Start up sshd on a different port in debug mode. Then ssh to that port and see what the server debug displays. Maybe that will give you a clue. I run a few testing boxes and haven't had any problems. Although I haven't upgraded in a few days either. I'll give it a try and let you know if I experience the same problem. On Tue, 23 Sep 2003, Callum Lerwick wrote: > Okay, last night two of my boxes, both running debian testing went down > in an interesting manner. They've stopped authenticating remotely. I can > log in on console, but I can't ssh nor FTP in. (Running proftp) Email > seems to work though, one's running wu-imap and the other courier-imap. > > The only thing significant I've done is doing an apt-get update > yesterday on one, and a few days ago on another. Trying to update it now > doesn't find anything new. > > Am I the only one getting this? It would seem to point at PAM, I'm not > getting anything in the logs, nor is sshd -ddd telling me anything's > wrong. It just hangs. Probably a package broke in testing, but I'm > concerned I got nailed by some worm. ;P > > Its a pain in the ass to work on because I have to stand around in the > living room for one box, and the other is 100 miles away. :P I'll have > to try reverting packages to woody versions by hand or something. > > This is what I get with -vvv, though after a while it seems to start > just refusing connections, though sshd hasn't crashed or complained > about anything. > > $ ssh -vvv marvin > OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug1: Rhosts Authentication disabled, originating port will not be > trusted. > debug1: ssh_connect: needpriv 0 > debug1: Connecting to marvin [192.168.0.1] port 22. > debug1: Connection established. > debug1: identity file /home/seg/.ssh/identity type -1 > debug1: identity file /home/seg/.ssh/id_rsa type -1 > debug1: identity file /home/seg/.ssh/id_dsa type -1 > debug1: Remote protocol version 1.99, remote software version > OpenSSH_3.6.1p2 Debian 1:3.6.1p2-3 > debug1: match: OpenSSH_3.6.1p2 Debian 1:3.6.1p2-3 pat OpenSSH* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_3.5p1 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug2: kex_parse_kexinit: > diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: first_kex_follows 0 > debug2: kex_parse_kexinit: reserved 0 > debug2: kex_parse_kexinit: > diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: none,zlib > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: first_kex_follows 0 > debug2: kex_parse_kexinit: reserved 0 > debug2: mac_init: found hmac-md5 > debug1: kex: server->client aes128-cbc hmac-md5 none > debug2: mac_init: found hmac-md5 > debug1: kex: client->server aes128-cbc hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug1: dh_gen_key: priv key bits set: 129/256 > debug1: bits set: 1618/3191 > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug3: check_host_in_hostfile: filename /home/seg/.ssh/known_hosts > debug3: check_host_in_hostfile: match line 1 > debug3: check_host_in_hostfile: filename /home/seg/.ssh/known_hosts > debug3: check_host_in_hostfile: match line 1 > debug1: Host 'marvin' is known and matches the RSA host key. > debug1: Found key in /home/seg/.ssh/known_hosts:1 > debug1: bits set: 1629/3191 > debug1: ssh_rsa_verify: signature correct > debug1: kex_derive_keys > debug1: newkeys: mode 1 > debug1: SSH2_MSG_NEWKEYS sent > debug1: waiting for SSH2_MSG_NEWKEYS > debug1: newkeys: mode 0 > debug1: SSH2_MSG_NEWKEYS received > debug1: done: ssh_kex2. > debug1: send SSH2_MSG_SERVICE_REQUEST > debug1: service_accept: ssh-userauth > debug1: got SSH2_MSG_SERVICE_ACCEPT > > It just hangs forever here. -- Clay Fandre email: clay at fandre.com PGP Key ID: 0x50DBBB60 _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list