AIX SFTP with chroot : conection closed without error message
Thierry CHARLES
t.charles at infass.com
Fri Mar 28 03:58:10 EST 2014
Hello,
I'm trying to setup a chroot for one user on my AIX 5.2 system
I have tried with openssh 5.0 (don't know where it comes from) and as it
didn't work, I have downloaded and compiled the current version (6.6p1)
When I connect, password is checked, chroot is done, sftp subsystem is
accepted, but I get disconnected without any error
Below is all can say about my config (after hours of googling) ...
Thanks you for any hint that will help making it operational !
Thierry
======================
$ ls -l /usr/local/ssh/etc/sshd_config
-rw-r--r-- 1 root system 3864 Mar 27 15:55
/usr/local/ssh/etc/sshd_config
======================
$ cat /usr/local/ssh/etc/sshd_config | sed "s/#.*//g" | egrep -v "^$"
AuthorizedKeysFile .ssh/authorized_keys
UsePrivilegeSeparation sandbox
Subsystem sftp /usr/local/ssh/libexec/sftp-server
Match User cpdp
ChrootDirectory /cpdp
ForceCommand internal-sftp
==> I have also tried to set sftp subsystem to "internal-sftp" but it
doesn't work better
======================
$ ls -ld /cpdp
drwxr-xr-x 4 root system 512 Mar 27 14:41 /cpdp
==> the chroot path is root owned and only root-writable
======================
$ find /cpdp
/cpdp
/cpdp/home
/cpdp/home/cpdp
==> I have re-created the home directory for the cpdp user but it isn't
better
======================
SERVER LOG
======================
$ /usr/local/ssh/sbin/sshd -ddddd -p2222
debug2: load_server_config: filename /usr/local/ssh/etc/sshd_config
debug2: load_server_config: done config len = 324
debug2: parse_server_config: config /usr/local/ssh/etc/sshd_config len 324
debug3: /usr/local/ssh/etc/sshd_config:54 setting AuthorizedKeysFile
.ssh/authorized_keys
debug3: /usr/local/ssh/etc/sshd_config:110 setting
UsePrivilegeSeparation sandbox
debug3: /usr/local/ssh/etc/sshd_config:126 setting Subsystem sftp
/usr/local/ssh/libexec/sftp-server
debug3: checking syntax for 'Match User cpdp'
debug1: sshd version OpenSSH_6.6, OpenSSL 0.9.8h 28 May 2008
debug3: Incorrect RSA1 identifier
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug3: Incorrect RSA1 identifier
debug3: Could not load "/usr/local/ssh/etc/ssh_host_rsa_key" as a RSA1
public key
debug1: private host key: #0 type 1 RSA
debug3: Incorrect RSA1 identifier
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type DSA
debug3: Incorrect RSA1 identifier
debug3: Could not load "/usr/local/ssh/etc/ssh_host_dsa_key" as a RSA1
public key
debug1: private host key: #1 type 2 DSA
debug3: Incorrect RSA1 identifier
debug3: Incorrect RSA1 identifier
debug3: Could not load "/usr/local/ssh/etc/ssh_host_ed25519_key" as a
RSA1 public key
debug1: private host key: #2 type 4 ED25519
debug1: rexec_argv[0]='/usr/local/ssh/sbin/sshd'
debug1: rexec_argv[1]='-ddddd'
debug1: rexec_argv[2]='-p2222'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 2222 on 0.0.0.0.
Server listening on 0.0.0.0 port 2222.
debug2: fd 4 setting O_NONBLOCK
debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY
debug1: Bind to port 2222 on ::.
Bind to port 2222 on :: failed: Address already in use.
debug1: fd 4 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 7 config len 324
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
debug1: inetd sockets after dupping: 3, 3
Connection from 10.1.0.161 port 54046 on 10.1.0.1 port 2222
debug1: Client protocol version 2.0; client software version
OpenSSH_6.5p1 Debian-6
debug1: match: OpenSSH_6.5p1 Debian-6 pat OpenSSH* compat 0x04000000
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6
debug2: fd 3 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing rlimit sandbox
debug2: Network child is on pid 89674
debug3: preauth child monitor started
debug3: privsep user:group 210:202 [preauth]
debug1: permanently_set_uid: 210/202 [preauth]
debug1: list_hostkey_types: ssh-rsa,ssh-dss,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug2: kex_parse_kexinit:
curve25519-sha256 at libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
[preauth]
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ssh-ed25519 [preauth]
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
[preauth]
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
[preauth]
debug2: kex_parse_kexinit:
hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
[preauth]
debug2: kex_parse_kexinit:
hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
[preauth]
debug2: kex_parse_kexinit: none,zlib at openssh.com [preauth]
debug2: kex_parse_kexinit: none,zlib at openssh.com [preauth]
debug2: kex_parse_kexinit: [preauth]
debug2: kex_parse_kexinit: [preauth]
debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
debug2: kex_parse_kexinit: reserved 0 [preauth]
debug2: kex_parse_kexinit:
curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
[preauth]
debug2: kex_parse_kexinit:
ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-dss-cert-v00 at openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
[preauth]
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
[preauth]
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
[preauth]
debug2: kex_parse_kexinit:
hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
[preauth]
debug2: kex_parse_kexinit:
hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
[preauth]
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib [preauth]
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib [preauth]
debug2: kex_parse_kexinit: [preauth]
debug2: kex_parse_kexinit: [preauth]
debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
debug2: kex_parse_kexinit: reserved 0 [preauth]
debug2: mac_setup: setup hmac-md5-etm at openssh.com [preauth]
debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com none
[preauth]
debug2: mac_setup: setup hmac-md5-etm at openssh.com [preauth]
debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none
[preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug3: mm_key_sign entering [preauth]
debug3: mm_request_send entering: type 6 [preauth]
debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth]
debug3: mm_request_receive_expect entering: type 7 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 6
debug3: mm_answer_sign
debug3: mm_answer_sign: signature 2004af48(83)
debug3: mm_request_send entering: type 7
debug2: monitor_read: 6 used once, disabling now
debug2: kex_derive_keys [preauth]
debug2: set_newkeys: mode 1 [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug2: set_newkeys: mode 0 [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user cpdp service ssh-connection method
none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug3: mm_getpwnamallow entering [preauth]
debug3: mm_request_send entering: type 8 [preauth]
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
debug3: mm_request_receive_expect entering: type 9 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 8
debug3: mm_answer_pwnamallow
debug3: Trying to reverse map address 10.1.0.161.
debug2: parse_server_config: config reprocess config len 324
debug3: checking match for 'User cpdp' user cpdp host pctotc addr
10.1.0.161 laddr 10.1.0.1 lport 2222
debug1: user cpdp matched 'User cpdp' at line 136
debug3: match found
debug3: reprocess config:137 setting ChrootDirectory /cpdp
debug3: reprocess config:138 setting ForceCommand internal-sftp
debug3: AIX/setauthdb set registry 'files'
debug3: aix_restoreauthdb: restoring old registry ''
debug3: AIX/loginrestrictions returned 0 msg (none)
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send entering: type 9
debug2: monitor_read: 8 used once, disabling now
debug2: input_userauth_request: setting up authctxt for cpdp [preauth]
debug3: mm_inform_authserv entering [preauth]
debug3: mm_request_send entering: type 4 [preauth]
debug2: input_userauth_request: try method none [preauth]
debug3: userauth_finish: failure partial=0 next
methods="publickey,password,keyboard-interactive" [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 4
debug3: mm_answer_authserv: service=ssh-connection, style=
debug2: monitor_read: 4 used once, disabling now
debug1: userauth-request for user cpdp service ssh-connection method
publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug2: input_userauth_request: try method publickey [preauth]
debug1: test whether pkalg/pkblob are acceptable [preauth]
debug3: mm_key_allowed entering [preauth]
debug3: mm_request_send entering: type 22 [preauth]
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED [preauth]
debug3: mm_request_receive_expect entering: type 23 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 22
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 2004b1d8
debug1: temporarily_use_uid: 212/1 (e=0/0)
debug1: trying public key file /home/cpdp/.ssh/authorized_keys
debug1: Could not open authorized keys
'/home/cpdp/.ssh/authorized_keys': No such file or directory
debug1: restore_uid: 0/0
Failed publickey for cpdp from 10.1.0.161 port 54046 ssh2: DSA
6f:bf:40:de:ee:5c:1c:9f:70:71:68:cf:41:de:f0:5f
debug3: mm_answer_keyallowed: key 2004b1d8 is not allowed
debug3: mm_request_send entering: type 23
debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss [preauth]
debug3: userauth_finish: failure partial=0 next
methods="publickey,password,keyboard-interactive" [preauth]
debug1: userauth-request for user cpdp service ssh-connection method
keyboard-interactive [preauth]
debug1: attempt 2 failures 1 [preauth]
debug2: input_userauth_request: try method keyboard-interactive [preauth]
debug1: keyboard-interactive devs [preauth]
debug1: auth2_challenge: user=cpdp devs= [preauth]
debug1: kbdint_alloc: devices '' [preauth]
debug2: auth2_challenge_start: devices [preauth]
debug3: userauth_finish: failure partial=0 next
methods="publickey,password,keyboard-interactive" [preauth]
debug1: userauth-request for user cpdp service ssh-connection method
password [preauth]
debug1: attempt 3 failures 2 [preauth]
debug2: input_userauth_request: try method password [preauth]
debug3: mm_auth_password entering [preauth]
debug3: mm_request_send entering: type 12 [preauth]
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD [preauth]
debug3: mm_request_receive_expect entering: type 13 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 12
debug3: AIX/authenticate result 0, authmsg
debug3: AIX SYSTEM attribute compat
debug3: AIX/setauthdb set registry 'files'
debug3: AIX/passwdexpired returned 1 msg You are required to change your
password. Please choose a new one.
debug3: aix_restoreauthdb: restoring old registry ''
debug3: mm_answer_authpassword: sending result 1
debug3: mm_request_send entering: type 13
Accepted password for cpdp from 10.1.0.161 port 54046 ssh2
debug3: AIX/setauthdb set registry 'files'
debug1: AIX/loginsuccess: msg Last login: Thu Mar 27 16:00:44 2014 on
ssh from pctotc
debug3: aix_restoreauthdb: restoring old registry ''
debug1: monitor_child_preauth: cpdp has been authenticated by privileged
process
debug3: mm_get_keystate: Waiting for new keys
debug3: mm_request_receive_expect entering: type 26
debug3: mm_request_receive entering
debug3: mm_newkeys_from_blob: 2006a398(134)
debug2: mac_setup: setup hmac-md5-etm at openssh.com
debug3: mm_get_keystate: Waiting for second key
debug3: mm_newkeys_from_blob: 2006a398(134)
debug2: mac_setup: setup hmac-md5-etm at openssh.com
debug3: mm_get_keystate: Getting compression state
debug3: mm_get_keystate: Getting Network I/O buffers
debug3: mm_auth_password: user authenticated [preauth]
debug3: mm_send_keystate: Sending new keys: 200516c8 2004ab58 [preauth]
debug3: mm_newkeys_to_blob: converting 200516c8 [preauth]
debug3: mm_newkeys_to_blob: converting 2004ab58 [preauth]
debug3: mm_send_keystate: New keys have been sent [preauth]
debug3: mm_send_keystate: Sending compression state [preauth]
debug3: mm_request_send entering: type 26 [preauth]
debug3: mm_send_keystate: Finished sending state [preauth]
debug1: monitor_read_log: child log fd closed
debug3: mm_share_sync: Share sync
debug3: mm_share_sync: Share sync end
debug3: ssh_sandbox_parent_finish: finished
debug3: AIX/UsrInfo: set len 23
debug3: safely_chroot: checking '/'
debug3: safely_chroot: checking '/cpdp'
Changed root directory to "/cpdp"
debug1: permanently_set_uid: 212/1
debug2: set_newkeys: mode 0
debug2: set_newkeys: mode 1
debug1: Entering interactive session for SSH2.
debug2: fd 5 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 2097152 max
32768
debug1: input_session_request
debug1: channel 0: new [server-session]
debug2: session_new: allocate (allocated 0 max 10)
debug3: session_unused: session id 0 unused
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_global_request: rtype no-more-sessions at openssh.com
want_reply 0
User child is on pid 89676
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug2: Ignoring env request LANG: disallowed name
debug1: server_input_channel_req: channel 0 request subsystem reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req subsystem
debug2: subsystem request for sftp by user cpdp
debug1: subsystem: cannot stat /usr/local/ssh/libexec/sftp-server: No
such file or directory
debug1: subsystem: exec() /usr/local/ssh/libexec/sftp-server
Starting session: forced-command (config) 'internal-sftp' for cpdp from
10.1.0.161 port 54046
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x08
debug2: fd 9 setting O_NONBLOCK
debug2: fd 8 setting O_NONBLOCK
debug2: fd 11 setting O_NONBLOCK
debug2: channel 0: read 83 from efd 11
debug3: channel 0: discard efd
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 71070
debug1: session_exit_message: session 0 channel 0 pid 71070
debug2: channel 0: request exit-status confirm 0
debug1: session_exit_message: release channel 0
debug2: channel 0: write failed
debug2: channel 0: close_write
debug2: channel 0: send eow
debug2: channel 0: output open -> closed
debug2: channel 0: read<=0 rfd 9 len 0
debug2: channel 0: read failed
debug2: channel 0: close_read
debug2: channel 0: input open -> drain
debug2: channel 0: read 0 from efd 11
debug2: channel 0: closing read-efd 11
debug2: channel 0: ibuf empty
debug2: channel 0: send eof
debug2: channel 0: input drain -> closed
debug2: channel 0: send close
debug2: notify_done: reading
debug3: channel 0: will not send data after close
debug2: channel 0: rcvd close
Received disconnect from 10.1.0.161: 11: disconnected by user
debug1: do_cleanup
debug3: mm_request_receive entering
debug1: do_cleanup
======================
CLIENT LOG
======================
$ sftp -P 2222 -vvv cpdp at 10.1.0.1
OpenSSH_6.5, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 10.1.0.1 [10.1.0.1] port 2222.
debug1: Connection established.
debug1: identity file /home/tc/.ssh/id_rsa type -1
debug1: identity file /home/tc/.ssh/id_rsa-cert type -1
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/tc/.ssh/id_dsa" as a RSA1 public key
debug1: identity file /home/tc/.ssh/id_dsa type 2
debug1: identity file /home/tc/.ssh/id_dsa-cert type -1
debug1: identity file /home/tc/.ssh/id_ecdsa type -1
debug1: identity file /home/tc/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/tc/.ssh/id_ed25519 type -1
debug1: identity file /home/tc/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.5p1 Debian-6
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6
debug1: match: OpenSSH_6.6 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: put_host_port: [10.1.0.1]:2222
debug3: load_hostkeys: loading entries for host "[10.1.0.1]:2222" from
file "/home/tc/.ssh/known_hosts"
debug3: load_hostkeys: found key type ED25519 in file
/home/tc/.ssh/known_hosts:177
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs:
ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit:
ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-dss-cert-v00 at openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
debug2: kex_parse_kexinit:
hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
curve25519-sha256 at libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ssh-ed25519
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,chacha20-poly1305 at openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc at lysator.liu.se
debug2: kex_parse_kexinit:
hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-ripemd160-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-md5,hmac-sha1,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib at openssh.com
debug2: kex_parse_kexinit: none,zlib at openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5-etm at openssh.com
debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none
debug2: mac_setup: found hmac-md5-etm at openssh.com
debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ED25519
51:c3:32:61:dd:77:32:87:14:2d:78:21:17:53:bb:8d
debug3: put_host_port: [10.1.0.1]:2222
debug3: put_host_port: [10.1.0.1]:2222
debug3: load_hostkeys: loading entries for host "[10.1.0.1]:2222" from
file "/home/tc/.ssh/known_hosts"
debug3: load_hostkeys: found key type ED25519 in file
/home/tc/.ssh/known_hosts:177
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "[10.1.0.1]:2222" from
file "/home/tc/.ssh/known_hosts"
debug3: load_hostkeys: found key type ED25519 in file
/home/tc/.ssh/known_hosts:177
debug3: load_hostkeys: loaded 1 keys
debug1: Host '[10.1.0.1]:2222' is known and matches the ED25519 host key.
debug1: Found key in /home/tc/.ssh/known_hosts:177
debug1: ssh_ed25519_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/tc/.ssh/id_rsa ((nil)),
debug2: key: /home/tc/.ssh/id_dsa (0x7fe98cc92070),
debug2: key: /home/tc/.ssh/id_ecdsa ((nil)),
debug2: key: /home/tc/.ssh/id_ed25519 ((nil)),
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug3: start over, passed a different list
publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/tc/.ssh/id_rsa
debug3: no such identity: /home/tc/.ssh/id_rsa: No such file or directory
debug1: Offering DSA public key: /home/tc/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Trying private key: /home/tc/.ssh/id_ecdsa
debug3: no such identity: /home/tc/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/tc/.ssh/id_ed25519
debug3: no such identity: /home/tc/.ssh/id_ed25519: No such file or
directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
cpdp at 10.1.0.1's password:
debug3: packet_send2: adding 64 (len 49 padlen 15 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
Authenticated to 10.1.0.1 ([10.1.0.1]:2222).
debug2: fd 4 setting O_NONBLOCK
debug3: fd 5 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions at openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x08
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug3: Ignored env SSH_AGENT_PID
debug3: Ignored env KDE_MULTIHEAD
debug3: Ignored env DM_CONTROL
debug3: Ignored env SHELL
debug3: Ignored env TERM
debug3: Ignored env XDG_SESSION_COOKIE
debug3: Ignored env XDM_MANAGED
debug3: Ignored env GTK2_RC_FILES
debug3: Ignored env KONSOLE_DBUS_SERVICE
debug3: Ignored env KONSOLE_PROFILE_NAME
debug3: Ignored env GS_LIB
debug3: Ignored env GTK_RC_FILES
debug3: Ignored env WINDOWID
debug3: Ignored env SHELL_SESSION_ID
debug3: Ignored env KDE_FULL_SESSION
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env XCURSOR_SIZE
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env SESSION_MANAGER
debug3: Ignored env DESKTOP_SESSION
debug3: Ignored env PATH
debug3: Ignored env PWD
debug3: Ignored env KONSOLE_DBUS_WINDOW
debug3: Ignored env KDE_SESSION_UID
debug1: Sending env LANG = fr_FR.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env KONSOLE_DBUS_SESSION
debug3: Ignored env HOME
debug3: Ignored env COLORFGBG
debug3: Ignored env SHLVL
debug3: Ignored env KDE_SESSION_VERSION
debug3: Ignored env LANGUAGE
debug3: Ignored env XCURSOR_THEME
debug3: Ignored env LOGNAME
debug3: Ignored env XDG_DATA_DIRS
debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
debug3: Ignored env WINDOWPATH
debug3: Ignored env PROFILEHOME
debug3: Ignored env DISPLAY
debug3: Ignored env QT_PLUGIN_PATH
debug3: Ignored env XDG_CURRENT_DESKTOP
debug3: Ignored env _
debug1: Sending subsystem: sftp
debug2: channel 0: request subsystem confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: subsystem request accepted on channel 0
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow at openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
debug1: fd 0 clearing O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
Transferred: sent 3104, received 2136 bytes, in 0.0 seconds
Bytes per second: sent 234989.4, received 161706.6
debug1: Exit status 1
Connection closed
--
*Thierry CHARLES*
Infass Systèmes <http://www.infass.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: t_charles.vcf
Type: text/x-vcard
Size: 273 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20140327/fd453b72/attachment-0001.vcf>
More information about the openssh-unix-dev
mailing list