HPE Community
Operating System - HP-UX
1833882 Members
2215 Online
110063 Solutions
New Discussion

Re: Logging out of Secure Shell (SSH)

 
Christina Martin
Frequent Advisor

‎09-08-2005 06:21 AM

‎09-08-2005 06:21 AM

Logging out of Secure Shell (SSH)

When a user logs out of a session of Secure Shell, it appears as if they log completely out. When they try to log back in, the system tells them they are still connected. When we attempt to kill the process, it tells us that the process is no longer running.

Does anyone know why this is happening and what we can do to correct it?

Thanks in advance.

Christina
0 Kudos
Reply
3 REPLIES 3
Mel Burslan
Honored Contributor

‎09-08-2005 09:16 AM

‎09-08-2005 09:16 AM

Re: Logging out of Secure Shell (SSH)

This sounds like you are either running a very outdated version of sshd or you are behind on the patches.

what does the output of command:

what /opt/ssh/PA-RISC2.0/sbin/sshd

say ? Also, could you please post the contents of file:

/opt/ssh/etc/sshd_config

________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Devesh Pant_1
Esteemed Contributor

‎09-08-2005 12:13 PM

‎09-08-2005 12:13 PM

Re: Logging out of Secure Shell (SSH)

Christina,
Please download the newer ssh package and install it and that should resolve the issue

You can check your version by doing
#swlist -l product | grep -i secure
mine shows up as
Secure_Shell A.03.81.002 HP-UX Secure Shell

and it works fine

thanks
DP
0 Kudos
Reply
Christina Martin
Frequent Advisor

‎09-09-2005 12:48 AM

‎09-09-2005 12:48 AM

Re: Logging out of Secure Shell (SSH)

When I run the swlist command, the version is:

Secure_Shell A.04.00.000 HP-UX Secure Shell
(which I believe is the most current). Our problem may be the patches.

When I run the what /opt/ssh/PA-RISC2.0/sbin/sshd, I get quite a bit of output. Is there something in particular that you are looking for?

The contents of /opt/ssh/etc/sshd_config is as follows:

#Port 22
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /opt/ssh/etc/ssh_host_key
# HostKeys for protocol version 2
#HostKey /opt/ssh/etc/ssh_host_rsa_key
#HostKey /opt/ssh/etc/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys

# For this to work you will also need host keys in /opt/ssh/etc/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
KerberosAuthentication yes
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication=no
UsePAM yes

#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
X11UseLocalhost no
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp /opt/ssh/libexec/sftp-server

# sftp-server logging
#LogSftp no
#SftpLogFacility AUTH
#SftpLogLevel INFO

# sftp-server umask control
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp /opt/ssh/libexec/sftp-server

# sftp-server logging
#LogSftp no
#SftpLogFacility AUTH
#SftpLogLevel INFO

# sftp-server umask control
#SftpUmask

#SftpPermitChmod yes
#SftpPermitChown yes
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.