• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

The Geek Diary

HowTos | Basics | Concepts

  • Solaris
    • Solaris 11
    • SVM
    • ZFS
    • Zones
    • LDOMs
    • Hardware
  • Linux
    • CentOS/RHEL 7
    • RHCSA notes
    • SuSE Linux Enterprise
    • Linux Services
  • VCS
    • VxVM
  • Interview Questions
  • oracle
    • ASM
    • mysql
    • RAC
    • oracle 12c
    • Data Guard
  • DevOps
    • Docker
    • Shell Scripting
  • Hadoop
    • Hortonworks HDP
      • HDPCA
    • Cloudera
      • CCA 131

How to Enable ssh/sshd Debugging for Solaris

By admin

This post will show how to put ssh (the client command) and sshd (the server daemon) into debug mode in order to troubleshoot authorization and connection problems. This debug output will be requested by Oracle/Sun technical support agents for ssh/sshd authorization and connection issues when opening service requests.

Steps to Follow

Configure the sshd daemon to run single threaded in debug mode. You have the choice of either:

1. stopping the active sshd on the system so that an sshd running in debug mode can be started.

-OR-

2. starting a new sshd instance running in debug mode on a free port other than port 22. The example below is for starting a new sshd on a different port (2222 in this case) in debug mode:

ssh_server# /usr/lib/ssh/sshd -p 2222 -ddd
debug1: sshd version Sun_SSH_1.1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 2222 on ::.
Server listening on :: port 2222

here the output will stop until a client connection on port 2222 is initiated. now that the server is ready to accept a connection; start the debug session from the ssh client:

root@sshclient# /usr/bin/ssh -p 2222 -vvv 192.168.100.33
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 192.168.100.33 [192.168.100.33] port 2222.
debug1: Connection established.
debug1: identity file /.ssh/identity type -1
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1
debug1: no match: Sun_SSH_1.1
debug1: Enabling compatibility mode for protocol 2.0
debug2: . . (snipped for brevity)

Note: the debug output will scroll. Complete (or attempt to complete) the login session so that debug will display on both sides.

for sftp testing use -o options with sftp to specify Port.

# sftp -oPort=2222 192.168.100.33

For more detailed debugging, truss can be used to capture system calls and signals.

On the server

# truss -aefdl -rall -wall -vall -xall -o /var/tmp/sshd.truss /usr/lib/ssh/sshd -p 2222 -ddd

On the client

# truss -aefdl -rall -wall -vall -xall -o /var/tmp/ssh.truss /usr/bin/ssh -p 2222 -vvv 192.168.100.33

Once the connection is made, the server debug window will continue to output debug data:

debug1: Server will not fork when running in debugging mode.
Connection from 192.168.100.33 port 56939
debug1: Client protocol version 2.0; client software version Sun_SSH_1.1
debug1: no match: Sun_SSH_1.1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug2: (snipped for brevity)

cut/paste, save and provide the debug output from BOTH sides.

Filed Under: Solaris

Some more articles you might also be interested in …

  1. How to configure Shared Memory Parameters in Solaris 10,11
  2. How to set boot-device with luxadm command in Solaris
  3. Managing network resources in Solaris 11 using “dlstat” and “flowstat”
  4. How to update the boot_archive for ZFS root in Solaris
  5. Solaris : How to Troubleshoot “Unable to mount NFS mount point”
  6. How to remove a failed disk using luxadm and cfgadm
  7. Resolving File System Full Situations in Solaris
  8. How to Configure Link Aggregation in Solaris 11 (Trunk V/s Datalink multipathing (DLMP))
  9. How To Use ‘zpool split’ to Split rpool in solaris 11 (SPARC)
  10. How to add swap file in Solaris

You May Also Like

Primary Sidebar

Recent Posts

  • How to change the default IP address of docker bridge
  • “su: Authentication failure” – in Docker
  • How to Pause and Resume Docker Containers
  • How to find docker storage device and its size (device mapper storage driver)
  • Understanding “docker stats” Command Output
  • Archives
  • Contact Us
  • Copyright

© 2019 · The Geek Diary