AIX SFTP with chroot : conection closed without error message
Thierry CHARLES
t.charles at infass.com
Tue Apr 1 02:59:22 EST 2014
Hi,
I could not find any other ideas to understand what is happening. Is
there a way to display the reason of the disconnection ?
Thanks
Le 27/03/2014 17:58, Thierry CHARLES a écrit :
> Hello,
>
> I'm trying to setup a chroot for one user on my AIX 5.2 system
>
> I have tried with openssh 5.0 (don't know where it comes from) and as
> it didn't work, I have downloaded and compiled the current version
> (6.6p1)
>
> When I connect, password is checked, chroot is done, sftp subsystem is
> accepted, but I get disconnected without any error
>
>
> Below is all can say about my config (after hours of googling) ...
>
> Thanks you for any hint that will help making it operational !
> Thierry
>
>
>
>
> ======================
> $ ls -l /usr/local/ssh/etc/sshd_config
> -rw-r--r-- 1 root system 3864 Mar 27 15:55
> /usr/local/ssh/etc/sshd_config
>
> ======================
> $ cat /usr/local/ssh/etc/sshd_config | sed "s/#.*//g" | egrep -v "^$"
> AuthorizedKeysFile .ssh/authorized_keys
> UsePrivilegeSeparation sandbox
> Subsystem sftp /usr/local/ssh/libexec/sftp-server
> Match User cpdp
> ChrootDirectory /cpdp
> ForceCommand internal-sftp
>
> ==> I have also tried to set sftp subsystem to "internal-sftp" but it
> doesn't work better
>
> ======================
> $ ls -ld /cpdp
> drwxr-xr-x 4 root system 512 Mar 27 14:41 /cpdp
> ==> the chroot path is root owned and only root-writable
>
> ======================
> $ find /cpdp
> /cpdp
> /cpdp/home
> /cpdp/home/cpdp
> ==> I have re-created the home directory for the cpdp user but it
> isn't better
>
> ======================
> SERVER LOG
> ======================
> $ /usr/local/ssh/sbin/sshd -ddddd -p2222
> debug2: load_server_config: filename /usr/local/ssh/etc/sshd_config
> debug2: load_server_config: done config len = 324
> debug2: parse_server_config: config /usr/local/ssh/etc/sshd_config len
> 324
> debug3: /usr/local/ssh/etc/sshd_config:54 setting AuthorizedKeysFile
> .ssh/authorized_keys
> debug3: /usr/local/ssh/etc/sshd_config:110 setting
> UsePrivilegeSeparation sandbox
> debug3: /usr/local/ssh/etc/sshd_config:126 setting Subsystem
> sftp /usr/local/ssh/libexec/sftp-server
> debug3: checking syntax for 'Match User cpdp'
> debug1: sshd version OpenSSH_6.6, OpenSSL 0.9.8h 28 May 2008
> debug3: Incorrect RSA1 identifier
> debug1: key_parse_private2: missing begin marker
> debug1: read PEM private key done: type RSA
> debug3: Incorrect RSA1 identifier
> debug3: Could not load "/usr/local/ssh/etc/ssh_host_rsa_key" as a RSA1
> public key
> debug1: private host key: #0 type 1 RSA
> debug3: Incorrect RSA1 identifier
> debug1: key_parse_private2: missing begin marker
> debug1: read PEM private key done: type DSA
> debug3: Incorrect RSA1 identifier
> debug3: Could not load "/usr/local/ssh/etc/ssh_host_dsa_key" as a RSA1
> public key
> debug1: private host key: #1 type 2 DSA
> debug3: Incorrect RSA1 identifier
> debug3: Incorrect RSA1 identifier
> debug3: Could not load "/usr/local/ssh/etc/ssh_host_ed25519_key" as a
> RSA1 public key
> debug1: private host key: #2 type 4 ED25519
> debug1: rexec_argv[0]='/usr/local/ssh/sbin/sshd'
> debug1: rexec_argv[1]='-ddddd'
> debug1: rexec_argv[2]='-p2222'
> debug2: fd 3 setting O_NONBLOCK
> debug1: Bind to port 2222 on 0.0.0.0.
> Server listening on 0.0.0.0 port 2222.
> debug2: fd 4 setting O_NONBLOCK
> debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY
> debug1: Bind to port 2222 on ::.
> Bind to port 2222 on :: failed: Address already in use.
> debug1: fd 4 clearing O_NONBLOCK
> debug1: Server will not fork when running in debugging mode.
> debug3: send_rexec_state: entering fd = 7 config len 324
> debug3: ssh_msg_send: type 0
> debug3: send_rexec_state: done
> debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
> debug1: inetd sockets after dupping: 3, 3
> Connection from 10.1.0.161 port 54046 on 10.1.0.1 port 2222
> debug1: Client protocol version 2.0; client software version
> OpenSSH_6.5p1 Debian-6
> debug1: match: OpenSSH_6.5p1 Debian-6 pat OpenSSH* compat 0x04000000
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_6.6
> debug2: fd 3 setting O_NONBLOCK
> debug3: ssh_sandbox_init: preparing rlimit sandbox
> debug2: Network child is on pid 89674
> debug3: preauth child monitor started
> debug3: privsep user:group 210:202 [preauth]
> debug1: permanently_set_uid: 210/202 [preauth]
> debug1: list_hostkey_types: ssh-rsa,ssh-dss,ssh-ed25519 [preauth]
> debug1: SSH2_MSG_KEXINIT sent [preauth]
> debug1: SSH2_MSG_KEXINIT received [preauth]
> debug2: kex_parse_kexinit:
> curve25519-sha256 at libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> [preauth]
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ssh-ed25519 [preauth]
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> [preauth]
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> [preauth]
> debug2: kex_parse_kexinit:
> hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> [preauth]
> debug2: kex_parse_kexinit:
> hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> [preauth]
> debug2: kex_parse_kexinit: none,zlib at openssh.com [preauth]
> debug2: kex_parse_kexinit: none,zlib at openssh.com [preauth]
> debug2: kex_parse_kexinit: [preauth]
> debug2: kex_parse_kexinit: [preauth]
> debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
> debug2: kex_parse_kexinit: reserved 0 [preauth]
> debug2: kex_parse_kexinit:
> curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> [preauth]
> debug2: kex_parse_kexinit:
> ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-dss-cert-v00 at openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
> [preauth]
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> [preauth]
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> [preauth]
> debug2: kex_parse_kexinit:
> hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> [preauth]
> debug2: kex_parse_kexinit:
> hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> [preauth]
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib [preauth]
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib [preauth]
> debug2: kex_parse_kexinit: [preauth]
> debug2: kex_parse_kexinit: [preauth]
> debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
> debug2: kex_parse_kexinit: reserved 0 [preauth]
> debug2: mac_setup: setup hmac-md5-etm at openssh.com [preauth]
> debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com none
> [preauth]
> debug2: mac_setup: setup hmac-md5-etm at openssh.com [preauth]
> debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none
> [preauth]
> debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
> debug3: mm_key_sign entering [preauth]
> debug3: mm_request_send entering: type 6 [preauth]
> debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth]
> debug3: mm_request_receive_expect entering: type 7 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 6
> debug3: mm_answer_sign
> debug3: mm_answer_sign: signature 2004af48(83)
> debug3: mm_request_send entering: type 7
> debug2: monitor_read: 6 used once, disabling now
> debug2: kex_derive_keys [preauth]
> debug2: set_newkeys: mode 1 [preauth]
> debug1: SSH2_MSG_NEWKEYS sent [preauth]
> debug1: expecting SSH2_MSG_NEWKEYS [preauth]
> debug2: set_newkeys: mode 0 [preauth]
> debug1: SSH2_MSG_NEWKEYS received [preauth]
> debug1: KEX done [preauth]
> debug1: userauth-request for user cpdp service ssh-connection method
> none [preauth]
> debug1: attempt 0 failures 0 [preauth]
> debug3: mm_getpwnamallow entering [preauth]
> debug3: mm_request_send entering: type 8 [preauth]
> debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
> debug3: mm_request_receive_expect entering: type 9 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 8
> debug3: mm_answer_pwnamallow
> debug3: Trying to reverse map address 10.1.0.161.
> debug2: parse_server_config: config reprocess config len 324
> debug3: checking match for 'User cpdp' user cpdp host pctotc addr
> 10.1.0.161 laddr 10.1.0.1 lport 2222
> debug1: user cpdp matched 'User cpdp' at line 136
> debug3: match found
> debug3: reprocess config:137 setting ChrootDirectory /cpdp
> debug3: reprocess config:138 setting ForceCommand internal-sftp
> debug3: AIX/setauthdb set registry 'files'
> debug3: aix_restoreauthdb: restoring old registry ''
> debug3: AIX/loginrestrictions returned 0 msg (none)
> debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
> debug3: mm_request_send entering: type 9
> debug2: monitor_read: 8 used once, disabling now
> debug2: input_userauth_request: setting up authctxt for cpdp [preauth]
> debug3: mm_inform_authserv entering [preauth]
> debug3: mm_request_send entering: type 4 [preauth]
> debug2: input_userauth_request: try method none [preauth]
> debug3: userauth_finish: failure partial=0 next
> methods="publickey,password,keyboard-interactive" [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 4
> debug3: mm_answer_authserv: service=ssh-connection, style=
> debug2: monitor_read: 4 used once, disabling now
> debug1: userauth-request for user cpdp service ssh-connection method
> publickey [preauth]
> debug1: attempt 1 failures 0 [preauth]
> debug2: input_userauth_request: try method publickey [preauth]
> debug1: test whether pkalg/pkblob are acceptable [preauth]
> debug3: mm_key_allowed entering [preauth]
> debug3: mm_request_send entering: type 22 [preauth]
> debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
> debug3: mm_request_receive_expect entering: type 23 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 22
> debug3: mm_answer_keyallowed entering
> debug3: mm_answer_keyallowed: key_from_blob: 2004b1d8
> debug1: temporarily_use_uid: 212/1 (e=0/0)
> debug1: trying public key file /home/cpdp/.ssh/authorized_keys
> debug1: Could not open authorized keys
> '/home/cpdp/.ssh/authorized_keys': No such file or directory
> debug1: restore_uid: 0/0
> Failed publickey for cpdp from 10.1.0.161 port 54046 ssh2: DSA
> 6f:bf:40:de:ee:5c:1c:9f:70:71:68:cf:41:de:f0:5f
> debug3: mm_answer_keyallowed: key 2004b1d8 is not allowed
> debug3: mm_request_send entering: type 23
> debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss [preauth]
> debug3: userauth_finish: failure partial=0 next
> methods="publickey,password,keyboard-interactive" [preauth]
> debug1: userauth-request for user cpdp service ssh-connection method
> keyboard-interactive [preauth]
> debug1: attempt 2 failures 1 [preauth]
> debug2: input_userauth_request: try method keyboard-interactive [preauth]
> debug1: keyboard-interactive devs [preauth]
> debug1: auth2_challenge: user=cpdp devs= [preauth]
> debug1: kbdint_alloc: devices '' [preauth]
> debug2: auth2_challenge_start: devices [preauth]
> debug3: userauth_finish: failure partial=0 next
> methods="publickey,password,keyboard-interactive" [preauth]
> debug1: userauth-request for user cpdp service ssh-connection method
> password [preauth]
> debug1: attempt 3 failures 2 [preauth]
> debug2: input_userauth_request: try method password [preauth]
> debug3: mm_auth_password entering [preauth]
> debug3: mm_request_send entering: type 12 [preauth]
> debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD [preauth]
> debug3: mm_request_receive_expect entering: type 13 [preauth]
> debug3: mm_request_receive entering [preauth]
> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 12
> debug3: AIX/authenticate result 0, authmsg
> debug3: AIX SYSTEM attribute compat
> debug3: AIX/setauthdb set registry 'files'
> debug3: AIX/passwdexpired returned 1 msg You are required to change
> your password. Please choose a new one.
> debug3: aix_restoreauthdb: restoring old registry ''
> debug3: mm_answer_authpassword: sending result 1
> debug3: mm_request_send entering: type 13
> Accepted password for cpdp from 10.1.0.161 port 54046 ssh2
> debug3: AIX/setauthdb set registry 'files'
> debug1: AIX/loginsuccess: msg Last login: Thu Mar 27 16:00:44 2014 on
> ssh from pctotc
>
> debug3: aix_restoreauthdb: restoring old registry ''
> debug1: monitor_child_preauth: cpdp has been authenticated by
> privileged process
> debug3: mm_get_keystate: Waiting for new keys
> debug3: mm_request_receive_expect entering: type 26
> debug3: mm_request_receive entering
> debug3: mm_newkeys_from_blob: 2006a398(134)
> debug2: mac_setup: setup hmac-md5-etm at openssh.com
> debug3: mm_get_keystate: Waiting for second key
> debug3: mm_newkeys_from_blob: 2006a398(134)
> debug2: mac_setup: setup hmac-md5-etm at openssh.com
> debug3: mm_get_keystate: Getting compression state
> debug3: mm_get_keystate: Getting Network I/O buffers
> debug3: mm_auth_password: user authenticated [preauth]
> debug3: mm_send_keystate: Sending new keys: 200516c8 2004ab58 [preauth]
> debug3: mm_newkeys_to_blob: converting 200516c8 [preauth]
> debug3: mm_newkeys_to_blob: converting 2004ab58 [preauth]
> debug3: mm_send_keystate: New keys have been sent [preauth]
> debug3: mm_send_keystate: Sending compression state [preauth]
> debug3: mm_request_send entering: type 26 [preauth]
> debug3: mm_send_keystate: Finished sending state [preauth]
> debug1: monitor_read_log: child log fd closed
> debug3: mm_share_sync: Share sync
> debug3: mm_share_sync: Share sync end
> debug3: ssh_sandbox_parent_finish: finished
> debug3: AIX/UsrInfo: set len 23
> debug3: safely_chroot: checking '/'
> debug3: safely_chroot: checking '/cpdp'
> Changed root directory to "/cpdp"
> debug1: permanently_set_uid: 212/1
> debug2: set_newkeys: mode 0
> debug2: set_newkeys: mode 1
> debug1: Entering interactive session for SSH2.
> debug2: fd 5 setting O_NONBLOCK
> debug2: fd 6 setting O_NONBLOCK
> debug1: server_init_dispatch_20
> debug1: server_input_channel_open: ctype session rchan 0 win 2097152
> max 32768
> debug1: input_session_request
> debug1: channel 0: new [server-session]
> debug2: session_new: allocate (allocated 0 max 10)
> debug3: session_unused: session id 0 unused
> debug1: session_new: session 0
> debug1: session_open: channel 0
> debug1: session_open: session 0: link with channel 0
> debug1: server_input_channel_open: confirm session
> debug1: server_input_global_request: rtype
> no-more-sessions at openssh.com want_reply 0
> User child is on pid 89676
> debug1: server_input_channel_req: channel 0 request env reply 0
> debug1: session_by_channel: session 0 channel 0
> debug1: session_input_channel_req: session 0 req env
> debug2: Ignoring env request LANG: disallowed name
> debug1: server_input_channel_req: channel 0 request subsystem reply 1
> debug1: session_by_channel: session 0 channel 0
> debug1: session_input_channel_req: session 0 req subsystem
> debug2: subsystem request for sftp by user cpdp
> debug1: subsystem: cannot stat /usr/local/ssh/libexec/sftp-server: No
> such file or directory
> debug1: subsystem: exec() /usr/local/ssh/libexec/sftp-server
> Starting session: forced-command (config) 'internal-sftp' for cpdp
> from 10.1.0.161 port 54046
> debug2: fd 3 setting TCP_NODELAY
> debug3: packet_set_tos: set IP_TOS 0x08
> debug2: fd 9 setting O_NONBLOCK
> debug2: fd 8 setting O_NONBLOCK
> debug2: fd 11 setting O_NONBLOCK
> debug2: channel 0: read 83 from efd 11
> debug3: channel 0: discard efd
> debug1: Received SIGCHLD.
> debug1: session_by_pid: pid 71070
> debug1: session_exit_message: session 0 channel 0 pid 71070
> debug2: channel 0: request exit-status confirm 0
> debug1: session_exit_message: release channel 0
> debug2: channel 0: write failed
> debug2: channel 0: close_write
> debug2: channel 0: send eow
> debug2: channel 0: output open -> closed
> debug2: channel 0: read<=0 rfd 9 len 0
> debug2: channel 0: read failed
> debug2: channel 0: close_read
> debug2: channel 0: input open -> drain
> debug2: channel 0: read 0 from efd 11
> debug2: channel 0: closing read-efd 11
> debug2: channel 0: ibuf empty
> debug2: channel 0: send eof
> debug2: channel 0: input drain -> closed
> debug2: channel 0: send close
> debug2: notify_done: reading
> debug3: channel 0: will not send data after close
> debug2: channel 0: rcvd close
> Received disconnect from 10.1.0.161: 11: disconnected by user
> debug1: do_cleanup
> debug3: mm_request_receive entering
> debug1: do_cleanup
>
>
> ======================
> CLIENT LOG
> ======================
> $ sftp -P 2222 -vvv cpdp at 10.1.0.1
> OpenSSH_6.5, OpenSSL 1.0.1f 6 Jan 2014
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to 10.1.0.1 [10.1.0.1] port 2222.
> debug1: Connection established.
> debug1: identity file /home/tc/.ssh/id_rsa type -1
> debug1: identity file /home/tc/.ssh/id_rsa-cert type -1
> debug3: Incorrect RSA1 identifier
> debug3: Could not load "/home/tc/.ssh/id_dsa" as a RSA1 public key
> debug1: identity file /home/tc/.ssh/id_dsa type 2
> debug1: identity file /home/tc/.ssh/id_dsa-cert type -1
> debug1: identity file /home/tc/.ssh/id_ecdsa type -1
> debug1: identity file /home/tc/.ssh/id_ecdsa-cert type -1
> debug1: identity file /home/tc/.ssh/id_ed25519 type -1
> debug1: identity file /home/tc/.ssh/id_ed25519-cert type -1
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_6.5p1 Debian-6
> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6
> debug1: match: OpenSSH_6.6 pat OpenSSH* compat 0x04000000
> debug2: fd 3 setting O_NONBLOCK
> debug3: put_host_port: [10.1.0.1]:2222
> debug3: load_hostkeys: loading entries for host "[10.1.0.1]:2222" from
> file "/home/tc/.ssh/known_hosts"
> debug3: load_hostkeys: found key type ED25519 in file
> /home/tc/.ssh/known_hosts:177
> debug3: load_hostkeys: loaded 1 keys
> debug3: order_hostkeyalgs: prefer hostkeyalgs:
> ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit:
> curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit:
> ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-dss-cert-v00 at openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit:
> hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit:
> curve25519-sha256 at libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ssh-ed25519
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit:
> hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib at openssh.com
> debug2: kex_parse_kexinit: none,zlib at openssh.com
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_setup: found hmac-md5-etm at openssh.com
> debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none
> debug2: mac_setup: found hmac-md5-etm at openssh.com
> debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com none
> debug1: sending SSH2_MSG_KEX_ECDH_INIT
> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
> debug1: Server host key: ED25519
> 51:c3:32:61:dd:77:32:87:14:2d:78:21:17:53:bb:8d
> debug3: put_host_port: [10.1.0.1]:2222
> debug3: put_host_port: [10.1.0.1]:2222
> debug3: load_hostkeys: loading entries for host "[10.1.0.1]:2222" from
> file "/home/tc/.ssh/known_hosts"
> debug3: load_hostkeys: found key type ED25519 in file
> /home/tc/.ssh/known_hosts:177
> debug3: load_hostkeys: loaded 1 keys
> debug3: load_hostkeys: loading entries for host "[10.1.0.1]:2222" from
> file "/home/tc/.ssh/known_hosts"
> debug3: load_hostkeys: found key type ED25519 in file
> /home/tc/.ssh/known_hosts:177
> debug3: load_hostkeys: loaded 1 keys
> debug1: Host '[10.1.0.1]:2222' is known and matches the ED25519 host key.
> debug1: Found key in /home/tc/.ssh/known_hosts:177
> debug1: ssh_ed25519_verify: signature correct
> debug2: kex_derive_keys
> debug2: set_newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug2: set_newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: Roaming not allowed by server
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /home/tc/.ssh/id_rsa ((nil)),
> debug2: key: /home/tc/.ssh/id_dsa (0x7fe98cc92070),
> debug2: key: /home/tc/.ssh/id_ecdsa ((nil)),
> debug2: key: /home/tc/.ssh/id_ed25519 ((nil)),
> debug1: Authentications that can continue:
> publickey,password,keyboard-interactive
> debug3: start over, passed a different list
> publickey,password,keyboard-interactive
> debug3: preferred publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: Next authentication method: publickey
> debug1: Trying private key: /home/tc/.ssh/id_rsa
> debug3: no such identity: /home/tc/.ssh/id_rsa: No such file or directory
> debug1: Offering DSA public key: /home/tc/.ssh/id_dsa
> debug3: send_pubkey_test
> debug2: we sent a publickey packet, wait for reply
> debug1: Authentications that can continue:
> publickey,password,keyboard-interactive
> debug1: Trying private key: /home/tc/.ssh/id_ecdsa
> debug3: no such identity: /home/tc/.ssh/id_ecdsa: No such file or
> directory
> debug1: Trying private key: /home/tc/.ssh/id_ed25519
> debug3: no such identity: /home/tc/.ssh/id_ed25519: No such file or
> directory
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup keyboard-interactive
> debug3: remaining preferred: password
> debug3: authmethod_is_enabled keyboard-interactive
> debug1: Next authentication method: keyboard-interactive
> debug2: userauth_kbdint
> debug2: we sent a keyboard-interactive packet, wait for reply
> debug1: Authentications that can continue:
> publickey,password,keyboard-interactive
> debug3: userauth_kbdint: disable: no info_req_seen
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup password
> debug3: remaining preferred:
> debug3: authmethod_is_enabled password
> debug1: Next authentication method: password
> cpdp at 10.1.0.1's password:
> debug3: packet_send2: adding 64 (len 49 padlen 15 extra_pad 64)
> debug2: we sent a password packet, wait for reply
> debug1: Authentication succeeded (password).
> Authenticated to 10.1.0.1 ([10.1.0.1]:2222).
> debug2: fd 4 setting O_NONBLOCK
> debug3: fd 5 is O_NONBLOCK
> debug1: channel 0: new [client-session]
> debug3: ssh_session2_open: channel_new: 0
> debug2: channel 0: send open
> debug1: Requesting no-more-sessions at openssh.com
> debug1: Entering interactive session.
> debug2: callback start
> debug2: fd 3 setting TCP_NODELAY
> debug3: packet_set_tos: set IP_TOS 0x08
> debug2: client_session2_setup: id 0
> debug1: Sending environment.
> debug3: Ignored env SSH_AGENT_PID
> debug3: Ignored env KDE_MULTIHEAD
> debug3: Ignored env DM_CONTROL
> debug3: Ignored env SHELL
> debug3: Ignored env TERM
> debug3: Ignored env XDG_SESSION_COOKIE
> debug3: Ignored env XDM_MANAGED
> debug3: Ignored env GTK2_RC_FILES
> debug3: Ignored env KONSOLE_DBUS_SERVICE
> debug3: Ignored env KONSOLE_PROFILE_NAME
> debug3: Ignored env GS_LIB
> debug3: Ignored env GTK_RC_FILES
> debug3: Ignored env WINDOWID
> debug3: Ignored env SHELL_SESSION_ID
> debug3: Ignored env KDE_FULL_SESSION
> debug3: Ignored env USER
> debug3: Ignored env LS_COLORS
> debug3: Ignored env XCURSOR_SIZE
> debug3: Ignored env SSH_AUTH_SOCK
> debug3: Ignored env SESSION_MANAGER
> debug3: Ignored env DESKTOP_SESSION
> debug3: Ignored env PATH
> debug3: Ignored env PWD
> debug3: Ignored env KONSOLE_DBUS_WINDOW
> debug3: Ignored env KDE_SESSION_UID
> debug1: Sending env LANG = fr_FR.UTF-8
> debug2: channel 0: request env confirm 0
> debug3: Ignored env KONSOLE_DBUS_SESSION
> debug3: Ignored env HOME
> debug3: Ignored env COLORFGBG
> debug3: Ignored env SHLVL
> debug3: Ignored env KDE_SESSION_VERSION
> debug3: Ignored env LANGUAGE
> debug3: Ignored env XCURSOR_THEME
> debug3: Ignored env LOGNAME
> debug3: Ignored env XDG_DATA_DIRS
> debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
> debug3: Ignored env WINDOWPATH
> debug3: Ignored env PROFILEHOME
> debug3: Ignored env DISPLAY
> debug3: Ignored env QT_PLUGIN_PATH
> debug3: Ignored env XDG_CURRENT_DESKTOP
> debug3: Ignored env _
> debug1: Sending subsystem: sftp
> debug2: channel 0: request subsystem confirm 1
> debug2: callback done
> debug2: channel 0: open confirm rwindow 0 rmax 32768
> debug2: channel 0: rcvd adjust 2097152
> debug2: channel_input_status_confirm: type 99 id 0
> debug2: subsystem request accepted on channel 0
> debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
> debug1: client_input_channel_req: channel 0 rtype eow at openssh.com reply 0
> debug2: channel 0: rcvd eow
> debug2: channel 0: close_read
> debug2: channel 0: input open -> closed
> debug2: channel 0: rcvd eof
> debug2: channel 0: output open -> drain
> debug2: channel 0: obuf empty
> debug2: channel 0: close_write
> debug2: channel 0: output drain -> closed
> debug2: channel 0: rcvd close
> debug3: channel 0: will not send data after close
> debug2: channel 0: almost dead
> debug2: channel 0: gc: notify user
> debug2: channel 0: gc: user detached
> debug2: channel 0: send close
> debug2: channel 0: is dead
> debug2: channel 0: garbage collecting
> debug1: channel 0: free: client-session, nchannels 1
> debug3: channel 0: status: The following connections are open:
> #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
>
> debug1: fd 0 clearing O_NONBLOCK
> debug3: fd 1 is not O_NONBLOCK
> Transferred: sent 3104, received 2136 bytes, in 0.0 seconds
> Bytes per second: sent 234989.4, received 161706.6
> debug1: Exit status 1
> Connection closed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: t_charles.vcf
Type: text/x-vcard
Size: 285 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20140331/a3f3e978/attachment-0001.vcf>
More information about the openssh-unix-dev
mailing list