Problems with SSH

pinotje

pinotje

Verified User
Joined
Apr 7, 2010
Messages
41
Location
Maastricht
Hi,

I'm running DirectAdmin for over 5 years, and this is my first time having a problem with SSHD.

When I try to connect my server via SSH with PuTTY,
I get a blank screen and then nothing happens.
This problem occurs suddenly....
While normally I'll get a login-prompt, so I can login.

I'm running latest CentOS 5 with DirectAdmin 1.39.3 installed.

Is there any possibility my server has been hacked?
Or maybe because I've updated my CentOS, DirectAdmin or OpenSSHD to the latest version?

I will appreciate any help to solve this problem, so that I can login.
Thanks in advance!
 
Are all of the other services on the server still operational?
Try logging into DA and restarting sshd.
 
pinotje said:
Is there any possibility my server has been hacked?
Or maybe because I've updated my CentOS, DirectAdmin or OpenSSHD to the latest version?
Click to expand...

All variants are possible, I'd rather say. But there is to little input to define the problem and suggest a ready solution.


As it has been already mentioned above, try to login into Directadmin and see

1. top output, does your server has free RAM and is it swapping?
2. restart SSHd and try again to login.
3. see system logs via directadmin

Feel free to PM me if you need my private help.
 
elaine said:
Hi,
What's your sshd_config configuration? Do you allow the user?

eg.
AllowUsers myuser
Click to expand...

I haven't change any line in sshd_config,
like I said this problem occurs suddenly...

I have:
AllowUsers root
AllowUsers admin

The problem is, I don't even get a login-prompt...
 
How did you update openSSH?
My guess would be something happened with that process and it broke ssh.
 
Zeither sayd:

1. top output, does your server has free RAM and is it swapping?

Have you check that? What was the load when that happend? everytime it happend to me is "just" cause the server load is very high...

Take a look on it

Regards
 
SeLLeRoNe said:
Zeither sayd:

1. top output, does your server has free RAM and is it swapping?

Have you check that? What was the load when that happend? everytime it happend to me is "just" cause the server load is very high...

Take a look on it

Regards
Click to expand...

Code: 
top - 18:36:03 up 599 days, 21:08,  1 user,  load average: 0.00, 0.00, 0.00
Tasks: 135 total,   1 running, 134 sleeping,   0 stopped,   0 zombie
Cpu(s):  0.3%us,  0.1%sy,  0.0%ni, 99.5%id,  0.1%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:   1033996k total,   920168k used,   113828k free,   152460k buffers
Swap:  2048276k total,    38724k used,  2009552k free,   456908k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
    1 root      15   0  2156  600  520 S  0.0  0.1   0:41.43 init
    2 root      RT  -5     0    0    0 S  0.0  0.0   4:09.32 migration/0
    3 root      35  19     0    0    0 S  0.0  0.0   0:30.10 ksoftirqd/0
    4 root      RT  -5     0    0    0 S  0.0  0.0   0:00.00 watchdog/0
    5 root      RT  -5     0    0    0 S  0.0  0.0   0:01.17 migration/1
    6 root      34  19     0    0    0 S  0.0  0.0   0:00.12 ksoftirqd/1
    7 root      RT  -5     0    0    0 S  0.0  0.0   0:00.00 watchdog/1
    8 root      10  -5     0    0    0 S  0.0  0.0  25:00.67 events/0
    9 root      10  -5     0    0    0 S  0.0  0.0   0:00.63 events/1
   10 root      10  -5     0    0    0 S  0.0  0.0   0:00.00 khelper
   11 root      20  -5     0    0    0 S  0.0  0.0   0:00.13 kthread
   15 root      10  -5     0    0    0 S  0.0  0.0 161:52.76 kblockd/0
   16 root      10  -5     0    0    0 S  0.0  0.0   4:05.94 kblockd/1
   17 root      14  -5     0    0    0 S  0.0  0.0   0:00.00 kacpid
  118 root      14  -5     0    0    0 S  0.0  0.0   0:00.00 cqueue/0
  119 root      14  -5     0    0    0 S  0.0  0.0   0:00.00 cqueue/1
  122 root      10  -5     0    0    0 S  0.0  0.0   0:00.00 khubd

here's the output of "top"
btw, I don't understand anything about the "top" command...

has it free RAM? and is it swapping?
 
SeLLeRoNe said:
The load is nice as i see.. but when u had this output you had login problem aswell?
Click to expand...

This is how I login, while before the problem I have'nt the error: "Access denied".

Code: 
login as: admin
Access denied
[email protected]'s password:
Last login: Wed Sep 21 18:35:42 2011 from [hidden]
[admin@server1 ~]$ pwd
/home/admin
[admin@server1 ~]$ ls
admin_backups  domains  imap  Maildir  public_html  user_backups
[admin@server1 ~]$ su -
Password:
[root@server1 ~]# pwd
/root
[root@server1 ~]# ls
anaconda-ks.cfg  bla.txt
[root@server1 ~]#
 
So now your able to correctly login?
The only problem is the "access denied" when you type the username?

Thats due to the latest openssh update, I believe it disables some type of authentication, (Id have to look it up), that is still enabled in the config files of most people.
 
propcgamer said:
So now your able to correctly login?
The only problem is the "access denied" when you type the username?

Thats due to the latest openssh update, I believe it disables some type of authentication, (Id have to look it up), that is still enabled in the config files of most people.
Click to expand...

Yes you are right, it is indeed due to the latest OpenSSH update.
Because I'm not the only person who has this issue after an update.

I have solved this problem in PuTTY (v0.61) by unchecking "Attempt GSSAPI authentication (SSH-2 only)" under SSH -> Auth -> GSSAPI.

Thanks anyway for those who attempt to help me in this topic :)

btw. If you use PuTTY v0.60 you want have this problem
 
Last edited:
Yea that's it, you have to disable "GSSAPI authentication" on sshd to prevent the "Access Denied" from coming up. Or you can disable it in putty like you said.
 
You must log in or register to reply here.
Back
Top