HPE Community
Operating System - HP-UX
1834744 Members
2787 Online
110070 Solutions
New Discussion

ssh is not working on hpux 11i...

 
Venkat_11
Regular Advisor

‎02-09-2008 03:47 PM

‎02-09-2008 03:47 PM

ssh is not working on hpux 11i...

I have rp3440 server running hpux 11i and today i applied latest patch bundle and after rebooting server everything seems to be running fine.. i am able to ssh from outside to the server but when i tried to do ssh from the server i am getting strange error.

I tried restarting sshd and checked all the links to the ssh and everythings seems to be fine. sshd_config wasnt modifiedand even i noticed sftp is also having the same problem. Any help will be greatly appreciated.
Please let me know if you need more details.

The version is

OpenSSH_4.5p1+sftpfilecontrol-v1.1-hpn12v14, OpenSSL 0.9.7l 28 Sep 2006
HP-UX Secure Shell-A.04.50.003, HP-UX Secure Shell version


usxsl002:root:/etc >ssh usxsl001
remsh: shell/tcp: Unknown service


usxsl002:root:/etc >ps -ef | grep -i sshd
root 28046 1 0 16:35:48 ? 0:00 sshd: sitescop@pts/3
root 9678 1 0 14:04:39 ? 0:00 sshd: smahaffe@pts/1
root 1465 1 0 13:57:05 ? 0:00 sshd: aamstutz@pts/0
root 28047 1 0 16:35:48 ? 0:00 sshd: sitescop@pts/4
root 19649 1 0 16:34:03 ? 0:00 sshd: sitescop@pts/2
root 4362 21532 0 17:32:34 pts/5 0:00 grep -i sshd
root 1175 1 0 16:21:57 ? 0:00 sshd: aamstutz@pts/6
root 12629 1 0 15:35:42 ? 0:00 sshd: a206173@pts/5
root 28515 1 0 16:36:40 ? 0:00 sshd: aamstutz@pts/7
root 28619 1 0 16:37:55 ? 0:00 /opt/ssh/sbin/sshd
0 Kudos
Reply
7 REPLIES 7
Matt Hearn
Regular Advisor

‎02-09-2008 04:20 PM

‎02-09-2008 04:20 PM

Re: ssh is not working on hpux 11i...

"remsh: shell/tcp: Unknown service"

That's a really strange thing for ssh to say; I wonder if somehow your ssh was previously linked to remsh and couldn't get overwritten by the ssh installation process. Just for information, try this:

which ssh

It should give you a path, like /usr/local/bin/ssh (the usual location it gets installed). Then do:

ll /usr/local/bin/ssh (or whatever path it tells you in the "which")

You might have some funny ssh link in a path that has priority over /usr/local/bin, or you might have the link problem I mentioned above.
0 Kudos
Reply
Venkat_11
Regular Advisor

‎02-09-2008 06:01 PM

‎02-09-2008 06:01 PM

Re: ssh is not working on hpux 11i...

Thanks for your quick reply.

There is a link between remsh and ssh...the remsh is linked to ssh

Please see the below output and let me know if you need more information.

usxsl002:root:/opt/ssh/sbin >which ssh
/usr/bin/ssh
usxsl002:root:/opt/ssh/sbin >ll /usr/bin/ssh
lrwxr-xr-x 1 root sys 16 Aug 5 2007 /usr/bin/ssh -> /opt/ssh/bin/ssh
usxsl002:root:/opt/ssh/sbin >ll /opt/ssh/bin/ssh
lrwxr-xr-x 1 root sys 27 Sep 27 2005 /opt/ssh/bin/ssh -> /opt/ssh/PA-RISC2.0/bin/ssh
usxsl002:root:/opt/ssh/sbin >ll /opt/ssh/PA-RISC2.0/bin/ssh
-r-sr-xr-x 1 root bin 32768 Jan 25 2007 /opt/ssh/PA-RISC2.0/bin/ssh
usxsl002:root:/opt/ssh/sbin >which remsh
/usr/bin/remsh
usxsl002:root:/opt/ssh/sbin >ll /usr/bin/remsh
lrwxr-xr-x 1 root sys 12 Feb 9 16:23 /usr/bin/remsh -> /usr/bin/ssh
0 Kudos
Reply
Matt Hearn
Regular Advisor

‎02-09-2008 06:41 PM

‎02-09-2008 06:41 PM

Re: ssh is not working on hpux 11i...

Huh, weird. What happens if you do "ssh -vvv usxsl001"?
0 Kudos
Reply
Venkat_11
Regular Advisor

‎02-09-2008 06:51 PM

‎02-09-2008 06:51 PM

Re: ssh is not working on hpux 11i...

Please see the output...

usxsl002:root:/opt/ssh/sbin >ssh -vvv usxsl001
remsh: shell/tcp: Unknown service
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎02-09-2008 09:00 PM

‎02-09-2008 09:00 PM

Re: ssh is not working on hpux 11i...

That is what I figured. The problem is the link between remsh and ssh. There were probably some remsh patches in the patch bundle you installed. When the patches were installed, the remsh patches followed the link from remsh to ssh and overwrote your ssh binary with the new remsh binary.

If you look at all the links you have:

lrwxr-xr-x 1 root sys 12 Feb 9 16:23 /usr/bin/remsh -> /usr/bin/ssh
lrwxr-xr-x 1 root sys 16 Aug 5 2007 /usr/bin/ssh -> /opt/ssh/bin/ssh
lrwxr-xr-x 1 root sys 27 Sep 27 2005 /opt/ssh/bin/ssh -> /opt/ssh/PA-RISC2.0/bin/ssh
-r-sr-xr-x 1 root bin 32768 Jan 25 2007 /opt/ssh/PA-RISC2.0/bin/ssh

You see that /usr/bin/remsh points to /usr/bin/ssh, which points to /opt/ssh/bin/ssh, which in turn points to /opt/ssh/PA-RISC2.0/bin/ssh.

Now if you do a:

# what /opt/ssh/PA-RISC2.0/bin/ssh

I bet you will see that it reports something about remsh.

That is the problem with using links in this fashion. If you install patches then you have a VERY GOOD chance of messing something up.

What you need to do is restore /opt/ssh/PA-RISC2.0/bin/ssh from a backup taken BEFORE you installed patches.
0 Kudos
Reply
Armin Kunaschik
Esteemed Contributor

‎02-11-2008 05:04 AM

‎02-11-2008 05:04 AM

Re: ssh is not working on hpux 11i...

Looks like somebody is messing around with the /etc/services file.
The /usr/bin/remsh link is not part of the secure shell package. You can verify this with "swverify T1471AA". You'll probably find other errors because the original remsh is not present anymore.
But openssh has a feature that it behaves like remsh if the own executable name (or link) is remsh.
Do you have, by chance, an alias/link set from ssh to remsh?

My 2 cents,
Armin
And now for something completely different...
0 Kudos
Reply
Armin Kunaschik
Esteemed Contributor

‎02-11-2008 05:04 AM

‎02-11-2008 05:04 AM

Re: ssh is not working on hpux 11i...

Looks like somebody is messing around with the /etc/services file.
The /usr/bin/remsh link is not part of the secure shell package. You can verify this with "swverify T1471AA". You'll probably find other errors because the original remsh is not present anymore.
But openssh has a feature that it behaves like remsh if the own executable name (or link) is remsh.
Do you have, by chance, an alias/link set from ssh to remsh?

My 2 cents,
Armin

PS: Assign points if you find answers useful!
And now for something completely different...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.