Cant log into linux with telnet or ssh

Support for security such as Firewalls and securing linux
davidmgf
Posts: 4
Joined: 2007/04/10 10:27:38

Cant log into linux with telnet or ssh

Post by davidmgf » 2007/04/10 11:36:39

I have only recently installed CentOS 4 and i'm having a problem logging on with ssh & telnet. I was getting in a few days ago with telnet but for some reason i cant anymore. My linux system is on a lan and i am eager to make it more secure before i begin to use it on the internet. I also have a windows box running Cygwin and i use it to Xwin.exe -query my linux windows onto my xp workstation. I really like being able to use the graphic interface remotely and Cygwin does a good job of providing the client side support.

What is strange is that i cannot ssh or telnet to the linux box using Cygwin which has ssh/OpenSSH support. When i try and telnet that connection hangs and i have to kill the window. Both telnet and sshd are running, and stopping and restarting the service for them doesnt help.

Here is the output of ssh -vvv:

$ ssh -vvv david@192.168.1.5
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.5 [192.168.1.5] port 22.
debug1: Connection established.
debug1: identity file /home/david/.ssh/identity type -1
debug3: Not a RSA1 key file /home/david/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/david/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /home/david/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/david/.ssh/id_dsa type 2


Thats where it hangs every time. It never gets to the "Remote protocol version" string. Interestingly, i am able to telnet and ssh to localhost on the linux machine so i know those are working and i have used the Cygwin telnet to log onto a machine at work over the VPN. I also shutdown my firewalls on both sides just to remove them as a possible cause.

Does anyone have any clue what i've screwed up to cause this? :-?

pjwelsh
Posts: 2598
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Re: Cant log into linux with telnet or ssh

Post by pjwelsh » 2007/04/10 14:27:16

Is this a new install? My first guess is that the generation of the ssh key did not happen correctly or is corrupted.
However, you mentioned telnet, but did not show the telnet error, so no guesses for that.

davidmgf
Posts: 4
Joined: 2007/04/10 10:27:38

Re: Cant log into linux with telnet or ssh

Post by davidmgf » 2007/04/10 15:03:19

Yes, this is a brand new install as of this last weekend. However, I dont think the problem is related to the key generation since i can use ssh to connect to machines at work that i have never connected to and i am just prompted for a login.

The fact that telnet isnt running is a big clue although i dont know what the clue is pointing at yet. Maybe my router is interferging in some way i cant see.. i have tried forwarding ports 22 and 23 to the linux box without success and both machines can ping the other so there is connectivity.

I need to come up with a way to remove the router from the equation, perhaps connect the 2 machines directly together, altho thats not as easy as it sounds since i have the linux machine configured with a wireless network card. Still, it wouldnt be that hard to set up the ethernet card and redo the routing table to effectivelu be a passthrough.

pjwelsh
Posts: 2598
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Re: Cant log into linux with telnet or ssh

Post by pjwelsh » 2007/04/10 16:38:48

I you have local console acces, just "ssh localhost" to bypass the router in question.

pjwelsh
Posts: 2598
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Re: Cant log into linux with telnet or ssh

Post by pjwelsh » 2007/04/10 16:40:21

Just to make sure we are talking about the same things, now that I've looked at the debug again, the bad key in question is actually "Not a RSA1 key file /home/david/.ssh/id_rsa"

davidmgf
Posts: 4
Joined: 2007/04/10 10:27:38

Re: Cant log into linux with telnet or ssh

Post by davidmgf » 2007/04/10 17:01:53

[quote]
pjwelsh wrote:
Just to make sure we are talking about the same things, now that I've looked at the debug again, the bad key in question is actually "Not a RSA1 key file /home/david/.ssh/id_rsa"[/quote]


Thats to be expected. Ive never been able to SSH to this machine yet. I connect to machines wih SSH all the time that i havent established a key with.

Also, remember that this machine is also rejecting telnet connections for which there is no key.

I am beginning to think the problem is that i installed some piece of software that has wacked a setting somewhere. I just dont know where and its like finding a needle in the haystack. Worse, because i am ignorant, its like trying to find a needle in a haystack at night on the new moon. :P

If i dont figure it out soon, i'll have to reinstall. And next time, i'll check each step to make sure both X and SSH are working.

pjwelsh
Posts: 2598
Joined: 2007/01/07 02:18:02
Location: Central IL USA

Re: Cant log into linux with telnet or ssh

Post by pjwelsh » 2007/04/10 17:10:56

[quote]Also, remember that this machine is also rejecting telnet connections for which there is no key.[/quote]

Telnet doesn't do ssh keys. It will do "kerberose", however... I wonder if that is your issue. On your server, can you run "netstat -anp|grep :23" to see if xinetd (for telnet-server) is listening on the the "telnet" port as defined in the /etc/services. Make sure the results you see have ":23" in the "local address" not "foreign"

gerald_clark
Posts: 10642
Joined: 2005/08/05 15:19:54
Location: Northern Illinois, USA

Cant log into linux with telnet or ssh

Post by gerald_clark » 2007/04/10 19:19:03

Is selinux disabled?
Did you install 'Legacy Network Server' ?
Did you 'chkconfig telnet on' followed by 'service xinetd restart' ?
Is iptables running? If so, did you open the port?

davidmgf
Posts: 4
Joined: 2007/04/10 10:27:38

Re: Cant log into linux with telnet or ssh

Post by davidmgf » 2007/04/16 04:06:21

I did a bunch of things including turning selinux off.. but none of that helped. Because i had connectivity everywhere and all of the computers on my network were able to telnet, ssh, etc elsewhere, i figured this had to be a special issue just between these two machines and the only common factor i could think of that was common was the routing table.

I had added a direct route between these machines and apparently that was the problem. One of the machines was on the network via wireless and the other wasnt and they were not capable of direct communication anyways.

Pruning the routing down to 2 entries, one to declare the network and another to declare the gateway fixed this. Thanks to everyone whose comments inspired me to fix this. :-)

jtan163
Posts: 7
Joined: 2007/07/23 06:23:53
Location: Adelaide, Australia

Re: Cant log into linux with telnet or ssh

Post by jtan163 » 2007/07/23 07:40:39

Did uou generate your ssh keys on windows?

If so try dos2unix on a copy of the public key and put that in your ~/.ssh/authorized_keys.

The whitespace related log output makes me suspicious of cross paltform file problems.

Post Reply

Return to “CentOS 4 - Security Support”