[BlueOnyx:01487] Re: SSH Closes Connection
Richard Sidlin
richard at sidlin.co.uk
Wed Jun 24 11:30:03 -05 2009
Bit more of a problem now. I cannot get access by SSH, SCP or even with a monitor and keyboard attached to it. The admin GUI and all of the sites continue to work but that probably won't last long and for some reason I will need access. Sorry for posting in the top forum and this is a BlueQuartz box but does anyone have the best course of action that I can take here please?
Thanks. Richard.
----- Original Message -----
From: Chuck Tetlow
To: BlueOnyx General Mailing List
Sent: Monday, June 22, 2009 3:49 AM
Subject: [BlueOnyx:01464] Re: SSH Closes Connection
OH! I get it now - you attempted to convert the BlueQuartz server from using databases for user data/authentication to using the old method of flat-files (/etc/passwd & /etc/shadow).
I've converted two machines in the past that were live machines with active sites. Both worked for me. But in both cases - I made sure I had a positive backup (by taking out one of the two mirrored drives). I did the conversion and when I'd confirmed everything was operational again - I did a complete wipe of the 'out-of-box' drive and put it back in. The system rebuilt the "new" drive in the mirror RAID and everything was happy in the world.
I've also converted every new BQ server I've built for over a year. Just once, I had a problem. No authentications. Luckily, it was a new box. I just reloaded and did the conversion again - success.
OH HEY!!! I bet I know what your problem is!!!
For some unknown reason - when Brian decided to close up shop on Nuonce, he nuked a bunch of files on his server and put in a disclaimer page about Nuonce's closure. I first ran into this about six months ago - when that new server wouldn't authenticate after the conversion. I started looking through the configuration files. What I found was Brian's procedure in step 10:
> 10. Rebuild PAM's system-auth configuration
>
> cd /etc/pam.d/
> /bin/mv system-auth system-auth.backup
> /usr/bin/wget http://www.nuonce.net/bq/system-auth.txt
> /bin/mv system-auth.txt system-auth
But, if you try to pull that file - http://www.nuonce.net/bq/system.auth.txt, all you'll get is that disclaimer about Nuonce closing. Its not the system authenication file that is used to be there. LUCKILY, when it happened to me - I had a copy of that file on another server. Since then, I've built half a dozen BQ servers and converted their authentication system to use flat-files. In each case, I've used the file I already had in place of that Nuonce website file. And every one of them has worked (including two new machines loaded/converted just a week ago).
I could give you the location on my server to get that file. But its probably easier to just put the data in here. Go to the /etc/pam.d directory. Edit the file "system-auth". You'll probably find that damn Nuonce disclaimer. Delete all the data in that file and put in:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
password required /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
Save the file and reboot. Everything should be right with the world now.
Again - that is PROBABLY the difficulty if you just followed the Nuonce procedure to convert a BlueQuartz server from database authentication to flat-file authentication.
Good luck.
Chuck
---------- Original Message -----------
From: "Richard Sidlin" <richard at sidlin.co.uk>
To: <cobaltfacts at virtbiz.com>, "BlueOnyx General Mailing List" <blueonyx at blueonyx.it>
Sent: Sun, 21 Jun 2009 18:12:00 +0100
Subject: [BlueOnyx:01461] Re: SSH Closes Connection
> Thanks Chris. It is in a remote datacentre but it will probably mean a trip
> to go there tomorrow, it's
> only about 45 mins away. Definitely the right admin password as it logs into
> the admin GUI OK. I have changed the password but that makes no difference.
> It kicks the connection out as soon as you hit enter after entering the
> password. Once I get there tomorrow, what should I look at?
>
> As I mentioned, it's the same with telnet and SCP. Doesn't get as far as
> saying access denied or wrong password. One things that may have been an
> issue, we had a general problem with authentication last week and I followed
> the Nuonce procedure (as below). Do you think that that may have caused the
> problem?
>
> ________________
>
> 1. Stop ALL running Processes.
>
> The following daemons need to be shutdown. They use system
> authentication and should be properly shutdown to avoid corrupting the
> password database. If you installed any application that authenticates
> against the user database, please shut that down as well!
>
> /sbin/service crond stop
> /sbin/service admserv stop
> /sbin/service httpd stop
> /sbin/service xinetd stop
> /sbin/service dovecot stop
> /sbin/service sendmail stop
> /usr/bin/killall -9 sendmail
> /sbin/service saslauthd stop
> /sbin/service cced.init stop
>
> After EVERYTHING is stopped running, issue the following command.
> /sbin/service dbrecover stop
> 2. MAKE Backups!!!!
>
> /bin/mkdir -p /SYSTEM-BACKUP
> cd /var/db/
> /bin/tar cfvpz /SYSTEM-BACKUP/var-db.tgz *
> /bin/cp /etc/passwd /SYSTEM-BACKUP/
> /bin/cp /etc/shadow /SYSTEM-BACKUP/
> /bin/cp /etc/group /SYSTEM-BACKUP/
> /bin/cp /usr/sausalito/perl/Base/User.pm /SYSTEM-BACKUP/
> /bin/cp /usr/sausalito/perl/Base/Group.pm /SYSTEM-BACKUP/
> /bin/cp /etc/pam.d/system-auth /SYSTEM-BACKUP/
> /bin/cp /etc/sysconfig/saslauthd /SYSTEM-BACKUP/saslauthd
> /bin/cp /etc/nsswitch.conf /SYSTEM-BACKUP/
> 3. Lets "unconvert" the database back to flat files.
>
> cd /var/db
> #### Watch Line Wrap -- Next 3 lines ####
>
> /usr/bin/makedb -u passwd.db | /bin/grep -v "^=" | /usr/bin/perl -p -e
> "s/(^\..*?) //" >> /etc/passwd
>
> /usr/bin/makedb -u shadow.db | /usr/bin/perl -p -e "s/(^\..*?) //" >>
> /etc/shadow
>
> /usr/bin/makedb -u group.db | /bin/grep -v "^=" | /usr/bin/perl -p -e
> "s/(^\..*?) //" >> /etc/group
>
> 4. Clean up the old password & shadow database now
>
> cd /var/db
> /bin/touch passwd shadow group
> /usr/bin/makedb -o passwd.db passwd
> /usr/bin/makedb -o shadow.db shadow
> /usr/bin/makedb -o group.db group
> /bin/rm -f passwd shadow group
> 5. Verify they are indeed blank to avoid any issues.
>
> cd /var/db
> /usr/bin/makedb -u passwd.db
> /usr/bin/makedb -u shadow.db
> /usr/bin/makedb -u group.db
> 6. Make a change to the BlueQuartz backend so that it uses /etc/passwd &
> /etc/shadow instead
>
> cd /usr/sausalito/perl/Base/
> /usr/bin/pico User.pm
>
> Search for:
> sub useradd
>
> Two lines below that, replace:
> return _internal_useradd([PWDB_UNIXDB, PWDB_SHADOWDB], @_);
> with:
> return _internal_useradd([PWDB_UNIX, PWDB_SHADOW], @_);
>
> Save the file, and exit it.
> 7. Make a change to the BlueQuartz backend so that it uses /etc/group
> instead!
>
> cd /usr/sausalito/perl/Base/
> /usr/bin/pico Group.pm
>
> Search for:
> sub groupadd
>
> Two lines below that, replace:
> return _internal_groupadd([PWDB_UNIXDB, PWDB_SHADOWDB], @_);
> with:
> return _internal_groupadd([PWDB_UNIX, PWDB_SHADOW], @_);
>
> Save the file, and exit it.
> 8. Change nsswitch.conf so it won't look at the old database
>
> /usr/bin/perl -pi -e "s#db files#files#" /etc/nsswitch.conf
> 9. Change saslauthd so it won't look at the old database
>
> /usr/bin/perl -pi -e "s#^MECH=pam#MECH=shadow#"
> /etc/sysconfig/saslauthd
> 10. Rebuild PAM's system-auth configuration
>
> cd /etc/pam.d/
> /bin/mv system-auth system-auth.backup
> /usr/bin/wget http://www.nuonce.net/bq/system-auth.txt
> /bin/mv system-auth.txt system-auth
> 11. Start the processes back up.
>
> /sbin/service dbrecover start
> /sbin/service xinetd start
> /sbin/service dovecot start
> /sbin/service saslauthd start
> /sbin/service sendmail start
> /sbin/service cced.init start
> /sbin/service admserv start
> /sbin/service httpd start
> /sbin/service crond start
> 12. Now that all services should be running again, go ahead and test
> functionality.
>
> Everything should work with out any issues.
>
> From: "Chris Gebhardt - VIRTBIZ Internet" <cobaltfacts at virtbiz.com>
> To: "BlueOnyx General Mailing List" <blueonyx at blueonyx.it>
> Sent: Sunday, June 21, 2009 4:11 PM
> Subject: [BlueOnyx:01460] Re: SSH Closes Connection
>
> > Richard Sidlin wrote:
> >> Hi
> >>
> >> When I connect to my server via SSH, it asks for the login as: and when
> >> I type in the password, I get Server unexpectedly closed network
> >> connect. Actaully, this is a Blue Quartz box. I have never had a problem
> >> with this before. I have used two different usernames and both do the
> >> same and I have tried accessing it from different machines and still the
> >> same.
> >>
> >> Access to the admin GUI is fine. I have rebooted the server but this
> >> made no difference.
> >
> > You are certain that you are using the correct usr/pwd combo?
> >
> > Here is what I would try on the chance that somebody has run passwd from
> > the CLI:
> >
> > 1) Log into GUI as admin and go to Personal Profile, Account and set a
> > new password.
> >
> > 2) Log into CLI as admin using the password you jus set from the GUI.
> > That should let you in.
> >
> > 3) See if you can su - to root now using the same password.
> >
> > That ought to work. If it doesn't, I suppose you could always reboot
> > the box into single user mode and reset the password that way. If the
> > box is in a remote datacenter you can have the datacenter staff help you
> > with it or if they're like us, they can provide you with an IP-KVM so
> > that you can reboot the box and watch it go through POST and GRUB so you
> > can have virtual console access to it.
> >
> > HTH,
> > --
> > Chris Gebhardt
> > VIRTBIZ Internet Services
> > Access, Web Hosting, Colocation, Dedicated
> > www.virtbiz.com | toll-free (866) 4 VIRTBIZ
> > _______________________________________________
> > Blueonyx mailing list
> > Blueonyx at blueonyx.it
> > http://www.blueonyx.it/mailman/listinfo/blueonyx
> >
> > --
> > This message has been scanned for viruses and
> > dangerous content by the Help Internet
> > MailScanner, and is believed to be clean.
> >
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at blueonyx.it
> http://www.blueonyx.it/mailman/listinfo/blueonyx
------- End of Original Message -------
------------------------------------------------------------------------------
_______________________________________________
Blueonyx mailing list
Blueonyx at blueonyx.it
http://www.blueonyx.it/mailman/listinfo/blueonyx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20090624/36777e3d/attachment.html>
More information about the Blueonyx
mailing list