Results 1 to 9 of 9

Thread: Where does ssh log errors

  1. #1
    Member
    Join Date
    Apr 2011
    Location
    Durham, NC, USA
    Posts
    31

    Where does ssh log errors

    Hello,

    I'm trying to start ssh, but I get a faile message.


    knoppix@Microknoppix:~$ sudo /etc/init.d/ssh start -p 22
    Starting OpenBSD Secure Shell server: sshdsshd: option requires an argument -- p
    OpenSSH_5.5p1 Debian-6, OpenSSL 0.9.8o 01 Jun 2010
    usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]
    [-f config_file] [-g login_grace_time] [-h host_key_file]
    [-k key_gen_time] [-o option] [-p port] [-u len]
    failed!

    Where can I go to find more information? I didn't see anything useful in var/log/messages, /var/log/kern.log, or /var/log/syslog

    -Charlie

  2. #2
    Member
    Join Date
    Apr 2011
    Location
    Durham, NC, USA
    Posts
    31
    I found the menu item in Preferences / Start SSH Server, and it seems to work, but I'd like to know why my other command didn't work and how I could change the default port.

    -Charlie

  3. #3
    Senior Member registered user
    Join Date
    Dec 2009
    Posts
    423
    There is probably a bug in /etc/init.d/ssh. In order to support what you want to do, you can do this :-

    /etc/init.d/ssh start "-p 22"

    Everything after the 'start' will have to be quoted. But of course you can also modify /etc/ssh/sshd_config.

  4. #4
    Moderator Moderator
    Join Date
    Nov 2010
    Location
    Germany/ Dietzenbach
    Posts
    1,124
    ... it is not a bug.

    A user without a password isn't allowed to handle with sshd. Therefore you have to run '/usr/sbin/sshstart' from Klaus Knopper. This script checks all necessary things and ask for a password for user "knoppix".

    Greetings Werner * http://www.wp-schulz.de/knoppix/summary.html
    Own Rescue-CD with Knoppix (Knoppix V6.4.4 remaster)

  5. #5
    Senior Member registered user
    Join Date
    Dec 2009
    Posts
    423
    Quote Originally Posted by Werner P. Schulz View Post
    ... it is not a bug.

    A user without a password isn't allowed to handle with sshd. Therefore you have to run '/usr/sbin/sshstart' from Klaus Knopper. This script checks all necessary things and ask for a password for user "knoppix".
    Just because there is a script /usr/sbin/sshstart created, it does not make /etc/init.d/ssh less guilty of a bug. /etc/init.d/ssh is meant to be invoked, manually or from boot, for the fact that it is located in /etc/init.d, however less friendly it is.

    If you look at the script /etc/init.d/ssh, somewhere line 26,
    Code:
    if [ -n "$2" ]; then
          SSHD_OPTS="$SSHD_OPTS $2"
    fi
    Now we know '$1' is 'start', 'stop' or 'restart'. It will be everybody's guess what is '$2' supposed to be. But whatever it is, according to this script, it is supposed to accept some kind of SSHD_OPTS but the problem is that it is only accepting single argument, $2, that's why there is an error when invoked as '/etc/init.d/ssh start -p 22' while '/etc/init.d/ssh start "-p 22"' will not have error.

  6. #6
    Member
    Join Date
    Apr 2011
    Location
    Durham, NC, USA
    Posts
    31
    Quote Originally Posted by kl522 View Post
    Just because there is a script /usr/sbin/sshstart created, it does not make /etc/init.d/ssh less guilty of a bug. /etc/init.d/ssh is meant to be invoked, manually or from boot, for the fact that it is located in /etc/init.d, however less friendly it is.

    If you look at the script /etc/init.d/ssh, somewhere line 26,
    Code:
    if [ -n "$2" ]; then
          SSHD_OPTS="$SSHD_OPTS $2"
    fi
    Now we know '$1' is 'start', 'stop' or 'restart'. It will be everybody's guess what is '$2' supposed to be. But whatever it is, according to this script, it is supposed to accept some kind of SSHD_OPTS but the problem is that it is only accepting single argument, $2, that's why there is an error when invoked as '/etc/init.d/ssh start -p 22' while '/etc/init.d/ssh start "-p 22"' will not have error.
    I changed the command that the shortcut runs to:

    Code:
    /usr/sbin/sshstart "-p 512"
    I then ran it, but it's still using port 22:

    Code:
    knoppix@Microknoppix:~$ sudo netstat -tulpn
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      4926/sshd       
    tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      3050/cupsd      
    knoppix@Microknoppix:~$
    Is there anyway to change the port?
    -Charlie

  7. #7
    Senior Member registered user
    Join Date
    Dec 2009
    Posts
    423
    Quote Originally Posted by Charlie Foxtrot View Post
    I changed the command that the shortcut runs to:

    Code:
    /usr/sbin/sshstart "-p 512"
    I then ran it, but it's still using port 22:
    Read my posts again. I have never pitched for /usr/sbin/sshstart. I said /etc/init.d/ssh start "-p 22". Read again please.

  8. #8
    Moderator Moderator
    Join Date
    Nov 2010
    Location
    Germany/ Dietzenbach
    Posts
    1,124
    Is there anyway to change the port?
    ... change Port # in '/etc/ssh/sshd_config' and restart the ssh-server.

  9. #9
    Senior Member
    Join Date
    Jan 2011
    Posts
    242
    Hi Charlie,

    I suggest you do this though the ssh configuration files.

    On the Knoppix machine the file you are interested in the file is /etc/ssh/sshd.conf. About line 5 you will find:

    Code:
    Port 22
    Change that. kl522 did mention this but he was trying to answer the question you asked, not the question you needed to ask.

    You'll need to make sure your ssh clients use the same port. If that's another Linux machine or its a Windows machine with OpenSSH (e.g. running cygwin) I can help but if it is PuTTY I can't.

    The original error message you got because sshd did not like the parameters it was passed by /etc/init.d/ssh because you did not give it the parameters the way it wants them. Ugly I know. As a consequence, sshd never started so there would be nothing in a log to find.

    Using ssh involves a login: logins are recorded in /var/log/wtmp but this file is not human readable. Logging in involves a password authentication: these events are recorded in /var/log/auth.log. Errors from background process (daemons) should be logged in /var/log/daemon.log. However, as discussed before, Knoppix is a bit light on logging and you've now configured your own, so things may be different chez toi.

    Knoppix runs without a password but you can't use ssh without passwords. It doesn't make sense. So, as Werner pointed out, KK provided a script to set things up correctly and you should use it because the script may deal with subtleties only KK knows about.

    I expect you only need run the script once. It may well ignore any parameters you give it. You would need to examine the script to find out. It probably alters /etc/rc.local so that the ssh daemon is started automatically every time you boot. That will start it without parameters, so it will be running on port 22. You may then have trouble starting it later by hand or whatever using a different port - you'd need to shut the first instance down. I suggest you use the configuration file and then the first instance will run on the port you desire.

    The scripts in /etc/init.d are intended to be run from a general purposes start-up script so they all provide the same interface - just one parameter: start, stop etc. Other mechanisms must be used for other parameters for debug purposes. The one used here is not terribly user friendly but that does not make it a bug. It is not intended for users (not that kind anyway).

    At this level you are expected to understand the shell and how to use it. In particular, how to read other people's scripts. That's a long learning curve I'm afraid and you will find yourself getting things not quite right for a very long time. I mean years.

    P.S. The file /etc/services lists known ports and which services use them. You'll see port 512 is used by the exec service. You are probably not running this service so you will probably be OK. However, to avoid the possibly of very weird behaviour, you should choose a port number that isn't listed in /etc/services.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


AUDIO CODES  MP-114 VOIP Gateway Open Box picture

AUDIO CODES MP-114 VOIP Gateway Open Box

$24.99



Cisco CP-8832-K9 Unified 8800 Series Conference VOIP IP Phone 1 Year Warranty picture

Cisco CP-8832-K9 Unified 8800 Series Conference VOIP IP Phone 1 Year Warranty

$113.00



Cisco CP-8821-K9 8821 Wireless VOIP IP Phone 1 Year Waranty picture

Cisco CP-8821-K9 8821 Wireless VOIP IP Phone 1 Year Waranty

$265.00



Grandstream GS-HT802 2 Port Analog Telephone Adapter VoIP Phone & Device, Black picture

Grandstream GS-HT802 2 Port Analog Telephone Adapter VoIP Phone & Device, Black

$32.00



Yealink T53W IP Phone, 12 VoIP Accounts. 3.7-Inch Display w/o Adapter - Black picture

Yealink T53W IP Phone, 12 VoIP Accounts. 3.7-Inch Display w/o Adapter - Black

$59.99



Cisco CP-7841 VoIP Phone PoE IP Business Phone Great Condition Mult. Available picture

Cisco CP-7841 VoIP Phone PoE IP Business Phone Great Condition Mult. Available

$19.99



Yealink T54W IP Phone, 16 VoIP Accounts. 4.3-Inch Color Display - Black picture

Yealink T54W IP Phone, 16 VoIP Accounts. 4.3-Inch Color Display - Black

$98.99



Yealink T53W IP Phone, 12 VoIP Accounts. 3.7-Inch Display w/Power Adapter - Blk picture

Yealink T53W IP Phone, 12 VoIP Accounts. 3.7-Inch Display w/Power Adapter - Blk

$45.00



POLYCOM - VOIP POLY EDGE E350 IP PHONE #2200-87010-025 picture

POLYCOM - VOIP POLY EDGE E350 IP PHONE #2200-87010-025

$145.00



Cisco SPA504G 4-Line IP Phone with 2-Port Switch, PoE, LCD Display &Power Supply picture

Cisco SPA504G 4-Line IP Phone with 2-Port Switch, PoE, LCD Display &Power Supply

$21.00