2 Replies Latest reply on Nov 12, 2019 5:30 AM by Hitesh Jha

    Troubleshooting Access Failure Servers

    Hitesh Jha
      Share This:

      Hello All,

      I know it's very general concern but still we are facing a lot of issue regarding No access ,No response servers.

      Could some please share the most accurate query to extract the list of servers which shows as access failure in last 4 consecutive scans.

       

      Also when I working on the troubleshooting part for Red Hat servers found below issue.

      I am manually able to logged in using the service account but when I do the credential test it getting failed.

       

      Is it something related to issue with public-private  ssh key or permission issue.

      Kindly help!!!

      1. OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
      2. debug1: Reading configuration data /etc/ssh/ssh_config
      3. debug1: Applying options for *
      4. debug1: Connecting to 10.100.0.115 [10.100.0.115] port 22.
      5. debug1: Connection established.
      6. debug1: identity file /usr/tideway/var/159e4c3472e932fb6d420a64003d68bf-10.100.0.115.key type -1
      7. debug1: identity file /usr/tideway/var/159e4c3472e932fb6d420a64003d68bf-10.100.0.115.key-cert type -1
      8. debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
      9. debug1: match: OpenSSH_7.4 pat OpenSSH*
      10. debug1: Enabling compatibility mode for protocol 2.0
      11. debug1: Local version string SSH-2.0-OpenSSH_5.3
      12. debug1: SSH2_MSG_KEXINIT sent
      13. debug1: SSH2_MSG_KEXINIT received
      14. debug1: kex: server->client aes128-ctr hmac-sha2-256 none
      15. debug1: kex: client->server aes128-ctr hmac-sha2-256 none
      16. debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent
      17. debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
      18. debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
      19. debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
      20. The authenticity of host '10.100.0.115 (10.100.0.115)' can't be established.
      21. RSA key fingerprint is e8:b6:65:1f:60:48:1d:3f:52:ba:a2:91:c1:e7:c5:89.
      22. Are you sure you want to continue connecting (yes/no)? yes
      23. Warning: Permanently added '10.100.0.115' (RSA) to the list of known hosts.
      24. debug1: ssh_rsa_verify: signature correct
      25. debug1: SSH2_MSG_NEWKEYS sent
      26. debug1: expecting SSH2_MSG_NEWKEYS
      27. debug1: SSH2_MSG_NEWKEYS received
      28. debug1: SSH2_MSG_SERVICE_REQUEST sent
      29. debug1: SSH2_MSG_SERVICE_ACCEPT received
      30. *******************************************************************************
      31. BROADRIDGE ELECTRONIC COMMUNICATION SYSTEM
      32. WARNING: Unauthorized access or attempts at unauthorized access to Broadridge
      33. Electronic Communication Systems is expressly prohibited and subject to criminal
      34. prosecution.
      35. Broadridge Electronic Communication Systems, as well as all information
      36. transmitted, received, stored or accessed on Broadridge Electronic Communication
      37. Systems, are either the exclusive property of Broadridge Financial Solutions,
      38. Inc. or are under the protection of Broadridge Financial Solutions, Inc
      39. on behalf of Broadridge customers and clients.
      40. Authorized users of Broadridge's computer networks, systems or equipment must
      41. adhere to all applicable laws, regulations and Broadridge policies.
      42. By logging on to this system, you explicitly waive all rights and expectations
      43. to privacy and agree to the monitoring and retrieval of any information
      44. contained within this system at the sole discretion of Broadridge.
      45. *******************************************************************************
      46. debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
      47. debug1: Next authentication method: publickey
      48. debug1: Trying private key: /usr/tideway/var/159e4c3472e932fb6d420a64003d68bf-10.100.0.115.key
      49. debug1: read PEM private key done: type RSA
      50. debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
      51. debug1: No more authentication methods to try.
      52. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
        • 1. Re: Troubleshooting Access Failure Servers
          Swapnil Lagad

          HEllo Hitesh,

           

          Check in /etc/ssh/sshd_config file, whether PasswordAuthentication is set to no. If it is then kindly change it as yes and restart the sshd services again.

          • 2. Re: Troubleshooting Access Failure Servers
            Hitesh Jha

            Hello Swapnil,

             

            when I checked using our service account discover I am getting password denied error.

             

            [discover@edppslrhns02 ssh]$ cat sshd_config

            cat: sshd_config: Permission denied

            But when I checked with root user and validate the Password Authentication it was set to  yes.

             

            #      : sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

             

             

            #######################################################################

            ###         RHEL7  CIS Compliance Configuration                     ###

            #######################################################################

             

             

            SyslogFacility AUTHPRIV

            UseDNS no

             

             

            Protocol 2

            LogLevel INFO

            X11Forwarding no

            MaxAuthTries 4

            IgnoreRhosts yes

            IgnoreUserKnownHosts yes

            AuthorizedKeysFile      .ssh/authorized_keys

            HostbasedAuthentication no

            HostKey /etc/ssh/ssh_host_rsa_key

            #HostKey /etc/ssh/ssh_host_dsa_key

            HostKey /etc/ssh/ssh_host_ecdsa_key

            HostKey /etc/ssh/ssh_host_ed25519_key

             

             

            PermitRootLogin no

            PermitEmptyPasswords no

            PermitUserEnvironment no

            #Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc

            Ciphers aes256-ctr,aes192-ctr,aes128-ctr

            #MACs hmac-sha2-512,hmac-sha2-256,hmac-sha1

            MACs hmac-sha2-512,hmac-sha2-256

            ClientAliveInterval 900

            ClientAliveCountMax 0

            LoginGraceTime 60

            Banner /etc/issue.net

             

             

            #Default Values Set in Original sshd_config

            PasswordAuthentication yes

            ChallengeResponseAuthentication no

             

             

            GSSAPIAuthentication yes

            GSSAPICleanupCredentials no

            UsePAM yes

            # Accept locale-related environment variables

            AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES

            AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT

            AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE

            AcceptEnv XMODIFIERS

             

             

            # override default of no subsystems

            Subsystem        sftp    /usr/libexec/openssh/sftp-server

             

             

            AllowUsers segadmin scommon scompriv scommant secscan monuser cscott wallacet