• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to Enable ssh/sshd Debugging for Solaris

by admin

This post will show how to put ssh (the client command) and sshd (the server daemon) into debug mode in order to troubleshoot authorization and connection problems. This debug output will be requested by Oracle/Sun technical support agents for ssh/sshd authorization and connection issues when opening service requests.

Steps to Follow

Configure the sshd daemon to run single threaded in debug mode. You have the choice of either:

1. stopping the active sshd on the system so that an sshd running in debug mode can be started.

-OR-

2. starting a new sshd instance running in debug mode on a free port other than port 22. The example below is for starting a new sshd on a different port (2222 in this case) in debug mode:

ssh_server# /usr/lib/ssh/sshd -p 2222 -ddd
debug1: sshd version Sun_SSH_1.1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 2222 on ::.
Server listening on :: port 2222

here the output will stop until a client connection on port 2222 is initiated. now that the server is ready to accept a connection; start the debug session from the ssh client:

root@sshclient# /usr/bin/ssh -p 2222 -vvv 192.168.100.33
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 192.168.100.33 [192.168.100.33] port 2222.
debug1: Connection established.
debug1: identity file /.ssh/identity type -1
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1
debug1: no match: Sun_SSH_1.1
debug1: Enabling compatibility mode for protocol 2.0
debug2: . . (snipped for brevity)

Note: the debug output will scroll. Complete (or attempt to complete) the login session so that debug will display on both sides.

for sftp testing use -o options with sftp to specify Port.

# sftp -oPort=2222 192.168.100.33

For more detailed debugging, truss can be used to capture system calls and signals.

On the server

# truss -aefdl -rall -wall -vall -xall -o /var/tmp/sshd.truss /usr/lib/ssh/sshd -p 2222 -ddd

On the client

# truss -aefdl -rall -wall -vall -xall -o /var/tmp/ssh.truss /usr/bin/ssh -p 2222 -vvv 192.168.100.33

Once the connection is made, the server debug window will continue to output debug data:

debug1: Server will not fork when running in debugging mode.
Connection from 192.168.100.33 port 56939
debug1: Client protocol version 2.0; client software version Sun_SSH_1.1
debug1: no match: Sun_SSH_1.1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug2: (snipped for brevity)

cut/paste, save and provide the debug output from BOTH sides.

Filed Under: Solaris

Some more articles you might also be interested in …

  1. Solaris : How to include date and timestamp in bash shell command history
  2. Solaris : How to increase the Inodes on UFS file system with newfs command
  3. How to mount the zfs rpool while booted from CD [SPARC]
  4. Oracle VM Server for SPARC (Ldoms) : How to Change Primary/Control Domain’s UUID
  5. 7 Useful Find Command Examples to Locate files to remove when a filesystem is full
  6. Solaris 10 patching with SVM : Traditional method (non-live upgrade)
  7. How to check zpool status in Solaris
  8. What are the Solaris process tools
  9. 17 Examples of using Solaris boot command
  10. Oracle Solaris 11 Zones : New Features

You May Also Like

Primary Sidebar

Recent Posts

  • raw: command not found
  • raw Command Examples in Linux
  • rankmirrors Command Examples in Linux
  • radeontop: command not found

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright