SSH looks connect but password prompt not come
When SSH clients try to connect CentOS 7 openssh-server waiting for password prompt but never comes. When I debug, connection log and netstat shows connection established.
Here is my client debug:
tevfik@Darktower:~$ ssh -vvv [email protected]
OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug3: kex names ok: [diffie-hellman-group1-sha1,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1]
debug2: resolve_canonicalize: hostname 10.40.4.19 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.40.4.19 [10.40.4.19] port 22.
debug1: Connection established.
debug1: identity file /home/tevfik/.ssh/id_rsa type -1
debug1: identity file /home/tevfik/.ssh/id_rsa-cert type -1
debug1: identity file /home/tevfik/.ssh/id_dsa type -1
debug1: identity file /home/tevfik/.ssh/id_dsa-cert type -1
debug1: identity file /home/tevfik/.ssh/id_ecdsa type -1
debug1: identity file /home/tevfik/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/tevfik/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/tevfik/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/tevfik/.ssh/id_ed25519 type -1
debug1: identity file /home/tevfik/.ssh/id_ed25519-cert type -1
debug1: identity file /home/tevfik/.ssh/id_ed25519_sk type -1
debug1: identity file /home/tevfik/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/tevfik/.ssh/id_xmss type -1
debug1: identity file /home/tevfik/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3
And here is ssh server side netstat output
Have you any idea? Regards,
Solution 1:
Provided you have local access to the server side you can stop the sshd service on the server and then run the sshd service in verbose mode to see what happens at login.For the sshd service the verbose mode (debug mode) is -d or up to -ddd.
https://linux.die.net/man/8/sshd
https://unix.stackexchange.com/a/55481
Another thing to check is that the server is configured to allow password ssh access. This is the PasswordAuthentication option in the sshd_config file.
https://linux.die.net/man/5/sshd_config
Check for auth problems in the secure and auth logs:
https://superuser.com/a/1293901/1178349
Check for SELinux issues:
https://www.serverlab.ca/tutorials/linux/administration-linux/troubleshooting-selinux-centos-red-hat/