Where does ssh log errors

[Charlie Foxtrot]

Hello,

I'm trying to start ssh, but I get a faile message.


knoppix@Microknoppix:~$ sudo /etc/init.d/ssh start -p 22
Starting OpenBSD Secure Shell server: sshdsshd: option requires an argument -- p
OpenSSH_5.5p1 Debian-6, OpenSSL 0.9.8o 01 Jun 2010
usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]
[-f config_file] [-g login_grace_time] [-h host_key_file]
[-k key_gen_time] [-o option] [-p port] [-u len]
failed!

Where can I go to find more information? I didn't see anything useful in var/log/messages, /var/log/kern.log, or /var/log/syslog

-Charlie

[Charlie Foxtrot]

I found the menu item in Preferences / Start SSH Server, and it seems to work, but I'd like to know why my other command didn't work and how I could change the default port.

-Charlie

[kl522]

There is probably a bug in /etc/init.d/ssh. In order to support what you want to do, you can do this :-

/etc/init.d/ssh start "-p 22"

Everything after the 'start' will have to be quoted. But of course you can also modify /etc/ssh/sshd_config.

[Werner P. Schulz]

... it is not a bug.

A user without a password isn't allowed to handle with sshd. Therefore you have to run '/usr/sbin/sshstart' from Klaus Knopper. This script checks all necessary things and ask for a password for user "knoppix".

Greetings Werner * http://www.wp-schulz.de/knoppix/summary.html
Own Rescue-CD with Knoppix (Knoppix V6.4.4 remaster)

[kl522]

... it is not a bug.

A user without a password isn't allowed to handle with sshd. Therefore you have to run '/usr/sbin/sshstart' from Klaus Knopper. This script checks all necessary things and ask for a password for user "knoppix".

Just because there is a script /usr/sbin/sshstart created, it does not make /etc/init.d/ssh less guilty of a bug. /etc/init.d/ssh is meant to be invoked, manually or from boot, for the fact that it is located in /etc/init.d, however less friendly it is.

If you look at the script /etc/init.d/ssh, somewhere line 26,

Code:

if [ -n "$2" ]; then
      SSHD_OPTS="$SSHD_OPTS $2"
fi

Now we know '$1' is 'start', 'stop' or 'restart'. It will be everybody's guess what is '$2' supposed to be. But whatever it is, according to this script, it is supposed to accept some kind of SSHD_OPTS but the problem is that it is only accepting single argument, $2, that's why there is an error when invoked as '/etc/init.d/ssh start -p 22' while '/etc/init.d/ssh start "-p 22"' will not have error.

[Charlie Foxtrot]

Just because there is a script /usr/sbin/sshstart created, it does not make /etc/init.d/ssh less guilty of a bug. /etc/init.d/ssh is meant to be invoked, manually or from boot, for the fact that it is located in /etc/init.d, however less friendly it is.

If you look at the script /etc/init.d/ssh, somewhere line 26,

Code:

if [ -n "$2" ]; then
      SSHD_OPTS="$SSHD_OPTS $2"
fi

Now we know '$1' is 'start', 'stop' or 'restart'. It will be everybody's guess what is '$2' supposed to be. But whatever it is, according to this script, it is supposed to accept some kind of SSHD_OPTS but the problem is that it is only accepting single argument, $2, that's why there is an error when invoked as '/etc/init.d/ssh start -p 22' while '/etc/init.d/ssh start "-p 22"' will not have error.

I changed the command that the shortcut runs to:

Code:

/usr/sbin/sshstart "-p 512"

I then ran it, but it's still using port 22:

Code:

knoppix@Microknoppix:~$ sudo netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      4926/sshd       
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      3050/cupsd      
knoppix@Microknoppix:~$

Is there anyway to change the port?
-Charlie

[kl522]

I changed the command that the shortcut runs to:

Code:

/usr/sbin/sshstart "-p 512"

I then ran it, but it's still using port 22:

Read my posts again. I have never pitched for /usr/sbin/sshstart. I said /etc/init.d/ssh start "-p 22". Read again please.

[Werner P. Schulz]

Is there anyway to change the port?

... change Port # in '/etc/ssh/sshd_config' and restart the ssh-server.

[Forester]

Hi Charlie,

I suggest you do this though the ssh configuration files.

On the Knoppix machine the file you are interested in the file is /etc/ssh/sshd.conf. About line 5 you will find:

Code:

Port 22

Change that. kl522 did mention this but he was trying to answer the question you asked, not the question you needed to ask.

You'll need to make sure your ssh clients use the same port. If that's another Linux machine or its a Windows machine with OpenSSH (e.g. running cygwin) I can help but if it is PuTTY I can't.

The original error message you got because sshd did not like the parameters it was passed by /etc/init.d/ssh because you did not give it the parameters the way it wants them. Ugly I know. As a consequence, sshd never started so there would be nothing in a log to find.

Using ssh involves a login: logins are recorded in /var/log/wtmp but this file is not human readable. Logging in involves a password authentication: these events are recorded in /var/log/auth.log. Errors from background process (daemons) should be logged in /var/log/daemon.log. However, as discussed before, Knoppix is a bit light on logging and you've now configured your own, so things may be different chez toi.

Knoppix runs without a password but you can't use ssh without passwords. It doesn't make sense. So, as Werner pointed out, KK provided a script to set things up correctly and you should use it because the script may deal with subtleties only KK knows about.

I expect you only need run the script once. It may well ignore any parameters you give it. You would need to examine the script to find out. It probably alters /etc/rc.local so that the ssh daemon is started automatically every time you boot. That will start it without parameters, so it will be running on port 22. You may then have trouble starting it later by hand or whatever using a different port - you'd need to shut the first instance down. I suggest you use the configuration file and then the first instance will run on the port you desire.

The scripts in /etc/init.d are intended to be run from a general purposes start-up script so they all provide the same interface - just one parameter: start, stop etc. Other mechanisms must be used for other parameters for debug purposes. The one used here is not terribly user friendly but that does not make it a bug. It is not intended for users (not that kind anyway).

At this level you are expected to understand the shell and how to use it. In particular, how to read other people's scripts. That's a long learning curve I'm afraid and you will find yourself getting things not quite right for a very long time. I mean years.

P.S. The file /etc/services lists known ports and which services use them. You'll see port 512 is used by the exec service. You are probably not running this service so you will probably be OK. However, to avoid the possibly of very weird behaviour, you should choose a port number that isn't listed in /etc/services.