sshd stops accepting connections
Simon L. Nielsen
simon at FreeBSD.org
Fri Nov 12 12:12:15 PST 2004
Hello
Today I suddenly couldn't log in via ssh to a server I upgraded to
FreeBSD 5.3-RELEASE 4 days ago. When I tried connect to port 22 using
telnet(1) the following just happend:
[simon at zaphod:~] telnet 192.168.3.2 22
Trying 192.168.3.2...
Connected to jet.nitro.dk.
Escape character is '^]'.
Connection closed by foreign host.
The servar had been running FreeBSD 5.2.1 for a while without
problems. After logging in on the console and sending the sshd master
process a -HUP I could log in again (and I get the normal banner when
connecting to the port with telnet(1)). I can't rally see in the log
what happened, but there is a lot of "stale" sshd's hanging around,
like:
root 46015 0,0 0,4 4928 2220 ?? I Ons08pm 0:00,01 sshd: blah [pam] (sshd)
root 58286 0,0 0,4 4920 2236 ?? Is Tor12pm 0:00,04 sshd: pascal [priv] (sshd)
sshd 58287 0,0 0,0 0 0 ?? Z Tor12pm 0:00,03 <defunct>
root 58288 0,0 0,4 4928 2236 ?? I Tor12pm 0:00,01 sshd: pascal [pam] (sshd)
root 58932 0,0 0,4 4920 2236 ?? Is Tor01pm 0:00,05 sshd: ole_gudiksen [priv] (sshd)
sshd 58934 0,0 0,0 0 0 ?? Z Tor01pm 0:00,06 <defunct>
root 58935 0,0 0,4 4928 2236 ?? I Tor01pm 0:00,01 sshd: ole_gudiksen [pam] (sshd)
pstree show the connection between some of the processes like this:
| |-+= 58286 root sshd: pascal [priv] (sshd)
| | |--- 58287 sshd <defunct>
| | \--- 58288 root sshd: pascal [pam] (sshd)
From all.log:
Nov 11 12:04:38 nfishbone sshd[58286]: fatal: Timeout before authentication for 82.211.207.191
Nov 11 13:02:34 nfishbone sshd[58932]: fatal: Timeout before authentication for 192.38.66.33
The only odd thing I could find in the logs with regard to ssh was a
few lines like:
Nov 11 22:35:49 nfishbone sshd[62378]: syslogin_perform_logout: logout() returned an error
I don't use any kind of "exotic" authentication on the system, only
standard unix password file and ssh-keys.
Does anybody have an idea of what's going on here, and if it's a ssh
bug or something silly I have done?
--
Simon L. Nielsen
FreeBSD Documentation Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20041112/8999bd01/attachment.bin
More information about the freebsd-stable
mailing list