SSH looks connect but password prompt not come

ssh linux ubuntu centos

When SSH clients try to connect CentOS 7 openssh-server waiting for password prompt but never comes. When I debug, connection log and netstat shows connection established.

Here is my client debug:

tevfik@Darktower:~$ ssh -vvv [email protected]
OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug3: kex names ok: [diffie-hellman-group1-sha1,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1]
debug2: resolve_canonicalize: hostname 10.40.4.19 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.40.4.19 [10.40.4.19] port 22.
debug1: Connection established.
debug1: identity file /home/tevfik/.ssh/id_rsa type -1
debug1: identity file /home/tevfik/.ssh/id_rsa-cert type -1
debug1: identity file /home/tevfik/.ssh/id_dsa type -1
debug1: identity file /home/tevfik/.ssh/id_dsa-cert type -1
debug1: identity file /home/tevfik/.ssh/id_ecdsa type -1
debug1: identity file /home/tevfik/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/tevfik/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/tevfik/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/tevfik/.ssh/id_ed25519 type -1
debug1: identity file /home/tevfik/.ssh/id_ed25519-cert type -1
debug1: identity file /home/tevfik/.ssh/id_ed25519_sk type -1
debug1: identity file /home/tevfik/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/tevfik/.ssh/id_xmss type -1
debug1: identity file /home/tevfik/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3

And here is ssh server side netstat output

Have you any idea? Regards,


Solution 1:

Provided you have local access to the server side you can stop the sshd service on the server and then run the sshd service in verbose mode to see what happens at login.For the sshd service the verbose mode (debug mode) is -d or up to -ddd.

https://linux.die.net/man/8/sshd

https://unix.stackexchange.com/a/55481

Another thing to check is that the server is configured to allow password ssh access. This is the PasswordAuthentication option in the sshd_config file.

https://linux.die.net/man/5/sshd_config

Check for auth problems in the secure and auth logs:

https://superuser.com/a/1293901/1178349

Check for SELinux issues:

https://www.serverlab.ca/tutorials/linux/administration-linux/troubleshooting-selinux-centos-red-hat/

Related

socket.io session ends with HAproxy
Chaining sshuttle commands over two hops
Check_mk agent listening on ipv6, how to change to ipv4
nginx doesn't accept connections from external IPs
Upgrading to debian 11 (from debian 10) not add the kernel in /boot/ (Dedibox Server)
Permissions for SCCM Service Account
Nginx + php-fpm - recv() error
Kerberos not working. - Can't find client principal in cache collection
Can I have my KVM guests on the same subnet as the host?
Unable to share clipboard in iLO remote console
Cannot start mysql-server on Amazon Linux 2 due to dependency issues
SELinux will not disable on CentOS7