unix shell (SSH) not prompting for password

Discussion in 'Server Operation' started by badgerbox76, Mar 29, 2006.

  1. badgerbox76

    badgerbox76 Member

    Hello i have setup my system using the ubuntu ispconfig guide and was testing out some of the apps. When i connect to ssh useing putty a command window pops up with out me having to enter any password. Althrough i cant enter any commands it just sits there. How can i fix this problem?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Is there a command prompt in the window or does the window times out with a connection error after some minutes?
     
  3. badgerbox76

    badgerbox76 Member

    I enter in the ip of my server and click connect then a back window with a green cursor shows up in the right corner of the screen. i cant type in any commands and it will just sit there. so what is going on?
     
  4. falko

    falko Super Moderator Howtoforge Staff

    Please post the output of
    Code:
    netstat -tap
    from your server.
     
  5. badgerbox76

    badgerbox76 Member

    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 localhost.localdo:32769 *:* LISTEN -
    tcp 0 0 localhost.localdo:32770 *:* LISTEN -
    tcp 0 0 localhost.localdo:mysql *:* LISTEN -
    tcp 0 0 *:netbios-ssn *:* LISTEN -
    tcp 0 0 *:81 *:* LISTEN -
    tcp 0 0 localhost.localdom:7634 *:* LISTEN -
    tcp 0 0 *:ftp *:* LISTEN -
    tcp 0 0 monitorwaves.no-:domain *:* LISTEN -
    tcp 0 0 localhost.locald:domain *:* LISTEN -
    tcp 0 0 localhost.localdoma:ipp *:* LISTEN -
    tcp 0 0 localhost.localdoma:953 *:* LISTEN -
    tcp 0 0 *:smtp *:* LISTEN -
    tcp 0 0 *:microsoft-ds *:* LISTEN -
    tcp 0 0 monitorwaves.no-i:42405 66.117.38.132:20046 TIME_WAIT -
    tcp 0 0 monitorwaves.no-i:53088 209.50.189.200:www ESTABLISHED13186/firefox-bin
    tcp 0 0 localhost.localdoma:ipp localhost.localdo:58372 ESTABLISHED-
    tcp 0 0 monitorwaves.no-i:43849 72.14.219.104:www ESTABLISHED13186/firefox-bin
    tcp 1 0 localhost.localdo:53272 localhost.localdoma:ipp CLOSE_WAIT -
    tcp 0 0 monitorwaves.no-i:44877 64.233.179.99:www ESTABLISHED13186/firefox-bin
    tcp 0 0 localhost.localdo:35295 localhost.localdo:32769 ESTABLISHED-
    tcp 1 0 localhost.localdo:40186 localhost.localdoma:ipp CLOSE_WAIT -
    tcp 0 0 localhost.localdo:58372 localhost.localdoma:ipp ESTABLISHED7989/gnome-cups-ico
    tcp 0 0 monitorwaves.no-i:48062 63.236.80.73:www TIME_WAIT -
    tcp 0 0 localhost.localdo:32769 localhost.localdo:35295 ESTABLISHED-
    tcp6 0 0 *:imaps *:* LISTEN -
    tcp6 0 0 *:pop3s *:* LISTEN -
    tcp6 0 0 *:pop3 *:* LISTEN -
    tcp6 0 0 *:imap2 *:* LISTEN -
    tcp6 0 0 *:www *:* LISTEN -
    tcp6 0 0 *:tproxy *:* LISTEN -
    tcp6 0 0 *:ssh *:* LISTEN -
    tcp6 0 0 ip6-localhost:953 *:* LISTEN -
    tcp6 0 0 *:https *:* LISTEN -
    admin@monitorwaves:~$
     
  6. badgerbox76

    badgerbox76 Member

    ok for some reson out of the blue my website stoped working! i have not changed any thing.

    this is what i get when trying to view the page!
    Code:
    Your browser sent a request that this server could not understand.
    
    Reason: You're speaking plain HTTP to an SSL-enabled server port.
    Instead use the HTTPS scheme to access this URL, please.
    
    and now when i try connecting to the ssh i get a user name login

    have i been hacked? :(
     
  7. falko

    falko Super Moderator Howtoforge Staff

  8. badgerbox76

    badgerbox76 Member

    Ok once i get home i will install the software and have a scan.

    Its weird when i got home my site was down and i tryed a ssh login and when i did i get the UserLogin:_________ which i did not enter any information in cause it was some kind of hack. I have rewritten the ssh keys and it the site is back up again, but now i dont get the UserLogin:_______ when i try to connect via ssh. So how can i fix the problem?
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    Do you work with preshared SSH kys or with username / password login? If you installed preshared keys, there will be no login prompt.
     
  10. badgerbox76

    badgerbox76 Member

    My web server was working when i was at school but now it again was stoped. I have not changed any settings since it was working last. I have also scanned my system here is my out put.

    Code:
    * Check: SSH
       Searching for sshd_config...
       Found /etc/ssh/sshd_config
       Checking for allowed root login... Watch out Root login possible. Possible risk!
        info: PermitRootLogin yes
        Hint: See logfile for more information about this issue
       Checking for allowed protocols...                          [ OK (Only SSH2 allowed) ]
    * Filesystem checks
       Checking /dev for suspicious files...                      [ OK ]
       Scanning for hidden files...                               [ Warning! ]
     Checking boot.local/rc.local file...
         - /etc/rc.local                                          [ Not found ]
         - /etc/rc.d/rc.local                                     [ Not found ]
         - /usr/local/etc/rc.local                                [ Not found ]
         - /usr/local/etc/rc.d/rc.local                           [ Not found ]
         - /etc/conf.d/local.start                                [ Not found ]
         - /etc/init.d/boot.local                                 [ Not found ]
       Checking rc.d files...                                     [ Not found ]
    
    How can i fix the ssh problems? And are there any howtos on setting up snort?
     
  11. falko

    falko Super Moderator Howtoforge Staff

    What's in /etc/ssh/sshd_config?
     
  12. badgerbox76

    badgerbox76 Member

    I have regenerated my openssl keys and tryed a ispconfig restart because it worked for my yesterday morning but not i am still having the same problem so how can i get my web server work.

    from the server i am geting the message object not found but i have checked and i know it is there. also some times a get a different message when i try to connected over the internet so here is the address plz tell me what you get. http://www.monitorwaves.webhop.org/

    Code:
    # Package generated configuration file
    # See the sshd(8) manpage for details
    
    # What ports, IPs and protocols we listen for
    Port 22
    # Use these options to restrict which interfaces/protocols sshd will bind to
    #ListenAddress ::
    #ListenAddress 0.0.0.0
    Protocol 2
    # HostKeys for protocol version 2
    HostKey /etc/ssh/ssh_host_rsa_key
    HostKey /etc/ssh/ssh_host_dsa_key
    #Privilege Separation is turned on for security
    UsePrivilegeSeparation yes
    
    # Lifetime and size of ephemeral version 1 server key
    KeyRegenerationInterval 3600
    ServerKeyBits 768
    
    # Logging
    SyslogFacility AUTH
    LogLevel INFO
    
    # Authentication:
    LoginGraceTime 120
    PermitRootLogin yes
    StrictModes yes
    
    RSAAuthentication yes
    PubkeyAuthentication yes
    #AuthorizedKeysFile	%h/.ssh/authorized_keys
    
    # Don't read the user's ~/.rhosts and ~/.shosts files
    IgnoreRhosts yes
    # For this to work you will also need host keys in /etc/ssh_known_hosts
    RhostsRSAAuthentication no
    # similar for protocol version 2
    HostbasedAuthentication no
    # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
    #IgnoreUserKnownHosts yes
    
    # To enable empty passwords, change to yes (NOT RECOMMENDED)
    PermitEmptyPasswords no
    
    # Change to yes to enable challenge-response passwords (beware issues with
    # some PAM modules and threads)
    ChallengeResponseAuthentication no
    
    # Change to no to disable tunnelled clear text passwords
    #PasswordAuthentication yes
    
    
    # To change Kerberos options
    #KerberosAuthentication no
    #KerberosOrLocalPasswd yes
    #AFSTokenPassing no
    #KerberosTicketCleanup no
    
    # Kerberos TGT Passing does only work with the AFS kaserver
    #KerberosTgtPassing yes
    
    X11Forwarding yes
    X11DisplayOffset 10
    PrintMotd no
    PrintLastLog yes
    KeepAlive yes
    #UseLogin no
    
    #MaxStartups 10:30:60
    #Banner /etc/issue.net
    
    # Allow client to pass locale environment variables
    AcceptEnv LANG LC_*
    
    Subsystem sftp /usr/lib/openssh/sftp-server
    
    UsePAM yes
    
    I have changed loginroot from yes to no are there any other changes you think i should make?
     
    Last edited: Mar 31, 2006
  13. falko

    falko Super Moderator Howtoforge Staff

    This site is working for me, I don't see any errors.


    Please add
    Code:
    PasswordAuthentication no
    if you want to use usernames and passwords to login. Restart SSH afterwards:
    Code:
    /etc/init.d/ssh restart
    
     
  14. badgerbox76

    badgerbox76 Member

    Last edited: Apr 1, 2006
  15. falko

    falko Super Moderator Howtoforge Staff

    Are you talking about SSH or about the ISPConfig web interface.

    When I use http://monitorwaves.no-ip.org:81/, I see your normal web page. :confused: Looks like some major misconfiguration...
     
  16. badgerbox76

    badgerbox76 Member

    I can login to the ispconfig page just fine but i can not see the normal page from the server. When i try to see if over the net or from a nother computer on my lan i works. What misconfigurations are you talking about?
     
  17. till

    till Super Moderator Staff Member ISPConfig Developer

    I guess you checked twice that port 80 is forwarded correctly from your router to your server?

    Have you checked that your internet service provider does not block port 80?
     
  18. Aiken

    Aiken New Member

    We use Putty at my work and quite often get this, it's just a case of closing the window and trying to connect again (it's the connection failing/timing out).
     
  19. badgerbox76

    badgerbox76 Member

    i have properly cofigured my router for the port. I have setup a DNS name for the server which is monitorwaves.no-ip.org and i have setup a webhop which redirects the dns like monitorwaves.no-ip.org:8081 www.monitorwaves.webhop.org . My isp does block port 80 that is why i use 8081 but when i first setup my server i had it running just fine over the net and my lan for about 3 weeks. As you can see from my screen shots that it is not working propery from my server computer (i cant view the page from the server comuter) but it does work over my lan and the net. So what i am asking is how can i view my normal website from my server computer like i use to be able to do. Thanks

    Aiken thanks for trying to help me out with my ssh but i have recently found out that my school has bocked port 443 so no one on our lan can connect to any ssh sites because kids were useing ssh as a tunnel for there proxys :(

    Here are some more screenshots:
    http://img240.imageshack.us/my.php?image=screenshot2dp.png My site working through a proxy
    http://img46.imageshack.us/my.php?image=screenshot10ci.png trying a direct connect not working
     
    Last edited: Apr 2, 2006
  20. falko

    falko Super Moderator Howtoforge Staff

    Is your server's IP address 70.34.184.212?
     

Share This Page