes128-ctr umac-64-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 7b:48:08:25:4c:4b:e3:c7:28:59:59:36:d4:23:1e:99
debug3: load_hostkeys: loading entries for host "130.60.169.105" from file "/home/kiilo/.ssh/known_hosts" 
debug3: load_hostkeys: found key type ECDSA in file /home/kiilo/.ssh/known_hosts:24
debug3: load_hostkeys: loaded 1 keys
debug1: Host '130.60.169.105' is known and matches the ECDSA host key.
debug1: Found key in /home/kiilo/.ssh/known_hosts:24
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/kiilo/.ssh/id_rsa (0x7f31ec5a4790),
debug2: key: /home/kiilo/.ssh/id_dsa ((nil)),
debug2: key: /home/kiilo/.ssh/id_ecdsa ((nil)),
debug2: key: /home/kiilo/.ssh/id_ed25519 ((nil)),
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/kiilo/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/kiilo/.ssh/id_dsa
debug3: no such identity: /home/kiilo/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/kiilo/.ssh/id_ecdsa
debug3: no such identity: /home/kiilo/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/kiilo/.ssh/id_ed25519
debug3: no such identity: /home/kiilo/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
crashtest@130.60.169.105's password: 
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
crashtest@130.60.169.105's password: 

#7 Updated by John Hixson about 5 years ago

I'd like to look at your system when you have some time. Are you available this week?

#8 Updated by Tobias Hoffmann about 5 years ago

ok thanks - im in central european time zone ... friday would be an option, i like to test first on my staging installation and apply later (weekend) changes to the main system.

best
Tobias

#9 Updated by John Hixson about 5 years ago

Tobias Hoffmann wrote:

ok thanks - im in central european time zone ... friday would be an option, i like to test first on my staging installation and apply later (weekend) changes to the main system.

best
Tobias

Hi Tobias,

Send me your availability:

#10 Updated by John Hixson about 5 years ago

Tobias,

Any updates?

#11 Updated by Tobias Hoffmann about 5 years ago

Hi John,

Sorry i am quite busy in the moment, cant concentrate on this. Have to push this into next week ...
dont know how to proceed in the moment i see still sssd isssues,

i switched kereberos keytabs off, because otherwise we have no AD user at all.
so at least AD + CIFS is running but ssh with AD User login not (I like to use for rsync backups)

mmmh recent logs ...


Sep 14 01:00:07 dynage-stor01 smbd[75161]: Request to sssd failed. Connection refused
Sep 14 01:00:10 dynage-stor01 smbd[91683]: Request to sssd failed. Connection refused
Sep 14 01:00:25 dynage-stor01 smbd[91683]: Request to sssd failed. Connection refused
Sep 14 02:54:44 dynage-stor01 smbd[13930]: Request to sssd failed. Connection refused
Sep 14 04:42:56 dynage-stor01 smbd[35193]: Request to sssd failed. Connection refused
Sep 14 04:42:56 dynage-stor01 smbd[35196]: Request to sssd failed. Connection refused
Sep 14 04:43:13 dynage-stor01 smbd[35193]: Request to sssd failed. Connection refused
Sep 14 04:43:13 dynage-stor01 smbd[35196]: Request to sssd failed. Connection refused
Sep 14 04:44:05 dynage-stor01 smbd[35459]: Request to sssd failed. Connection refused
Sep 14 04:44:05 dynage-stor01 smbd[35462]: Request to sssd failed. Connection refused
Sep 14 04:44:19 dynage-stor01 smbd[35459]: Request to sssd failed. Connection refused
Sep 14 04:44:19 dynage-stor01 smbd[35462]: Request to sssd failed. Connection refused
Sep 14 05:05:44 dynage-stor01 smbd[13930]: Request to sssd failed. Connection refused
Sep 14 08:02:34 dynage-stor01 smbd[73903]: Request to sssd failed. Connection refused
Sep 14 08:37:00 dynage-stor01 smbd[80491]: Request to sssd failed. Connection refused
Sep 14 08:37:00 dynage-stor01 smbd[80500]: Request to sssd failed. Connection refused
Sep 14 08:37:11 dynage-stor01 smbd[80500]: Request to sssd failed. Connection refused
Sep 14 09:35:37 dynage-stor01 smbd[91718]: Request to sssd failed. Connection refused
Sep 14 09:51:21 dynage-stor01 smbd[94713]: Request to sssd failed. Connection refused
Sep 14 12:09:16 dynage-stor01 smbd[21840]: Request to sssd failed. Connection refused
Sep 14 13:55:01 dynage-stor01 smbd[42029]: Request to sssd failed. Connection refused
Sep 14 13:55:39 dynage-stor01 smbd[42029]: Request to sssd failed. Connection refused
Sep 14 13:55:54 dynage-stor01 smbd[42212]: Request to sssd failed. Connection refused
Sep 14 13:56:33 dynage-stor01 smbd[42212]: Request to sssd failed. Connection refused
Sep 14 13:59:09 dynage-stor01 smbd[42844]: Request to sssd failed. Connection refused
Sep 14 13:59:21 dynage-stor01 smbd[42844]: Request to sssd failed. Connection refused
Sep 14 13:59:54 dynage-stor01 smbd[42978]: Request to sssd failed. Connection refused
Sep 14 14:00:51 dynage-stor01 smbd[42978]: Request to sssd failed. Connection refused
Sep 14 14:00:55 dynage-stor01 smbd[43185]: Request to sssd failed. Connection refused
Sep 14 14:01:21 dynage-stor01 smbd[43185]: Request to sssd failed. Connection refused
Sep 14 14:01:32 dynage-stor01 smbd[43310]: Request to sssd failed. Connection refused
Sep 14 14:04:33 dynage-stor01 smbd[43310]: Request to sssd failed. Connection refused
Sep 14 14:05:37 dynage-stor01 smbd[44085]: Request to sssd failed. Connection refused
Sep 14 14:06:27 dynage-stor01 smbd[44085]: Request to sssd failed. Connection refused
Sep 14 14:07:16 dynage-stor01 smbd[44412]: Request to sssd failed. Connection refused
Sep 14 14:08:09 dynage-stor01 smbd[44412]: Request to sssd failed. Connection refused
Sep 14 14:09:04 dynage-stor01 smbd[44760]: Request to sssd failed. Connection refused
Sep 14 14:09:45 dynage-stor01 smbd[44760]: Request to sssd failed. Connection refused
Sep 14 14:09:46 dynage-stor01 smbd[44886]: Request to sssd failed. Connection refused
Sep 14 14:10:21 dynage-stor01 smbd[44886]: Request to sssd failed. Connection refused
Sep 14 14:13:15 dynage-stor01 smbd[45557]: Request to sssd failed. Connection refused
Sep 14 14:27:38 dynage-stor01 smbd[45557]: Request to sssd failed. Connection refused
Sep 14 14:27:52 dynage-stor01 smbd[45557]: Request to sssd failed. Connection refused
Sep 14 14:36:37 dynage-stor01 smbd[45557]: Request to sssd failed. Connection refused
Sep 14 14:39:53 dynage-stor01 smbd[50635]: Request to sssd failed. Connection refused
Sep 14 14:39:53 dynage-stor01 smbd[50635]: Request to sssd failed. Connection refused
Sep 14 14:40:03 dynage-stor01 smbd[50635]: Request to sssd failed. Connection refused
Sep 14 14:41:52 dynage-stor01 smbd[50635]: Request to sssd failed. Connection refused
Sep 14 14:42:03 dynage-stor01 smbd[50635]: Request to sssd failed. Connection refused
Sep 14 14:42:13 dynage-stor01 smbd[50635]: Request to sssd failed. Connection refused
Sep 14 14:42:33 dynage-stor01 smbd[51138]: Request to sssd failed. Connection refused
Sep 14 14:44:55 dynage-stor01 smbd[51138]: Request to sssd failed. Connection refused
Sep 14 14:46:21 dynage-stor01 smbd[51884]: Request to sssd failed. Connection refused
Sep 14 14:46:23 dynage-stor01 smbd[51884]: Request to sssd failed. Connection refused
Sep 14 14:46:37 dynage-stor01 smbd[51884]: Request to sssd failed. Connection refused
Sep 14 15:00:27 dynage-stor01 smbd[51884]: Request to sssd failed. Connection refused
Sep 14 15:00:27 dynage-stor01 smbd[51884]: Request to sssd failed. Connection refused
Sep 14 15:00:38 dynage-stor01 smbd[51884]: Request to sssd failed. Connection refused
Sep 14 15:11:36 dynage-stor01 smbd[21840]: Request to sssd failed. Connection refused
Sep 14 15:59:35 dynage-stor01 smbd[66328]: Request to sssd failed. Connection refused
Sep 14 15:59:57 dynage-stor01 smbd[94713]: Request to sssd failed. Connection refused
Sep 14 16:01:09 dynage-stor01 smbd[66328]: Request to sssd failed. Connection refused
Sep 14 16:31:10 dynage-stor01 smbd[72283]: Request to sssd failed. Connection refused
Sep 14 16:31:10 dynage-stor01 smbd[72283]: Request to sssd failed. Connection refused
Sep 14 16:31:43 dynage-stor01 smbd[72283]: Request to sssd failed. Connection refused
Sep 14 16:32:34 dynage-stor01 smbd[72629]: Request to sssd failed. Connection refused
Sep 14 16:51:41 dynage-stor01 smbd[76285]: Request to sssd failed. Connection refused
Sep 14 16:55:06 dynage-stor01 smbd[76974]: Request to sssd failed. Connection refused
Sep 14 17:11:05 dynage-stor01 smbd[76974]: Request to sssd failed. Connection refused
Sep 14 17:52:17 dynage-stor01 smbd[87883]: Request to sssd failed. Connection refused
Sep 14 17:52:17 dynage-stor01 smbd[87883]: Request to sssd failed. Connection refused
Sep 14 17:52:19 dynage-stor01 smbd[87894]: Request to sssd failed. Connection refused
Sep 14 17:52:19 dynage-stor01 smbd[87894]: Request to sssd failed. Connection refused
Sep 14 17:58:34 dynage-stor01 smbd[88930]: Request to sssd failed. Connection refused
Sep 14 18:00:30 dynage-stor01 smbd[72629]: Request to sssd failed. Connection refused
Sep 14 18:00:57 dynage-stor01 smbd[80491]: Request to sssd failed. Connection refused
Sep 14 18:11:54 dynage-stor01 smbd[91718]: Request to sssd failed. Connection refused
Sep 14 19:25:46 dynage-stor01 smbd[6015]: Request to sssd failed. Connection refused
Sep 14 19:25:46 dynage-stor01 smbd[6015]: Request to sssd failed. Connection refused
Sep 14 19:26:01 dynage-stor01 smbd[6015]: Request to sssd failed. Connection refused
Sep 14 19:26:42 dynage-stor01 smbd[6196]: Request to sssd failed. Connection refused
Sep 14 19:31:48 dynage-stor01 smbd[6015]: Request to sssd failed. Connection refused
Sep 14 19:32:01 dynage-stor01 smbd[6196]: Request to sssd failed. Connection refused
Sep 14 19:32:01 dynage-stor01 smbd[6015]: Request to sssd failed. Connection refused
Sep 14 19:34:21 dynage-stor01 smbd[6015]: Request to sssd failed. Connection refused
Sep 14 19:35:20 dynage-stor01 smbd[37949]: Request to sssd failed. Connection refused
Sep 14 19:38:04 dynage-stor01 smbd[8378]: Request to sssd failed. Connection refused
Sep 14 19:45:10 dynage-stor01 smbd[9760]: Request to sssd failed. Connection refused
Sep 14 20:35:10 dynage-stor01 smbd[19775]: Request to sssd failed. Connection refused
Sep 14 20:36:03 dynage-stor01 smbd[19775]: Request to sssd failed. Connection refused
Sep 14 20:39:32 dynage-stor01 smbd[9760]: Request to sssd failed. Connection refused
Sep 14 20:58:45 dynage-stor01 smbd[37949]: Request to sssd failed. Connection refused
Sep 14 20:58:55 dynage-stor01 smbd[8378]: Request to sssd failed. Connection refused
Sep 14 20:58:55 dynage-stor01 smbd[37952]: Request to sssd failed. Connection refused
Sep 14 20:59:17 dynage-stor01 smbd[37949]: Request to sssd failed. Connection refused
Sep 14 21:01:15 dynage-stor01 smbd[37949]: Request to sssd failed. Connection refused
Sep 14 21:06:11 dynage-stor01 smbd[88930]: Request to sssd failed. Connection refused
Sep 14 22:22:51 dynage-stor01 smbd[40356]: Request to sssd failed. Connection refused
Sep 14 22:23:19 dynage-stor01 smbd[40425]: Request to sssd failed. Connection refused
Sep 14 22:28:50 dynage-stor01 smbd[41121]: Request to sssd failed. Connection refused
Sep 14 22:35:39 dynage-stor01 smbd[42814]: Request to sssd failed. Connection refused
Sep 14 22:36:06 dynage-stor01 smbd[42933]: Request to sssd failed. Connection refused
Sep 14 22:36:19 dynage-stor01 smbd[42966]: Request to sssd failed. Connection refused
Sep 14 22:36:19 dynage-stor01 smbd[42966]: Request to sssd failed. Connection refused
Sep 14 22:36:34 dynage-stor01 smbd[42966]: Request to sssd failed. Connection refused
Sep 14 22:37:07 dynage-stor01 smbd[43126]: Request to sssd failed. Connection refused
Sep 14 22:54:36 dynage-stor01 smbd[42966]: Request to sssd failed. Connection refused
Sep 14 22:54:50 dynage-stor01 smbd[43126]: Request to sssd failed. Connection refused
Sep 14 22:54:50 dynage-stor01 smbd[42966]: Request to sssd failed. Connection refused
Sep 14 22:59:57 dynage-stor01 smbd[42966]: Request to sssd failed. Connection refused
Sep 14 23:01:31 dynage-stor01 smbd[47830]: Request to sssd failed. Connection refused
Sep 14 23:01:52 dynage-stor01 smbd[47889]: Request to sssd failed. Connection refused
Sep 14 23:07:01 dynage-stor01 smbd[48867]: Request to sssd failed. Connection refused
Sep 14 23:07:01 dynage-stor01 smbd[48877]: Request to sssd failed. Connection refused
Sep 14 23:07:16 dynage-stor01 smbd[48877]: Request to sssd failed. Connection refused
Sep 14 23:07:28 dynage-stor01 smbd[48867]: Request to sssd failed. Connection refused
Sep 14 23:37:18 dynage-stor01 smbd[54669]: Request to sssd failed. Connection refused

-- End of security output --

Best
Tobias

#12 Updated by John Hixson about 5 years ago

  • Status changed from 15 to Investigation

#13 Updated by John Hixson over 4 years ago

  • Status changed from Investigation to 15

Is this still an issue?

#14 Updated by John Hixson over 4 years ago

  • Status changed from 15 to Closed: Cannot reproduce

#15 Avatar?id=14398&size=24x24 Updated by Kris Moore about 4 years ago

  • Target version changed from 261 to N/A

#16 Avatar?id=14398&size=24x24 Updated by Kris Moore about 4 years ago

  • Seen in changed from Unspecified to N/A

#17 Updated by Dru Lavigne about 3 years ago

  • File deleted (ixdiagnose.tgz)

#18 Updated by Dru Lavigne about 3 years ago

  • Private changed from Yes to No

Also available in: Atom PDF