Strange problems with sshd under fc3 - Solved!
Eric Vought, Technical Director
evought at diversityink.com
Thu Feb 3 02:17:01 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Eric Vought, Technical Director wrote:
| Eric Vought, Technical Director wrote:
| | Satish Balay wrote:
| | | On Wed, 2 Feb 2005, Eric Vought, Technical Director wrote:
| | |
| | |
| | |>Symptoms:
| | |>sshd rejects all users but one (my account) with "*user* rejected
| | |>because not in AllowUsers".
| | |
| | |
| | | Maybe not releated - but I thought I'd sugest anyway..
| | |
| | | Once I had problem with adding new users with
| | | 'system-config-users'. However I could add with 'adduser' - but ssh
| | | whouldn't accept the passwd.
| | |
| | | The thing that resolved this issue for me was running
| | | 'system-config-securitylevel' - in the 'Selinux' tab, disabling
| | | Selinux - and then re-enabling it again.
| | |
| | | Satish
| | |
| | That's interesting ... it may be related. Does SELinux cache the inodes
| | of configuration files? In other words, if I used an editor which does a
| | create-and-rename for saving files, would sshd be rendered incapable of
| | reading its own configuration?
| |
| Well, it looks like SELinux cannot be the problem. sshd is running
| unconfined; it is not in the 'targetted' policy.
|
OK, the problem is that service sshd reload and service sshd restart are
not working. They are SIGHUPping the wrong process IDs. I figured this
out when I realized that not all of my ssh sessions were closing when I
reloaded the configuration. The session which was closing was the one
which was mistakenly shut down by service sshd reload/restart.
When I HUP the process myself, everything suddenly works.
- --
- --------------
Eric Vought
Technical Director,
Diversity Ink
Morgan Family Enterprises
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCAYmdGqlqMhx2Xb0RAugiAJ9kJN3oc+S9jFxyoPx5qawPIL0FtwCdHNHt
XDtVnqoQZJKtSNGd9RrqYLQ=
=0erO
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: evought.vcf
Type: text/x-vcard
Size: 223 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20050202/97c683b0/attachment-0002.vcf
More information about the users
mailing list