8 Replies Latest reply: Nov 2, 2011 10:23 AM by Catch 22 RSS

    ssh session suddenly closed after successfully login.- pam_unix(sshd:sessio

    733470
      All
      ssh session suddenly closed after successfully login.
      Linux server integrated to Active Directory , joined domain , pulled all users and groups from domain.
      When user from AD tries to login using ssh , it gives below errors and closes SSH session.

      /var/log/secure
      sshd[7092]: pam_unix(sshd:session): session opened for user
      sshd[7092]: pam_unix(sshd:session): session closed for user
      Does anyone know how to fix this issues.
      thanks
        • 1. Re: ssh session suddenly closed after successfully login.- pam_unix(sshd:sessio
          Catch 22
          You should at least provide the product and the distribution and version of Linux you are using This may not be the right forum. Perhaps you would like to give "Likewise Open" a try, which is a free Open Source product and apparently simplifies the task to join Linux and other systems to AD.
          • 2. Re: ssh session suddenly closed after successfully login.- pam_unix(sshd:sessio
            733470
            Linux = OEL 5.7 Integrating to Active Directory on Windows 2008 server .
            Hardware = Dell Blades on X86

            Problem Description: Linux (OEL5.7) SSH login fails with pam_unix(sshd:session): session closed for user.
            Linux server 2.6.18-274.3.1.0.1.el5 is integrated to Active Directory and joined the domain. The server can pull user and groups from Active Directory.

            While Active Directory users try to login to Linux through SSH , it throws below error on /var/log/secure and closes the session immediately.

            Error:
            Nov 1 12:54:30 LNTTARITETSDB1 sshd[7092]: pam_unix(sshd:session): session opened for user rmokkala by (uid=0)
            Nov 1 12:54:42 LNTTARITETSDB1 sshd[7092]: pam_unix(sshd:session): session closed for user rmokkala

            Thanks in advance.
            • 3. Re: ssh session suddenly closed after successfully login.- pam_unix(sshd:sessio
              Catch 22
              You problem might be related to PAM configuration requirements.. Do you use winbind? I suggest to try:
               ssh -v -v <user@ip_or_server_dns>
              ...and see at which stage it fails.
              • 4. Re: ssh session suddenly closed after successfully login.- pam_unix(sshd:sessio
                733470
                It successfully allows me to login to Linux server and then throws me out of SSH session. Please see below commands.


                [root@LNTTAVMRITEBJ2 ~]# pam_tally2 -u rmokkala
                Login Failures Latest failure From
                rmokkala 0

                [root@LNTTAVMRITEBJ2 ~]# faillog -u rmokkala
                Login Failures Maximum Latest On
                rmokkala 0 0 12/31/69 18:00:00 -0600


                thanks in advance.
                • 5. Re: ssh session suddenly closed after successfully login.- pam_unix(sshd:sessio
                  Catch 22
                  pam_tally2 is typically used in /etc/pam.d/system-auth to lock an account after failed logins.

                  To unlock an account use e.g. "pam_tally2 -r -u oracle"

                  Pl see my previous response.

                  Also I wonder about rmokkala and uid=0, which must be used by root only. How did you make rmokkala=UID 0?
                  • 6. Re: ssh session suddenly closed after successfully login.- pam_unix(sshd:sessio
                    733470
                    Here is ssh -v -v output


                    [root@LNTTAVMRITEBJ2 ~]# ssh -v -v -v kneal@172.20.50.42

                    OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

                    debug1: Reading configuration data /etc/ssh/ssh_config

                    debug1: Applying options for *

                    debug2: ssh_connect: needpriv 0

                    debug1: Connecting to 172.20.50.42 [172.20.50.42] port 22.

                    debug1: Connection established.

                    debug1: permanently_set_uid: 0/0

                    debug1: identity file /root/.ssh/identity type -1

                    debug1: identity file /root/.ssh/id_rsa type -1

                    debug1: identity file /root/.ssh/id_dsa type -1

                    debug1: loaded 3 keys

                    debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3

                    debug1: match: OpenSSH_4.3 pat OpenSSH*

                    debug1: Enabling compatibility mode for protocol 2.0

                    debug1: Local version string SSH-2.0-OpenSSH_4.3

                    debug2: fd 3 setting O_NONBLOCK

                    debug1: SSH2_MSG_KEXINIT sent

                    debug1: SSH2_MSG_KEXINIT received

                    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

                    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss

                    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

                    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

                    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

                    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

                    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib

                    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib

                    debug2: kex_parse_kexinit:

                    debug2: kex_parse_kexinit:

                    debug2: kex_parse_kexinit: first_kex_follows 0

                    debug2: kex_parse_kexinit: reserved 0

                    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

                    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss

                    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

                    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se

                    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

                    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96

                    debug2: kex_parse_kexinit: none,zlib@openssh.com

                    debug2: kex_parse_kexinit: none,zlib@openssh.com

                    debug2: kex_parse_kexinit:

                    debug2: kex_parse_kexinit:

                    debug2: kex_parse_kexinit: first_kex_follows 0

                    debug2: kex_parse_kexinit: reserved 0

                    debug2: mac_init: found hmac-md5

                    debug1: kex: server->client aes128-ctr hmac-md5 none

                    debug2: mac_init: found hmac-md5

                    debug1: kex: client->server aes128-ctr hmac-md5 none

                    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent

                    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

                    debug2: dh_gen_key: priv key bits set: 116/256

                    debug2: bits set: 525/1024

                    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent

                    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

                    debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts

                    debug3: check_host_in_hostfile: match line 1

                    debug1: Host '172.20.50.42' is known and matches the RSA host key.

                    debug1: Found key in /root/.ssh/known_hosts:1

                    debug2: bits set: 507/1024

                    debug1: ssh_rsa_verify: signature correct

                    debug2: kex_derive_keys

                    debug2: set_newkeys: mode 1

                    debug1: SSH2_MSG_NEWKEYS sent

                    debug1: expecting SSH2_MSG_NEWKEYS

                    debug2: set_newkeys: mode 0

                    debug1: SSH2_MSG_NEWKEYS received

                    debug1: SSH2_MSG_SERVICE_REQUEST sent

                    debug2: service_accept: ssh-userauth

                    debug1: SSH2_MSG_SERVICE_ACCEPT received

                    debug2: key: /root/.ssh/identity ((nil))

                    debug2: key: /root/.ssh/id_rsa ((nil))

                    debug2: key: /root/.ssh/id_dsa ((nil))

                    debug1: Authentications that can continue: publickey,gssapi-with-mic,password

                    debug3: start over, passed a different list publickey,gssapi-with-mic,password

                    debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password

                    debug3: authmethod_lookup gssapi-with-mic

                    debug3: remaining preferred: publickey,keyboard-interactive,password

                    debug3: authmethod_is_enabled gssapi-with-mic

                    debug1: Next authentication method: gssapi-with-mic

                    debug3: Trying to reverse map address 172.20.50.42.

                    debug1: Unspecified GSS failure. Minor code may provide more information

                    No credentials cache found



                    debug1: Unspecified GSS failure. Minor code may provide more information

                    No credentials cache found



                    debug1: Unspecified GSS failure. Minor code may provide more information

                    No credentials cache found



                    debug2: we did not send a packet, disable method

                    debug3: authmethod_lookup publickey

                    debug3: remaining preferred: keyboard-interactive,password

                    debug3: authmethod_is_enabled publickey

                    debug1: Next authentication method: publickey

                    debug1: Trying private key: /root/.ssh/identity

                    debug3: no such identity: /root/.ssh/identity

                    debug1: Trying private key: /root/.ssh/id_rsa

                    debug3: no such identity: /root/.ssh/id_rsa

                    debug1: Trying private key: /root/.ssh/id_dsa

                    debug3: no such identity: /root/.ssh/id_dsa

                    debug2: we did not send a packet, disable method

                    debug3: authmethod_lookup password

                    debug3: remaining preferred: ,password

                    debug3: authmethod_is_enabled password

                    debug1: Next authentication method: password

                    kneal@172.20.50.42's password:

                    debug3: packet_send2: adding 64 (len 60 padlen 4 extra_pad 64)

                    debug2: we sent a password packet, wait for reply

                    debug1: Authentication succeeded (password).

                    debug1: channel 0: new [client-session]

                    debug3: ssh_session2_open: channel_new: 0

                    debug2: channel 0: send open

                    debug1: Entering interactive session.

                    debug2: callback start

                    debug2: client_session2_setup: id 0

                    debug2: channel 0: request pty-req confirm 0

                    debug3: tty_make_modes: ospeed 38400

                    debug3: tty_make_modes: ispeed 38400

                    debug3: tty_make_modes: 1 3

                    debug3: tty_make_modes: 2 28

                    debug3: tty_make_modes: 3 127

                    debug3: tty_make_modes: 4 21

                    debug3: tty_make_modes: 5 4

                    debug3: tty_make_modes: 6 0

                    debug3: tty_make_modes: 7 0

                    debug3: tty_make_modes: 8 17

                    debug3: tty_make_modes: 9 19

                    debug3: tty_make_modes: 10 26

                    debug3: tty_make_modes: 12 18

                    debug3: tty_make_modes: 13 23

                    debug3: tty_make_modes: 14 22

                    debug3: tty_make_modes: 18 15

                    debug3: tty_make_modes: 30 0

                    debug3: tty_make_modes: 31 0

                    debug3: tty_make_modes: 32 0

                    debug3: tty_make_modes: 33 0

                    debug3: tty_make_modes: 34 0

                    debug3: tty_make_modes: 35 0

                    debug3: tty_make_modes: 36 1

                    debug3: tty_make_modes: 37 0

                    debug3: tty_make_modes: 38 1

                    debug3: tty_make_modes: 39 0

                    debug3: tty_make_modes: 40 0

                    debug3: tty_make_modes: 41 0

                    debug3: tty_make_modes: 50 1

                    debug3: tty_make_modes: 51 1

                    debug3: tty_make_modes: 52 0

                    debug3: tty_make_modes: 53 1

                    debug3: tty_make_modes: 54 1

                    debug3: tty_make_modes: 55 1

                    debug3: tty_make_modes: 56 0

                    debug3: tty_make_modes: 57 0

                    debug3: tty_make_modes: 58 0

                    debug3: tty_make_modes: 59 1

                    debug3: tty_make_modes: 60 1

                    debug3: tty_make_modes: 61 1

                    debug3: tty_make_modes: 62 0

                    debug3: tty_make_modes: 70 1

                    debug3: tty_make_modes: 71 0

                    debug3: tty_make_modes: 72 1

                    debug3: tty_make_modes: 73 0

                    debug3: tty_make_modes: 74 0

                    debug3: tty_make_modes: 75 0

                    debug3: tty_make_modes: 90 1

                    debug3: tty_make_modes: 91 1

                    debug3: tty_make_modes: 92 0

                    debug3: tty_make_modes: 93 0

                    debug1: Sending environment.

                    debug3: Ignored env HOSTNAME

                    debug3: Ignored env TERM

                    debug3: Ignored env SHELL

                    debug3: Ignored env HISTSIZE

                    debug3: Ignored env SSH_CLIENT

                    debug3: Ignored env SSH_TTY

                    debug3: Ignored env USER

                    debug3: Ignored env LS_COLORS

                    debug3: Ignored env MAIL

                    debug3: Ignored env PATH

                    debug3: Ignored env is_legal

                    debug3: Ignored env INPUTRC

                    debug3: Ignored env PWD

                    debug1: Sending env LANG = en_US.UTF-8

                    debug2: channel 0: request env confirm 0

                    debug3: Ignored env SSH_ASKPASS

                    debug3: Ignored env SHLVL

                    debug3: Ignored env HOME

                    debug3: Ignored env LOGNAME

                    debug3: Ignored env SSH_CONNECTION

                    debug3: Ignored env LESSOPEN

                    debug3: Ignored env DISPLAY

                    debug3: Ignored env G_BROKEN_FILENAMES

                    debug3: Ignored env _

                    debug2: channel 0: request shell confirm 0

                    debug2: fd 3 setting TCP_NODELAY

                    debug2: callback done

                    debug2: channel 0: open confirm rwindow 0 rmax 32768

                    debug2: channel 0: rcvd adjust 2097152

                    Last login: Tue Nov 1 16:46:46 2011 from nttapcirds2.ntta.local

                    Login denied!



                    debug1: client_input_channel_req: channel 0 rtype exit-status reply 0

                    debug2: channel 0: rcvd eof

                    debug2: channel 0: output open -> drain

                    debug2: channel 0: obuf empty

                    debug2: channel 0: close_write

                    debug2: channel 0: output drain -> closed

                    debug2: channel 0: rcvd close

                    debug2: channel 0: close_read

                    debug2: channel 0: input open -> closed

                    debug3: channel 0: will not send data after close

                    debug2: channel 0: almost dead

                    debug2: channel 0: gc: notify user

                    debug2: channel 0: gc: user detached

                    debug2: channel 0: send close

                    debug2: channel 0: is dead

                    debug2: channel 0: garbage collecting

                    debug1: channel 0: free: client-session, nchannels 1

                    debug3: channel 0: status: The following connections are open:

                    #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cfd -1)



                    debug3: channel 0: close_fds r -1 w -1 e 6 c -1

                    Connection to 172.20.50.42 closed.

                    debug1: Transferred: stdin 0, stdout 0, stderr 36 bytes in 5.3 seconds

                    debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 6.8

                    debug1: Exit status 0



                    ________________________
                    • 7. Re: ssh session suddenly closed after successfully login.- pam_unix(sshd:sessio
                      733470
                      The userid is not 0.

                      please see /etc/samba/smb.conf file

                      uid
                      uid=16811058(rmokkala) gid=16777729(domain users) groups=16777729(domain users),16782536(ntta-everyone)


                      /etc/samba/smb.conf file

                      workgroup = X
                      password server = 10.100.220.161 10.100.220.162 10.100.220.163 10.100.220.164
                      realm = X.LOCAL
                      security = ads
                      idmap uid = 16777216-33554431
                      idmap gid = 16777216-33554431
                      template shell = /bin/bash
                      winbind use default domain = yes
                      winbind offline logon = true
                      winbind enum users = yes
                      winbind enum groups = yes
                      obey pam restrictions = yes
                      allow trusted domains = no
                      idmap backend = rid:x.local=16777216-33554431
                      • 8. Re: ssh session suddenly closed after successfully login.- pam_unix(sshd:sessio
                        Catch 22
                        It seems the error you are receiving is "login denied". Do you have access restrictions defined, e.g. etc/ssh/sshd_config?