Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: SuSE 10.1 3.2M2 - Admin - Mail Queue - Not displaying

  1. #11
    brian is offline Project Contributor
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    9

    Default

    Try to ssh with -v. This will usually give you more of a hint to why it doesn't like the keys or other authentication mechanisms.

  2. #12
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    8

    Default

    Quote Originally Posted by brian
    Try to ssh with -v. This will usually give you more of a hint to why it doesn't like the keys or other authentication mechanisms.

    zimbra@zimbra:~/.ssh> ssh -v host.name.com
    OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Connecting to host.name.com [xxx.xxx.xxx.xxx] port 22.
    debug1: Connection established.
    debug1: identity file /opt/zimbra/.ssh/identity type -1
    debug1: identity file /opt/zimbra/.ssh/id_rsa type -1
    debug1: identity file /opt/zimbra/.ssh/id_dsa type -1
    debug1: Remote protocol version 1.99, remote software version OpenSSH_4.2
    debug1: match: OpenSSH_4.2 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.2
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    The authenticity of host 'host.name.com (xxx.xxx.xxx.xxx)' can't be established.
    RSA key fingerprint is 1d:6e:94:62:56:ca:a6:02:8c:da:10:01:df:db:41:10.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added 'host.name.com,xxx.xxx.xxx.xxx' (RSA) to the list of known hosts.
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Next authentication method: publickey
    debug1: Trying private key: /opt/zimbra/.ssh/identity
    debug1: Trying private key: /opt/zimbra/.ssh/id_rsa
    debug1: Trying private key: /opt/zimbra/.ssh/id_dsa
    debug1: Next authentication method: keyboard-interactive
    Password:
    ---------

    What am I missing?

  3. #13
    brian is offline Project Contributor
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    9

    Default

    When testing ssh by hand you need to specifically tell it the key to use.

    ssh -v -i /opt/zimbra/.ssh/zimbra_identity zimbra@host.name.com

  4. #14
    gmsmith is offline Moderator
    Join Date
    Apr 2006
    Location
    Williamsburg, VA
    Posts
    451
    Rep Power
    8

    Default

    Quote Originally Posted by brian
    When testing ssh by hand you need to specifically tell it the key to use.

    ssh -v -i /opt/zimbra/.ssh/zimbra_identity zimbra@host.name.com
    Sorry

    zimbra:~ # ssh -v -i /opt/zimbra/.ssh/zimbra_identity zimbra@host.name.com
    OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Connecting to host.name.com [xxx.xxx.xxx.xxx] port 22.
    debug1: Connection established.
    debug1: permanently_set_uid: 0/0
    debug1: identity file /opt/zimbra/.ssh/zimbra_identity type 2
    debug1: Remote protocol version 1.99, remote software version OpenSSH_4.2
    debug1: match: OpenSSH_4.2 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.2
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'host.name.com' is known and matches the RSA host key.
    debug1: Found key in /root/.ssh/known_hosts:2
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Next authentication method: publickey
    debug1: Offering public key: /opt/zimbra/.ssh/zimbra_identity
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Server accepts key: pkalg ssh-dss blen 433
    debug1: read PEM private key done: type DSA
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    Connection closed by host.name.com

  5. #15
    marcmac is offline Expert Member
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    13

    Default

    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Server accepts key: pkalg ssh-dss blen 433
    debug1: read PEM private key done: type DSA
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd

    That almost looks like the execution of zmrcd on the target box is failing - can you run that by hand as the zimbra user?
    Bugzilla - Wiki - Downloads - Before posting... Search!

  6. #16
    brian is offline Project Contributor
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    9

    Default

    You should be seeing something like this when you ssh by hand, it should also hang waiting on input.

    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Authentication succeeded (publickey).
    debug1: channel 0: new [client-session]
    debug1: Entering interactive session.

    The only other thing I can think of is because you have your server configured for both ssh protocol 1 and 2 you may want to ensure that protocol 2 is listed first. Or just loose the protocol 1 support all together.

    I don't believe the Java ssh client that is being used supports protocol 1.

  7. #17
    illscientific is offline Active Member
    Join Date
    Oct 2005
    Location
    Washington DC
    Posts
    47
    Rep Power
    9

    Default

    Did anyone ever figure this out? I'm having the same issue.

  8. #18
    illscientific is offline Active Member
    Join Date
    Oct 2005
    Location
    Washington DC
    Posts
    47
    Rep Power
    9

    Default

    zimbra@chamber:~/libexec$ ssh -v -i /opt/zimbra/.ssh/zimbra_identity zimbra@mail.networks.com
    OpenSSH_3.8.1p1 Debian-8.sarge.4, OpenSSL 0.9.7e 25 Oct 2004
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Connecting to mail.networks.com [209.9.228.67] port 22.
    debug1: Connection established.
    debug1: identity file /opt/zimbra/.ssh/zimbra_identity type 2
    debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 Debian-3
    debug1: match: OpenSSH_4.3p2 Debian-3 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.4
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'mail.networks.com' is known and matches the RSA host key.
    debug1: Found key in /opt/zimbra/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey
    debug1: Next authentication method: publickey
    debug1: Offering public key: /opt/zimbra/.ssh/zimbra_identity
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    debug1: Server accepts key: pkalg ssh-dss blen 435
    debug1: read PEM private key done: type DSA
    debug1: Remote: Forced command: /opt/zimbra/libexec/zmrcd
    Connection closed by 209.9.228.67
    zimbra@chamber:~/libexec$


    How else can I troubleshoot this... or where would this be logged as to why its kicking me out as soon as I try an ssh in...

  9. #19
    illscientific is offline Active Member
    Join Date
    Oct 2005
    Location
    Washington DC
    Posts
    47
    Rep Power
    9

    Default

    When I run "/opt/zimbra/libexec/zmrcd" manually as the zimbra user it just returns me to the shell with no output and I don't see anything running in the process listing... Is there a way to enable some kind of debugging...?

  10. #20
    illscientific is offline Active Member
    Join Date
    Oct 2005
    Location
    Washington DC
    Posts
    47
    Rep Power
    9

    Default

    I bet I can make this work with libpam_chroot.. Ill keep you posted

Page 2 of 3 FirstFirst 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Problems with port 25
    By yogiman in forum Installation
    Replies: 57
    Last Post: 06-13-2011, 01:55 PM
  2. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 08:09 AM
  4. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 03:34 PM
  5. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 04:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •