Re: sshd server problem - HELP!
You could walk your on-site person thorugh enabling telnet, and use that to troubleshoot... I know, it's not a very secure answer, but it may get you up and running. Shannon Neumann Neumannweb Computers www.neumannweb.net Tibbetts, Ric wrote: All; I have an interesting challenge. Some speculation will be required to solve this one! The situation: Linux Server sitting in Seattle, I'm in Florida. The Linux Server crashed due to a power failure (I know, it needs a UPS). When the server came back up, it came up, sans sshd. So I cannot get on it to check it out. I also cannot get on to diagnose the problem with sshd, because ssh is my only access (kinda a catch-22 isn't it?). Further complicating it: I Have no one on site, that knows spit about computers, that can help. The best that can be offered is a pair of fingers, that are extremely computer illerate. Somehow, I need to diagnose the problem, and find a way to fix it. Any suggestions will be greatfully accepted. Any guesses on what would be snagging up sshd? All I know is that it failes to start, both on boot, and via service sshd start. I don't know what's in the logs, I can't get to them. I know this is vague, but it's all I have to go on at the moment. Any suggestions, speculations, WAGs will be very greatfully accepted! Thank you! Ric -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
On Tue, Jan 07, 2003 at 09:49:03AM -0500, Tibbetts, Ric wrote: Any suggestions, speculations, WAGs will be very greatfully accepted! Get those two fingers to chkconfig telnet on and service xinetd reload, then you telnet to the machine, diagnose, fix and change root password (in case it was snooped). For the future, you might consider installing a modem on the server, so you can dial in to it when having network access problems. Cheers, -- Javier GostlingAv. Kennedy 5757, of. 1502 Ingeniero de Sistemas Las Condes, Santiago, Chile Virtualia S.A. Fono: +56 (2) 202-6264 x 130 [EMAIL PROTECTED] Fax: +56 (2) 342-8763 msg101321/pgp0.pgp Description: PGP signature
Re: sshd server problem - HELP!
On Tue, 7 Jan 2003, Javier Gostling wrote: On Tue, Jan 07, 2003 at 09:49:03AM -0500, Tibbetts, Ric wrote: Any suggestions, speculations, WAGs will be very greatfully accepted! Get those two fingers to chkconfig telnet on and service xinetd reload, then you telnet to the machine, diagnose, fix and change root password (in case it was snooped). just being pedantic, but if you enable an xinetd-managed service with chkconfig, there is no need to reload/restart xinetd -- that's done automagically. rday -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
Speculating that X is on the system and maybe even VNC, that would be another avenue if the onsite person were able to get that up and going. I also realize that is not very secure, but it would be another method and something that could be scripted as a backup in case sshd fails to start in the future. Scott On Tue, 2003-01-07 at 08:01, Robert P. J. Day wrote: On Tue, 7 Jan 2003, Javier Gostling wrote: On Tue, Jan 07, 2003 at 09:49:03AM -0500, Tibbetts, Ric wrote: Any suggestions, speculations, WAGs will be very greatfully accepted! Get those two fingers to chkconfig telnet on and service xinetd reload, then you telnet to the machine, diagnose, fix and change root password (in case it was snooped). just being pedantic, but if you enable an xinetd-managed service with chkconfig, there is no need to reload/restart xinetd -- that's done automagically. rday -- Scott Croft Unix Services Micron Technology, Inc. 208.368.1586 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
Javier Gostling wrote: On Tue, Jan 07, 2003 at 09:49:03AM -0500, Tibbetts, Ric wrote: Any suggestions, speculations, WAGs will be very greatfully accepted! Get those two fingers to chkconfig telnet on and service xinetd reload, then you telnet to the machine, diagnose, fix and change root password (in case it was snooped). For the future, you might consider installing a modem on the server, so you can dial in to it when having network access problems. Cheers, I tried the telnet idea before. It's not even installed. So that's out. but thanks for the suggestion. Any thoughts on what would be causing sshd to fail would be helpfull. Ric PS: I won't be back in Seattle for a couple of months. But the next time I'm up there, I'll consider both a UPS, and a modem. ;) -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
On Tue, Jan 07, 2003 at 10:01:15AM -0500, Robert P. J. Day wrote: just being pedantic, but if you enable an xinetd-managed service with chkconfig, there is no need to reload/restart xinetd -- that's done automagically. I see. I did some tests and found that if you chkconfig xinetd-service on and check immediately with netstat -utl it doesn't show the newly enabled service. It will take some time (haven't checked how long) before the change takes effect. Cheers, -- Javier GostlingAv. Kennedy 5757, of. 1502 Ingeniero de Sistemas Las Condes, Santiago, Chile Virtualia S.A. Fono: +56 (2) 202-6264 x 130 [EMAIL PROTECTED] Fax: +56 (2) 342-8763 msg101327/pgp0.pgp Description: PGP signature
Re: sshd server problem - HELP!
Check your /var/log/messages for any clues. There must be some error messages logging there. Somehow someone will need to login to the machine locally and give you the information. Next time your up there I'd recommend a secondary service in case of any problems with ssh. I like webmin personally. If ssh is out then at least I can do something. Heck, maybe someone can reboot the box for you (ctl-alt-del). Not headless I hope :D Good Luck! Sentinel --- I tried the telnet idea before. It's not even installed. So that's out. but thanks for the suggestion. Any thoughts on what would be causing sshd to fail would be helpfull. Ric PS: I won't be back in Seattle for a couple of months. But the next time I'm up there, I'll consider both a UPS, and a modem. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 7 Jan 2003 12:23:36 -0300, Javier Gostling wrote: just being pedantic, but if you enable an xinetd-managed service with chkconfig, there is no need to reload/restart xinetd -- that's done automagically. I see. I did some tests and found that if you chkconfig xinetd-service on and check immediately with netstat -utl it doesn't show the newly enabled service. It will take some time (haven't checked how long) before the change takes effect. Try: # tail -f /var/log/messages # chkconfig SOMEXINETDSERVICE off # chkconfig SOMEXINETDSERVICE on - -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+Gv580iMVcrivHFQRAtBcAKCFvgYbUW6K9K6Mkf1wFp7aRZqU9QCeI0/w ACFjzq1WHR+5tQ/Q67u1AO0= =RSPS -END PGP SIGNATURE- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 07 Jan 2003 10:04:22 -0500, Tibbetts, Ric wrote: I tried the telnet idea before. It's not even installed. So that's out. but thanks for the suggestion. Any thoughts on what would be causing sshd to fail would be helpfull. Ric PS: I won't be back in Seattle for a couple of months. But the next time I'm up there, I'll consider both a UPS, and a modem. ;) Interesting thread, but difficult to comment on without much more details from you. So, some questions: The machine boots fine? Can the person, who has local access to it, see whether the machine has a network connection? In case it is online, but just sshd fails to start, RPM is able to install from the network (e.g. rpm -ivh ftp://foo.bar/telnet-server...i386.rpm) Just pick a fast Red Hat mirror, e.g. ftp://redhat.newaol.com, and install the telnet-server package from there. In case the machine is offline, further analysis and details are needed. - -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+Gv+v0iMVcrivHFQRAlTsAJ9/YWbzCd66X4cKKIraU3kEAMImbACfWAqD gooaeC9vwdRVrwhz8Xdsm3w= =BUbO -END PGP SIGNATURE- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
On Tue, Jan 07, 2003 at 10:04:22AM -0500, Tibbetts, Ric wrote: I tried the telnet idea before. It's not even installed. So that's out. but thanks for the suggestion. Ok. Another one is to do an xhost + remote_host and have the guy at the remote site do xterm -display your_host:0 so as to have the remote xterm window show in your workstations display. Be aware that, most likely, a firewall will be blocking you somewhere. Cheers, -- Javier GostlingAv. Kennedy 5757, of. 1502 Ingeniero de Sistemas Las Condes, Santiago, Chile Virtualia S.A. Fono: +56 (2) 202-6264 x 130 [EMAIL PROTECTED] Fax: +56 (2) 342-8763 msg101343/pgp0.pgp Description: PGP signature
Re: sshd server problem - HELP!
Javier Gostling wrote: On Tue, Jan 07, 2003 at 10:04:22AM -0500, Tibbetts, Ric wrote: I tried the telnet idea before. It's not even installed. So that's out. but thanks for the suggestion. Ok. Another one is to do an xhost + remote_host and have the guy at the remote site do xterm -display your_host:0 so as to have the remote xterm window show in your workstations display. Be aware that, most likely, a firewall will be blocking you somewhere. Yeah, the server itself is running a firewall. (just to make this even harder). So telnet is blocked. Even if it were installed, it's blocked. I'm really down to looking for a set of guesses on why sshd is failing to start. Ric An Idea: FTP is enabled. So I can ftp into the box, but only as a regular user, not as root. I'm doctoring a copy of /etc/passwd, to switch the UID of a regular user to 0. That would grant root priveledge during ftp. Then I can grab a copy of /var/log/messages, and maybe get a clue as to what's happening. I can walk my remote fingers through a cp /tmp/passwd /etc/passwd to put that in place (later today.. the fingers are out for the morning...). -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
If the remote fingers has root access, the I would use the earlier suggestion of the xterm unless your firewall is going to block it. Can you turn off the firewall temporarily until you can troubleshoot the system? If that is the case, then use the earlier suggestion of installing the telnet server. Scott On Tue, 2003-01-07 at 09:31, Tibbetts, Ric wrote: Javier Gostling wrote: On Tue, Jan 07, 2003 at 10:04:22AM -0500, Tibbetts, Ric wrote: I tried the telnet idea before. It's not even installed. So that's out. but thanks for the suggestion. Ok. Another one is to do an xhost + remote_host and have the guy at the remote site do xterm -display your_host:0 so as to have the remote xterm window show in your workstations display. Be aware that, most likely, a firewall will be blocking you somewhere. Yeah, the server itself is running a firewall. (just to make this even harder). So telnet is blocked. Even if it were installed, it's blocked. I'm really down to looking for a set of guesses on why sshd is failing to start. Ric An Idea: FTP is enabled. So I can ftp into the box, but only as a regular user, not as root. I'm doctoring a copy of /etc/passwd, to switch the UID of a regular user to 0. That would grant root priveledge during ftp. Then I can grab a copy of /var/log/messages, and maybe get a clue as to what's happening. I can walk my remote fingers through a cp /tmp/passwd /etc/passwd to put that in place (later today.. the fingers are out for the morning...). -- Scott Croft Unix Services Micron Technology, Inc. 208.368.1586 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
On Tue, Jan 07, 2003 at 10:04:22AM -0500, Tibbetts, Ric wrote: I tried the telnet idea before. It's not even installed. So that's out. but thanks for the suggestion. Any thoughts on what would be causing sshd to fail would be helpfull. Ric I would try one of two things. Try starting sshd and then tail /var/log/messages to see what the error is. You should be able to walk even a non-computer user through these commands. Or, if the machine has a network connection have the user try starting sshd and then type the following # tail /var/log/messages | mail -s logs [EMAIL PROTECTED] Then just wait for the email to arrive which may provide you with additional insight. At least this way you may get a bit more information as to what is causing sshd to fail. /jft -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 07 Jan 2003 11:31:27 -0500, Tibbetts, Ric wrote: Yeah, the server itself is running a firewall. (just to make this even harder). So telnet is blocked. Even if it were installed, it's blocked. I'm really down to looking for a set of guesses on why sshd is failing to start. An Idea: FTP is enabled. So I can ftp into the box, but only as a It could be damaged shared objects. Can you get anyone to run the following and make available the file via FTP? # su -l root # rpm -qa | xargs -n 1 -t rpm -V rpm-Va.txt - -- -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+GxtM0iMVcrivHFQRAvOrAKCE4lFQqnRr4H+kUijI3Vnloe+1KQCeNiby +STivdG2Y4o7pTwI6XVC9Js= =uA77 -END PGP SIGNATURE- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
Jeffrey Tadlock wrote: On Tue, Jan 07, 2003 at 10:04:22AM -0500, Tibbetts, Ric wrote: I tried the telnet idea before. It's not even installed. So that's out. but thanks for the suggestion. Any thoughts on what would be causing sshd to fail would be helpfull. Ric I would try one of two things. Try starting sshd and then tail /var/log/messages to see what the error is. You should be able to walk even a non-computer user through these commands. Or, if the machine has a network connection have the user try starting sshd and then type the following # tail /var/log/messages | mail -s logs [EMAIL PROTECTED] Then just wait for the email to arrive which may provide you with additional insight. At least this way you may get a bit more information as to what is causing sshd to fail. Yep, this is what is surfacing as the answer. I'll try the UID switch first. Then I may be able to grab a copy of /var/log/messages. If that fails, then I'll have my remote fingers mail it to me. Whew! Been fun (and it's still not solved...). Ric -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
On Tue, Jan 07, 2003 at 09:56:09AM -0500, Shannon Neumann wrote: You could walk your on-site person thorugh enabling telnet, and use that to troubleshoot... I know, it's not a very secure answer, but it may get you up and running. Shannon Neumann Neumannweb Computers www.neumannweb.net Second the motion. If you can't get access to the system at all you are worse off then when you have a less secure access. telnet is easy to turn in RH8 and in RH7.X. You could : 1. email them a script to run to turn telnet on. 2. email files to install to turn it on 3. some combo of the above. 4. teletype them thru it - eg. - Now press the enter key, OK what do you see now? You'll have to test whatever method you want to use before you do it live, Even the teletyping will go better if you dry run it yourself before trying it with them. At least then you can have a plan and a checklist. What Linux do you have installed? Tibbetts, Ric wrote: All; I have an interesting challenge. Some speculation will be required to solve this one! The situation: Linux Server sitting in Seattle, I'm in Florida. The Linux Server crashed due to a power failure (I know, it needs a UPS). When the server came back up, it came up, sans sshd. So I cannot get on it to check it out. I also cannot get on to diagnose the problem with sshd, because ssh is my only access (kinda a catch-22 isn't it?). Further complicating it: I Have no one on site, that knows spit about computers, that can help. The best that can be offered is a pair of fingers, that are extremely computer illerate. Somehow, I need to diagnose the problem, and find a way to fix it. Any suggestions will be greatfully accepted. Any guesses on what would be snagging up sshd? All I know is that it failes to start, both on boot, and via service sshd start. I don't know what's in the logs, I can't get to them. I know this is vague, but it's all I have to go on at the moment. Any suggestions, speculations, WAGs will be very greatfully accepted! Thank you! Ric -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list -- Jeff Kinz, Emergent Research, Hudson, MA. [EMAIL PROTECTED] [EMAIL PROTECTED] copyright 2002. Use is restricted. Any use is an acceptance of the offer at http://users.rcn.com/jkinz/policy.html. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
Michael Schwendt wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 07 Jan 2003 11:31:27 -0500, Tibbetts, Ric wrote: Yeah, the server itself is running a firewall. (just to make this even harder). So telnet is blocked. Even if it were installed, it's blocked. I'm really down to looking for a set of guesses on why sshd is failing to start. An Idea: FTP is enabled. So I can ftp into the box, but only as a It could be damaged shared objects. Can you get anyone to run the following and make available the file via FTP? # su -l root # rpm -qa | xargs -n 1 -t rpm -V rpm-Va.txt I doubt that it's that detailed. I suspect it's just a full filesystem. I'm going to have my remote fingers e-Mail me a copy of the /var/logs/messages. That should shed some light on this. I'll know more later on. Ric -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
Re: sshd server problem - HELP!
If you have, say, a Knoppix CD sitting there as an emergency disk, you could have your Remote Fingers boot from it, talk him/er though configuring networking (if Knoppix can't do it automatically) and then turn on sshd, then login remotely and look about. -kb -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list