Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Hi,
here's my problem:
I've got 2 CH3SNAS boxes both running funplug 0.5
I've got them setup for ssh access and am now in the process
of securing access through sftp. I've done this successfully for my
first box, can't get it to work on the second one using the exact same
settings.
What happens on the second box is that I am unable to connect to it
via ssh or sftp when a "Match Group" statement is present in the sshd_config
file. I set sshd logging to DEBUG3 and this what's logged:
Feb 18 17:04:16 NAS1 auth.debug sshd[1727]: debug2: fd 3 setting O_NONBLOCK
Feb 18 17:04:16 NAS1 auth.debug sshd[1727]: debug1: Bind to port 22 on 0.0.0.0.
Feb 18 17:04:16 NAS1 auth.info sshd[1727]: Server listening on 0.0.0.0 port 22.
Feb 18 17:04:16 NAS1 auth.debug sshd[1727]: debug2: fd 4 setting O_NONBLOCK
Feb 18 17:04:16 NAS1 auth.debug sshd[1727]: debug1: Bind to port 22 on 0.0.0.0.
Feb 18 17:04:16 NAS1 auth.err sshd[1727]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Feb 18 17:06:16 NAS1 auth.debug sshd[1727]: debug3: fd 4 is not O_NONBLOCK
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug1: rexec start in 4 out 4 newsock 4 pipe 6 sock 7
Feb 18 17:06:16 NAS1 auth.debug sshd[1727]: debug1: Forked child 1805.
Feb 18 17:06:16 NAS1 auth.debug sshd[1727]: debug3: send_rexec_state: entering fd = 7 config len 299
Feb 18 17:06:16 NAS1 auth.debug sshd[1727]: debug3: ssh_msg_send: type 0
Feb 18 17:06:16 NAS1 auth.debug sshd[1727]: debug3: send_rexec_state: done
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug1: inetd sockets after dupping: 3, 3
Feb 18 17:06:16 NAS1 auth.info sshd[1805]: Connection from 127.0.0.1 port 4859
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug1: Client protocol version 2.0; client software version OpenSSH_5.2
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug1: match: OpenSSH_5.2 pat OpenSSH*
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug1: Enabling compatibility mode for protocol 2.0
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug1: Local version string SSH-2.0-OpenSSH_5.2
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug2: fd 3 setting O_NONBLOCK
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug2: Network child is on pid 1806
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug3: preauth child monitor started
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug3: mm_request_receive entering
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug3: monitor_read: checking request 0
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug3: mm_answer_moduli: got parameters: 1024 1024 8192
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug3: mm_request_send entering: type 1
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug2: monitor_read: 0 used once, disabling now
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug3: mm_request_receive entering
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug3: monitor_read: checking request 4
Feb 18 17:06:16 NAS1 auth.debug sshd[1805]: debug3: mm_answer_sign
Feb 18 17:06:17 NAS1 auth.debug sshd[1805]: debug3: mm_answer_sign: signature 0x6bab0(271)
Feb 18 17:06:17 NAS1 auth.debug sshd[1805]: debug3: mm_request_send entering: type 5
Feb 18 17:06:17 NAS1 auth.debug sshd[1805]: debug2: monitor_read: 4 used once, disabling now
Feb 18 17:06:17 NAS1 auth.debug sshd[1805]: debug3: mm_request_receive entering
Feb 18 17:06:27 NAS1 auth.debug sshd[1805]: debug3: monitor_read: checking request 6
Feb 18 17:06:27 NAS1 auth.debug sshd[1805]: debug3: mm_answer_pwnamallow
Feb 18 17:06:27 NAS1 auth.debug sshd[1805]: debug3: Trying to reverse map address 127.0.0.1.
Feb 18 17:06:27 NAS1 auth.debug sshd[1805]: debug2: parse_server_config: config reprocess config len 299
Feb 18 17:06:27 NAS1 auth.debug sshd[1805]: debug3: checking match for 'Group abcdefg' user test host localhost.localdomain addr 127.0.0.1
As you can see, nothing is logged after the "checking match" line. No indication of a failure whatsoever.
Here's the client log:
OpenSSH_5.2p1, OpenSSL 0.9.8h 28 May 2008
debug1: Reading configuration data /ffp/etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /home/root/.ssh/identity type -1
debug1: identity file /home/root/.ssh/id_rsa type -1
debug1: identity file /home/root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.2
debug1: match: OpenSSH_5.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug2: fd 6 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 125/256
debug2: bits set: 496/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /home/root/.ssh/known_hosts:1
debug2: bits set: 526/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/root/.ssh/identity ((nil))
debug2: key: /home/root/.ssh/id_rsa ((nil))
debug2: key: /home/root/.ssh/id_dsa ((nil))
Connection closed by 127.0.0.1
I hope someone can help me with this.
Regards,
Matthias.
Offline