Recovering group "ssh_keys" to remote-access via PuTTY

Support for security such as Firewalls and securing linux
Post Reply
mrtonnet
Posts: 1
Joined: 2016/01/04 09:09:21

Recovering group "ssh_keys" to remote-access via PuTTY

Post by mrtonnet » 2016/01/04 09:37:34

Hello,

I've encountered a problem and couldn't find the exact solution from the web and this forum.
So I'm posting a new topic.
I'd appreciate your input to fix this problem.

* Problem
I can't remote-access a (CentOS) server with PuTTY.
The error message is

"Server unexpectedly closed network connection"

* How this happened?
On the server, I executed the following command.

# groupdel ssh_keys

This command is the cause of the problem because I regenerated this problem on another server with exactly same settings.

* Why this happened?
I recently installed the recent version of CentOS on three servers.
My company's security department had me run an automated security flaw detection program.
This program created a bunch of suggestions to enhance security of a server.
One of them was to delete group "ssh_keys" which turned out to be a lousy suggestion.

* What should I do?
Based on my web search results, it's likely that I should set up SSH keys. But I'm afraid of messing up MORE by doing it.
Could you tell me what I should do to fix this problem?
Thanks in advance!

User avatar
TrevorH
Forum Moderator
Posts: 26515
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Recovering group "ssh_keys" to remote-access via PuTTY

Post by TrevorH » 2016/01/04 10:04:26

What you did was deleted a linux group. That particular group is not a standard CentOS supplied group so deleting it would have zero effect on a vanilla CentOS system since there is no group called ssh_keys. This must be particular to your installation and presumably you need to belong to group ssh_keys in order to be able to logon via an ssh key. I tested here by adding a group called 'atest' then usermod -a -G atest two users so that they belonged to it and getent group atest returned both usernames as part of the group. I then groupdel atest and then added it again and both users were then no longer members of the group. This means that you cannot just re-add the ssh_keys group to the system and have it work since all the users that used to be part of it will need to be re-added.

Check in /etc/ssh/sshd_config and see if there is anything there that restricts access to the group ssh_keys.
CentOS 5 died in March 2017 - migrate NOW!
CentOS 6 goes EOL sooner rather than later, get upgrading!
Full time Geek, part time moderator. Use the FAQ Luke

aks
Posts: 2829
Joined: 2014/09/20 11:22:14

Re: Recovering group "ssh_keys" to remote-access via PuTTY

Post by aks » 2016/01/04 17:03:26

I've seen this behaviour when the ssh daemon doesn't allow "old" algorithms but the client (putty in this case) is an old version and hasn't got the "new" algorithms implemented.
I've also seen it when the machine can not allocate a TTY (terminal) - out of resources (memory, TTY etc.)
Just a shot in the dark actually...

Post Reply

Return to “CentOS 7 - Security Support”