<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.18783">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2 face=Arial>Bit more of a problem now. I cannot get access by
SSH, SCP or even with a monitor and keyboard attached to it. The admin GUI and
all of the sites continue to work but that probably won't last long and for some
reason I will need access. Sorry for posting in the top forum and this is a
BlueQuartz box but does anyone have the best course of action that I can take
here please?</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Thanks. Richard.</FONT></DIV>
<BLOCKQUOTE
style="BORDER-LEFT: #000000 2px solid; PADDING-LEFT: 5px; PADDING-RIGHT: 0px; MARGIN-LEFT: 5px; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="FONT: 10pt arial; BACKGROUND: #e4e4e4; font-color: black"><B>From:</B>
<A title=chuck@tetlow.net href="mailto:chuck@tetlow.net">Chuck Tetlow</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A title=blueonyx@blueonyx.it
href="mailto:blueonyx@blueonyx.it">BlueOnyx General Mailing List</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Monday, June 22, 2009 3:49 AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [BlueOnyx:01464] Re: SSH Closes
Connection</DIV>
<DIV><BR></DIV>OH! I get it now - you attempted to convert the
BlueQuartz server from using databases for user data/authentication to using
the old method of flat-files (/etc/passwd & /etc/shadow). <BR><BR>I've
converted two machines in the past that were live machines with active
sites. Both worked for me. But in both cases - I made sure I had a
positive backup (by taking out one of the two mirrored drives). I did
the conversion and when I'd confirmed everything was operational again - I did
a complete wipe of the 'out-of-box' drive and put it back in. The system
rebuilt the "new" drive in the mirror RAID and everything was happy in the
world. <BR><BR>I've also converted every new BQ server I've built for over a
year. Just once, I had a problem. No authentications.
Luckily, it was a new box. I just reloaded and did the conversion again
- success. <BR><BR><BR>OH HEY!!! I bet I know what your problem is!!!
<BR><BR>For some unknown reason - when Brian decided to close up shop on
Nuonce, he nuked a bunch of files on his server and put in a disclaimer page
about Nuonce's closure. I first ran into this about six months ago -
when that new server wouldn't authenticate after the conversion. I
started looking through the configuration files. What I found was
Brian's procedure in step 10: <BR><BR><FONT size=2>> 10. Rebuild
PAM's system-auth configuration <BR>> <BR>> cd
/etc/pam.d/ <BR>> /bin/mv system-auth
system-auth.backup <BR>> /usr/bin/wget <A
href="http://www.nuonce.net/bq/system-auth.txt"
target=_blank>http://www.nuonce.net/bq/system-auth.txt</A> <BR>>
/bin/mv system-auth.txt system-auth</FONT> <BR><BR>But, if you
try to pull that file - http://www.nuonce.net/bq/system.auth.txt, all you'll
get is that disclaimer about Nuonce closing. Its not the system
authenication file that is used to be there. LUCKILY, when it happened
to me - I had a copy of that file on another server. Since then, I've
built half a dozen BQ servers and converted their authentication system to use
flat-files. In each case, I've used the file I already had in place of
that Nuonce website file. And every one of them has worked (including
two new machines loaded/converted just a week ago). <BR><BR>I could give you
the location on my server to get that file. But its probably easier to
just put the data in here. Go to the /etc/pam.d directory. Edit
the file "system-auth". You'll probably find that damn Nuonce
disclaimer. Delete all the data in that file and put in: <BR><PRE>#%PAM-1.0
<BR># This file is auto-generated.
<BR># User changes will be destroyed the next time authconfig is run.
<BR>auth required /lib/security/$ISA/pam_env.so
<BR>auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
<BR>auth required /lib/security/$ISA/pam_deny.so
<BR>
<BR>account required /lib/security/$ISA/pam_unix.so
<BR>
<BR>password required /lib/security/$ISA/pam_cracklib.so retry=3
<BR>password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
<BR>password required /lib/security/$ISA/pam_deny.so
<BR>
<BR>session required /lib/security/$ISA/pam_limits.so
<BR>session required /lib/security/$ISA/pam_unix.so
<BR></PRE><BR>Save the file and reboot. Everything should be right with
the world now. <BR><BR>Again - that is PROBABLY the difficulty if you
just followed the Nuonce procedure to convert a BlueQuartz server from
database authentication to flat-file authentication. <BR><BR>Good luck.
<BR><BR><BR><BR>Chuck <BR><BR><BR><BR><BR><BR><BR><BR><BR><FONT
size=2><B>---------- Original Message -----------</B> <BR>From: "Richard
Sidlin" <richard@sidlin.co.uk> <BR>To: <cobaltfacts@virtbiz.com>,
"BlueOnyx General Mailing List" <blueonyx@blueonyx.it> <BR>Sent: Sun, 21
Jun 2009 18:12:00 +0100 <BR>Subject: [BlueOnyx:01461] Re: SSH Closes
Connection <BR><BR>> Thanks Chris. It is in a remote datacentre but it will
probably mean a trip <BR>> to go there tomorrow, it's <BR>> only about
45 mins away. Definitely the right admin password as it logs into <BR>> the
admin GUI OK. I have changed the password but that makes no difference.
<BR>> It kicks the connection out as soon as you hit enter after entering
the <BR>> password. Once I get there tomorrow, what should I look at?
<BR>> <BR>> As I mentioned, it's the same with telnet and SCP. Doesn't
get as far as <BR>> saying access denied or wrong password. One things that
may have been an <BR>> issue, we had a general problem with authentication
last week and I followed <BR>> the Nuonce procedure (as below). Do you
think that that may have caused the <BR>> problem? <BR>> <BR>>
________________ <BR>> <BR>> 1. Stop ALL running Processes. <BR>>
<BR>> The following daemons need to be shutdown. They
use system <BR>> authentication and should be properly shutdown to avoid
corrupting the <BR>> password database. If you installed any application
that authenticates <BR>> against the user database, please shut that down
as well! <BR>> <BR>> /sbin/service crond stop
<BR>> /sbin/service admserv stop <BR>>
/sbin/service httpd stop <BR>> /sbin/service
xinetd stop <BR>> /sbin/service dovecot stop <BR>>
/sbin/service sendmail stop <BR>>
/usr/bin/killall -9 sendmail <BR>> /sbin/service
saslauthd stop <BR>> /sbin/service cced.init stop
<BR>> <BR>> After EVERYTHING is stopped running,
issue the following command. <BR>> /sbin/service
dbrecover stop <BR>> 2. MAKE Backups!!!! <BR>> <BR>>
/bin/mkdir -p /SYSTEM-BACKUP <BR>> cd
/var/db/ <BR>> /bin/tar cfvpz /SYSTEM-BACKUP/var-db.tgz
* <BR>> /bin/cp /etc/passwd /SYSTEM-BACKUP/ <BR>>
/bin/cp /etc/shadow /SYSTEM-BACKUP/ <BR>>
/bin/cp /etc/group /SYSTEM-BACKUP/ <BR>> /bin/cp
/usr/sausalito/perl/Base/User.pm /SYSTEM-BACKUP/ <BR>>
/bin/cp /usr/sausalito/perl/Base/Group.pm /SYSTEM-BACKUP/ <BR>>
/bin/cp /etc/pam.d/system-auth /SYSTEM-BACKUP/ <BR>>
/bin/cp /etc/sysconfig/saslauthd /SYSTEM-BACKUP/saslauthd
<BR>> /bin/cp /etc/nsswitch.conf /SYSTEM-BACKUP/
<BR>> 3. Lets "unconvert" the database back to flat files. <BR>>
<BR>> cd /var/db <BR>> ####
Watch Line Wrap -- Next 3 lines #### <BR>> <BR>>
/usr/bin/makedb -u passwd.db | /bin/grep -v "^=" | /usr/bin/perl -p -e
<BR>> "s/(^\..*?) //" >> /etc/passwd <BR>> <BR>>
/usr/bin/makedb -u shadow.db | /usr/bin/perl -p -e "s/(^\..*?) //"
>> <BR>> /etc/shadow <BR>> <BR>>
/usr/bin/makedb -u group.db | /bin/grep -v "^=" | /usr/bin/perl -p -e
<BR>> "s/(^\..*?) //" >> /etc/group <BR>> <BR>> 4. Clean
up the old password & shadow database now <BR>> <BR>>
cd /var/db <BR>> /bin/touch passwd shadow group
<BR>> /usr/bin/makedb -o passwd.db passwd <BR>>
/usr/bin/makedb -o shadow.db shadow <BR>>
/usr/bin/makedb -o group.db group <BR>> /bin/rm
-f passwd shadow group <BR>> 5. Verify they are indeed blank to
avoid any issues. <BR>> <BR>> cd /var/db <BR>>
/usr/bin/makedb -u passwd.db <BR>>
/usr/bin/makedb -u shadow.db <BR>>
/usr/bin/makedb -u group.db <BR>> 6. Make a change to the
BlueQuartz backend so that it uses /etc/passwd & <BR>> /etc/shadow
instead <BR>> <BR>> cd /usr/sausalito/perl/Base/
<BR>> /usr/bin/pico User.pm <BR>> <BR>>
Search for: <BR>> sub useradd <BR>>
<BR>> Two lines below that, replace: <BR>>
return _internal_useradd([PWDB_UNIXDB, PWDB_SHADOWDB], @_);
<BR>> with: <BR>> return
_internal_useradd([PWDB_UNIX, PWDB_SHADOW], @_); <BR>> <BR>>
Save the file, and exit it. <BR>> 7. Make a change to
the BlueQuartz backend so that it uses /etc/group <BR>> instead! <BR>>
<BR>> cd /usr/sausalito/perl/Base/ <BR>>
/usr/bin/pico Group.pm <BR>> <BR>>
Search for: <BR>> sub groupadd <BR>> <BR>>
Two lines below that, replace: <BR>>
return _internal_groupadd([PWDB_UNIXDB, PWDB_SHADOWDB], @_); <BR>>
with: <BR>> return
_internal_groupadd([PWDB_UNIX, PWDB_SHADOW], @_); <BR>> <BR>>
Save the file, and exit it. <BR>> 8. Change
nsswitch.conf so it won't look at the old database <BR>> <BR>>
/usr/bin/perl -pi -e "s#db files#files#" /etc/nsswitch.conf
<BR>> 9. Change saslauthd so it won't look at the old database
<BR>> <BR>> /usr/bin/perl -pi -e
"s#^MECH=pam#MECH=shadow#" <BR>> /etc/sysconfig/saslauthd <BR>>
10. Rebuild PAM's system-auth configuration <BR>> <BR>>
cd /etc/pam.d/ <BR>> /bin/mv system-auth
system-auth.backup <BR>> /usr/bin/wget <A
href="http://www.nuonce.net/bq/system-auth.txt"
target=_blank>http://www.nuonce.net/bq/system-auth.txt</A> <BR>>
/bin/mv system-auth.txt system-auth <BR>> 11. Start the
processes back up. <BR>> <BR>> /sbin/service
dbrecover start <BR>> /sbin/service xinetd start
<BR>> /sbin/service dovecot start <BR>>
/sbin/service saslauthd start <BR>>
/sbin/service sendmail start <BR>> /sbin/service
cced.init start <BR>> /sbin/service admserv start
<BR>> /sbin/service httpd start <BR>>
/sbin/service crond start <BR>> 12. Now that all services
should be running again, go ahead and test <BR>> functionality. <BR>>
<BR>> Everything should work with out any issues.
<BR>> <BR>> From: "Chris Gebhardt - VIRTBIZ Internet"
<cobaltfacts@virtbiz.com> <BR>> To: "BlueOnyx General Mailing List"
<blueonyx@blueonyx.it> <BR>> Sent: Sunday, June 21, 2009 4:11 PM
<BR>> Subject: [BlueOnyx:01460] Re: SSH Closes Connection <BR>> <BR>>
> Richard Sidlin wrote: <BR>> >> Hi <BR>> >> <BR>>
>> When I connect to my server via SSH, it asks for the login as: and
when <BR>> >> I type in the password, I get Server unexpectedly
closed network <BR>> >> connect. Actaully, this is a Blue Quartz box.
I have never had a problem <BR>> >> with this before. I have used two
different usernames and both do the <BR>> >> same and I have tried
accessing it from different machines and still the <BR>> >> same.
<BR>> >> <BR>> >> Access to the admin GUI is fine. I have
rebooted the server but this <BR>> >> made no difference. <BR>>
> <BR>> > You are certain that you are using the correct usr/pwd
combo? <BR>> > <BR>> > Here is what I would try on the chance that
somebody has run passwd from <BR>> > the CLI: <BR>> > <BR>>
> 1) Log into GUI as admin and go to Personal Profile, Account and set a
<BR>> > new password. <BR>> > <BR>> > 2) Log into CLI as
admin using the password you jus set from the GUI. <BR>> > That should
let you in. <BR>> > <BR>> > 3) See if you can su - to root now
using the same password. <BR>> > <BR>> > That ought to work.
If it doesn't, I suppose you could always reboot <BR>> > the box
into single user mode and reset the password that way. If the <BR>>
> box is in a remote datacenter you can have the datacenter staff help you
<BR>> > with it or if they're like us, they can provide you with an
IP-KVM so <BR>> > that you can reboot the box and watch it go through
POST and GRUB so you <BR>> > can have virtual console access to it.
<BR>> > <BR>> > HTH, <BR>> > -- <BR>> > Chris Gebhardt
<BR>> > VIRTBIZ Internet Services <BR>> > Access, Web Hosting,
Colocation, Dedicated <BR>> > <A href="http://www.virtbiz.com/"
target=_blank>www.virtbiz.com</A> | toll-free (866) 4 VIRTBIZ <BR>> >
_______________________________________________ <BR>> > Blueonyx mailing
list <BR>> > Blueonyx@blueonyx.it <BR>> > <A
href="http://www.blueonyx.it/mailman/listinfo/blueonyx"
target=_blank>http://www.blueonyx.it/mailman/listinfo/blueonyx</A> <BR>>
> <BR>> > -- <BR>> > This message has been scanned for viruses
and <BR>> > dangerous content by the Help Internet <BR>> >
MailScanner, and is believed to be clean. <BR>> > <BR>> <BR>>
_______________________________________________ <BR>> Blueonyx mailing list
<BR>> Blueonyx@blueonyx.it <BR>> <A
href="http://www.blueonyx.it/mailman/listinfo/blueonyx"
target=_blank>http://www.blueonyx.it/mailman/listinfo/blueonyx</A>
<BR><B>------- End of Original Message -------</B> <BR></FONT>
<P>
<HR>
<P></P>_______________________________________________<BR>Blueonyx mailing
list<BR>Blueonyx@blueonyx.it<BR>http://www.blueonyx.it/mailman/listinfo/blueonyx<BR></BLOCKQUOTE></BODY></HTML>