Исходное сообщение
"SSH закрываеться после набора пароля" Отправлено Doc, 03-Сен-06 12:22
>>Ломанули сервак, врочем всё что изменили я востоновил из резервной копии etc >>, но вот немогу понять что сотворили с SSH >>при коннекте putty предлогает ввести логин после воода логина пароль , но >>после ввода пароля putty просто закрываеться , вроде все конфиге востонавил >>со старого, причём закрываються не только пользователи которые имеют root , >>но и просто статус юзера >> >> >>в чём может быть загрвоздка? > > >cat /var/log/messages >cat /var/log/auth.log >cat /var/log/sshd.log >Если отстуствуют создать и посмотреть, чито происходит на момент подключения к серверу >по ssh, а так это гадания на кофейной гуще. в mesage есть только Sep  3 12:18:18 komplexb sshd[6113]: Server listening on :: port 22. Sep  3 12:18:18 komplexb sshd[6113]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use. Sep  3 12:18:42 komplexb sshd[6135]: Failed password for root from ::ffff:10.1.2.222 port 1388 ssh2 , auth.log sshd.log не существовало я их создал , но вних ничего не появлеяеться вот sshd.config #    $OpenBSD: sshd_config,v 1.70 2004/12/23 23:11:00 djm Exp $ # This is the sshd server system-wide configuration file.  See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented.  Uncommented options change a # default value. #Port 22 #Protocol 2,1 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging #obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile    .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes #PermitEmptyPasswords no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes # Set this to 'yes' to enable support for the deprecated 'gssapi' authentication # mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included # in this release. The use of 'gssapi' is deprecated due to the presence of # potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to. #GSSAPIEnableMITMAttack no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no UsePAM yes #AllowTcpForwarding yes #GatewayPorts no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression yes #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 # no default banner path #Banner /some/path # override default of no subsystems Subsystem    sftp    /usr/lib/ssh/sftp-server # This enables accepting locale enviroment variables LC_* LANG, see sshd_config(5). AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL IgnoreRhosts yes IgnoreUserKnownHosts no PrintMotd yes StrictModes yes RSAAuthentication yes PermitRootLogin yes PermitEmptyPasswords no вот ssh.config #    $OpenBSD: ssh_config,v 1.20 2005/01/28 09:45:53 dtucker Exp $ # This is the ssh client system-wide configuration file.  See # ssh_config(5) for more information.  This file provides defaults for # users, and the values can be changed in per-user configuration files # or on the command line. # Configuration data is parsed as follows: #  1. command line options #  2. user-specific file #  3. system-wide file # Any configuration value is only changed the first time it is set. # Thus, host-specific definitions should be at the beginning of the # configuration file, and defaults at the end. # Site-wide defaults for some commonly used options.  For a comprehensive # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. Host * #   ForwardAgent no #   ForwardX11 no # If you do not trust your remote host (or its administrator), you # should not forward X11 connections to your local X11-display for # security reasons: Someone stealing the authentification data on the # remote side (the "spoofed" X-server by the remote sshd) can read your # keystrokes as you type, just like any other X11 client could do. # Set this to "no" here for global effect or in your own ~/.ssh/config # file if you want to have the remote X11 authentification data to # expire after two minutes after remote login. ForwardX11Trusted yes #   RhostsRSAAuthentication no #   RSAAuthentication yes #   PasswordAuthentication yes #   HostbasedAuthentication no #   BatchMode no #   CheckHostIP yes #   AddressFamily any #   ConnectTimeout 0 #   StrictHostKeyChecking ask #   IdentityFile ~/.ssh/identity #   IdentityFile ~/.ssh/id_rsa #   IdentityFile ~/.ssh/id_dsa #   Port 22 #   Protocol 2,1 #   Cipher 3des #   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc #   EscapeChar ~ #   GSSAPIAuthentication no #   GSSAPIDelegateCredentials no # Set this to 'yes' to enable support for the deprecated 'gssapi' authentication # mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included # in this release. The use of 'gssapi' is deprecated due to the presence of # potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to. #   GSSAPIEnableMITMAttack no # This enables sending locale enviroment variables LC_* LANG, see ssh_config(5). SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT SendEnv LC_IDENTIFICATION LC_ALL