unix shell (SSH) not prompting for password

Hello i have setup my system using the ubuntu ispconfig guide and was testing out some of the apps. When i connect to ssh useing putty a command window pops up with out me having to enter any password. Althrough i cant enter any commands it just sits there. How can i fix this problem?

 

I enter in the ip of my server and click connect then a back window with a green cursor shows up in the right corner of the screen. i cant type in any commands and it will just sit there. so what is going on?

 

Please post the output of

Code:

netstat -tap

from your server.

 

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdo:32769 *:* LISTEN -
tcp 0 0 localhost.localdo:32770 *:* LISTEN -
tcp 0 0 localhost.localdo:mysql *:* LISTEN -
tcp 0 0 *:netbios-ssn *:* LISTEN -
tcp 0 0 *:81 *:* LISTEN -
tcp 0 0 localhost.localdom:7634 *:* LISTEN -
tcp 0 0 *:ftp *:* LISTEN -
tcp 0 0 monitorwaves.no-:domain *:* LISTEN -
tcp 0 0 localhost.locald:domain *:* LISTEN -
tcp 0 0 localhost.localdoma:ipp *:* LISTEN -
tcp 0 0 localhost.localdoma:953 *:* LISTEN -
tcp 0 0 *:smtp *:* LISTEN -
tcp 0 0 *:microsoft-ds *:* LISTEN -
tcp 0 0 monitorwaves.no-i:42405 66.117.38.132:20046 TIME_WAIT -
tcp 0 0 monitorwaves.no-i:53088 209.50.189.200:www ESTABLISHED13186/firefox-bin
tcp 0 0 localhost.localdoma:ipp localhost.localdo:58372 ESTABLISHED-
tcp 0 0 monitorwaves.no-i:43849 72.14.219.104:www ESTABLISHED13186/firefox-bin
tcp 1 0 localhost.localdo:53272 localhost.localdoma:ipp CLOSE_WAIT -
tcp 0 0 monitorwaves.no-i:44877 64.233.179.99:www ESTABLISHED13186/firefox-bin
tcp 0 0 localhost.localdo:35295 localhost.localdo:32769 ESTABLISHED-
tcp 1 0 localhost.localdo:40186 localhost.localdoma:ipp CLOSE_WAIT -
tcp 0 0 localhost.localdo:58372 localhost.localdoma:ipp ESTABLISHED7989/gnome-cups-ico
tcp 0 0 monitorwaves.no-i:48062 63.236.80.73:www TIME_WAIT -
tcp 0 0 localhost.localdo:32769 localhost.localdo:35295 ESTABLISHED-
tcp6 0 0 *:imaps *:* LISTEN -
tcp6 0 0 *op3s *:* LISTEN -
tcp6 0 0 *op3 *:* LISTEN -
tcp6 0 0 *:imap2 *:* LISTEN -
tcp6 0 0 *:www *:* LISTEN -
tcp6 0 0 *:tproxy *:* LISTEN -
tcp6 0 0 *:ssh *:* LISTEN -
tcp6 0 0 ip6-localhost:953 *:* LISTEN -
tcp6 0 0 *:https *:* LISTEN -
admin@monitorwaves:~$

 

ok for some reson out of the blue my website stoped working! i have not changed any thing.

this is what i get when trying to view the page!

Code:

Your browser sent a request that this server could not understand.

Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

and now when i try connecting to the ssh i get a user name login

have i been hacked?

 

You can scan your system for rootkits/trojans, etc. like this: http://www.howtoforge.com/faq/1_38_en.html

 

Ok once i get home i will install the software and have a scan.

Its weird when i got home my site was down and i tryed a ssh login and when i did i get the UserLogin:_________ which i did not enter any information in cause it was some kind of hack. I have rewritten the ssh keys and it the site is back up again, but now i dont get the UserLogin:_______ when i try to connect via ssh. So how can i fix the problem?

 

My web server was working when i was at school but now it again was stoped. I have not changed any settings since it was working last. I have also scanned my system here is my out put.

Code:

* Check: SSH
   Searching for sshd_config...
   Found /etc/ssh/sshd_config
   Checking for allowed root login... Watch out Root login possible. Possible risk!
    info: PermitRootLogin yes
    Hint: See logfile for more information about this issue
   Checking for allowed protocols...                          [ OK (Only SSH2 allowed) ]
* Filesystem checks
   Checking /dev for suspicious files...                      [ OK ]
   Scanning for hidden files...                               [ Warning! ]
 Checking boot.local/rc.local file...
     - /etc/rc.local                                          [ Not found ]
     - /etc/rc.d/rc.local                                     [ Not found ]
     - /usr/local/etc/rc.local                                [ Not found ]
     - /usr/local/etc/rc.d/rc.local                           [ Not found ]
     - /etc/conf.d/local.start                                [ Not found ]
     - /etc/init.d/boot.local                                 [ Not found ]
   Checking rc.d files...                                     [ Not found ]

How can i fix the ssh problems? And are there any howtos on setting up snort?

 

What's in /etc/ssh/sshd_config?

 

I have regenerated my openssl keys and tryed a ispconfig restart because it worked for my yesterday morning but not i am still having the same problem so how can i get my web server work.

from the server i am geting the message object not found but i have checked and i know it is there. also some times a get a different message when i try to connected over the internet so here is the address plz tell me what you get. http://www.monitorwaves.webhop.org/

Code:

# Package generated configuration file
# See the sshd(8) manpage for details

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile	%h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes


# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no

# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
KeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM yes

I have changed loginroot from yes to no are there any other changes you think i should make?

 

This site is working for me, I don't see any errors.

Please add

Code:

PasswordAuthentication no

if you want to use usernames and passwords to login. Restart SSH afterwards:

Code:

/etc/init.d/ssh restart

 

well here is what i am getting

http://img95.imageshack.us/my.php?image=screenshot4tq.png
http://img95.imageshack.us/my.php?image=screenshot11fz.png

so what is that about? I have never had it do this to me.

I found this forum were the guy is having the same exact problem as i am but mine was working fine and then if just stoped. He fixed his by restarting which i have dont but does not help what or my other options for fixing this proble?

http://www.howtoforge.com/forums/showthread.php?t=761

 

Are you talking about SSH or about the ISPConfig web interface.

When I use http://monitorwaves.no-ip.org:81/, I see your normal web page. Looks like some major misconfiguration...

 

I can login to the ispconfig page just fine but i can not see the normal page from the server. When i try to see if over the net or from a nother computer on my lan i works. What misconfigurations are you talking about?

 

We use Putty at my work and quite often get this, it's just a case of closing the window and trying to connect again (it's the connection failing/timing out).

 

i have properly cofigured my router for the port. I have setup a DNS name for the server which is monitorwaves.no-ip.org and i have setup a webhop which redirects the dns like monitorwaves.no-ip.org:8081 www.monitorwaves.webhop.org . My isp does block port 80 that is why i use 8081 but when i first setup my server i had it running just fine over the net and my lan for about 3 weeks. As you can see from my screen shots that it is not working propery from my server computer (i cant view the page from the server comuter) but it does work over my lan and the net. So what i am asking is how can i view my normal website from my server computer like i use to be able to do. Thanks

Aiken thanks for trying to help me out with my ssh but i have recently found out that my school has bocked port 443 so no one on our lan can connect to any ssh sites because kids were useing ssh as a tunnel for there proxys

Here are some more screenshots:
http://img240.imageshack.us/my.php?image=screenshot2dp.png My site working through a proxy
http://img46.imageshack.us/my.php?image=screenshot10ci.png trying a direct connect not working

 

Is your server's IP address 70.34.184.212?