Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: SuSE 10.1 3.2M2 - Admin - Mail Queue - Not displaying

  1. #11
    brian is offline Project Contributor
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    Try to ssh with -v. This will usually give you more of a hint to why it doesn't like the keys or other authentication mechanisms.

  2. #12
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by brian
    Try to ssh with -v. This will usually give you more of a hint to why it doesn't like the keys or other authentication mechanisms.

    zimbra@zimbra:~/.ssh> ssh -v host.name.com
    OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Connecting to host.name.com [xxx.xxx.xxx.xxx] port 22.
    debug1: Connection established.
    debug1: identity file /opt/zimbra/.ssh/identity type -1
    debug1: identity file /opt/zimbra/.ssh/id_rsa type -1
    debug1: identity file /opt/zimbra/.ssh/id_dsa type -1
    debug1: Remote protocol version 1.99, remote software version OpenSSH_4.2
    debug1: match: OpenSSH_4.2 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.2
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    The authenticity of host 'host.name.com (xxx.xxx.xxx.xxx)' can't be established.
    RSA key fingerprint is 1d:6e:94:62:56:ca:a6:02:8c:da:10:01:df:db:41:10.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added 'host.name.com,xxx.xxx.xxx.xxx' (RSA) to the list of known hosts.
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Next authentication method: publickey
    debug1: Trying private key: /opt/zimbra/.ssh/identity
    debug1: Trying private key: /opt/zimbra/.ssh/id_rsa
    debug1: Trying private key: /opt/zimbra/.ssh/id_dsa
    debug1: Next authentication method: keyboard-interactive
    Password:
    ---------

    What am I missing?

  3. #13
    brian is offline Project Contributor
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    When testing ssh by hand you need to specifically tell it the key to use.

    ssh -v -i /opt/zimbra/.ssh/zimbra_identity zimbra@host.name.com

  4. #14
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    9

    Default

    Quote Originally Posted by brian
    When testing ssh by hand you need to specifically tell it the key to use.

    ssh -v -i /opt/zimbra/.ssh/zimbra_identity zimbra@host.name.com
    Sorry

    zimbra:~ # ssh -v -i /opt/zimbra/.ssh/zimbra_identity zimbra@host.name.com
    OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Connecting to host.name.com [xxx.xxx.xxx.xxx] port 22.
    debug1: Connection established.
    debug1: permanently_set_uid: 0/0
    debug1: identity file /opt/zimbra/.ssh/zimbra_identity type 2
    debug1: Remote protocol version 1.99, remote software version OpenSSH_4.2
    debug1: match: OpenSSH_4.2 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.2
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'host.name.com' is known and matches the RSA host key.
    debug1: Found key in /root/.ssh/known_hosts:2
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Next authentication method: publickey
    debug1: Offering public key: /opt/zimbra/.ssh/zimbra_identity
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Server accepts key: pkalg ssh-dss blen 433
    debug1: read PEM private key done: type DSA
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    Connection closed by host.name.com

  5. #15
    marcmac is offline Expert Member
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    13

    Default

    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Server accepts key: pkalg ssh-dss blen 433
    debug1: read PEM private key done: type DSA
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd

    That almost looks like the execution of zmrcd on the target box is failing - can you run that by hand as the zimbra user?
    Bugzilla - Wiki - Downloads - Before posting... Search!

  6. #16
    brian is offline Project Contributor
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    You should be seeing something like this when you ssh by hand, it should also hang waiting on input.

    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Authentication succeeded (publickey).
    debug1: channel 0: new [client-session]
    debug1: Entering interactive session.

    The only other thing I can think of is because you have your server configured for both ssh protocol 1 and 2 you may want to ensure that protocol 2 is listed first. Or just loose the protocol 1 support all together.

    I don't believe the Java ssh client that is being used supports protocol 1.

  7. #17
    illscientific is offline Active Member
    Join Date
    Oct 2005
    Location
    Washington DC
    Posts
    47
    Rep Power
    9

    Default

    Did anyone ever figure this out? I'm having the same issue.

  8. #18
    illscientific is offline Active Member
    Join Date
    Oct 2005
    Location
    Washington DC
    Posts
    47
    Rep Power
    9

    Default

    zimbra@chamber:~/libexec$ ssh -v -i /opt/zimbra/.ssh/zimbra_identity zimbra@mail.networks.com
    OpenSSH_3.8.1p1 Debian-8.sarge.4, OpenSSL 0.9.7e 25 Oct 2004
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Connecting to mail.networks.com [209.9.228.67] port 22.
    debug1: Connection established.
    debug1: identity file /opt/zimbra/.ssh/zimbra_identity type 2
    debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 Debian-3
    debug1: match: OpenSSH_4.3p2 Debian-3 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.4
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'mail.networks.com' is known and matches the RSA host key.
    debug1: Found key in /opt/zimbra/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey
    debug1: Next authentication method: publickey
    debug1: Offering public key: /opt/zimbra/.ssh/zimbra_identity
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Server accepts key: pkalg ssh-dss blen 435
    debug1: read PEM private key done: type DSA
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    Connection closed by 209.9.228.67
    zimbra@chamber:~/libexec$


    How else can I troubleshoot this... or where would this be logged as to why its kicking me out as soon as I try an ssh in...

  9. #19
    illscientific is offline Active Member
    Join Date
    Oct 2005
    Location
    Washington DC
    Posts
    47
    Rep Power
    9

    Default

    When I run "/opt/zimbra/libexec/zmrcd" manually as the zimbra user it just returns me to the shell with no output and I don't see anything running in the process listing... Is there a way to enable some kind of debugging...?

  10. #20
    illscientific is offline Active Member
    Join Date
    Oct 2005
    Location
    Washington DC
    Posts
    47
    Rep Power
    9

    Default

    I bet I can make this work with libpam_chroot.. Ill keep you posted

Page 2 of 3 FirstFirst 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Problems with port 25
    By yogiman in forum Installation
    Replies: 57
    Last Post: 06-13-2011, 01:55 PM
  2. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 08:09 AM
  4. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 03:34 PM
  5. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 04:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •