-
-
Save LukeLR/d7533d74a0e2bda668ebf31824f2da63 to your computer and use it in GitHub Desktop.
Synology SSH Debugging
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[client@client-TP-Arch .ssh]$ ssh -vvv admin@<server IP> | |
OpenSSH_7.3p1, OpenSSL 1.0.2h 3 May 2016 | |
debug1: Reading configuration data /etc/ssh/ssh_config | |
debug2: resolving "<server IP>" port 22 | |
debug2: ssh_connect_direct: needpriv 0 | |
debug1: Connecting to <server IP> [<server IP>] port 22. | |
debug1: Connection established. | |
debug1: identity file /home/client/.ssh/id_rsa type 1 | |
debug1: key_load_public: No such file or directory | |
debug1: identity file /home/client/.ssh/id_rsa-cert type -1 | |
debug1: key_load_public: No such file or directory | |
debug1: identity file /home/client/.ssh/id_dsa type -1 | |
debug1: key_load_public: No such file or directory | |
debug1: identity file /home/client/.ssh/id_dsa-cert type -1 | |
debug1: key_load_public: No such file or directory | |
debug1: identity file /home/client/.ssh/id_ecdsa type -1 | |
debug1: key_load_public: No such file or directory | |
debug1: identity file /home/client/.ssh/id_ecdsa-cert type -1 | |
debug1: key_load_public: No such file or directory | |
debug1: identity file /home/client/.ssh/id_ed25519 type -1 | |
debug1: key_load_public: No such file or directory | |
debug1: identity file /home/client/.ssh/id_ed25519-cert type -1 | |
debug1: Enabling compatibility mode for protocol 2.0 | |
debug1: Local version string SSH-2.0-OpenSSH_7.3 | |
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8p1-hpn14v6 | |
debug1: match: OpenSSH_6.8p1-hpn14v6 pat OpenSSH* compat 0x04000000 | |
debug2: fd 3 setting O_NONBLOCK | |
debug1: Authenticating to <server IP>:22 as 'admin' | |
debug3: hostkeys_foreach: reading file "/home/client/.ssh/known_hosts" | |
debug3: record_hostkey: found key type ECDSA in file /home/client/.ssh/known_hosts:1 | |
debug3: load_hostkeys: loaded 1 keys from <server IP> | |
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 | |
debug3: send packet: type 20 | |
debug1: SSH2_MSG_KEXINIT sent | |
debug3: receive packet: type 20 | |
debug1: SSH2_MSG_KEXINIT received | |
debug2: local client KEXINIT proposal | |
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c | |
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa | |
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc | |
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc | |
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 | |
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 | |
debug2: compression ctos: none,zlib@openssh.com,zlib | |
debug2: compression stoc: none,zlib@openssh.com,zlib | |
debug2: languages ctos: | |
debug2: languages stoc: | |
debug2: first_kex_follows 0 | |
debug2: reserved 0 | |
debug2: peer server KEXINIT proposal | |
debug2: KEX algorithms: curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521 | |
debug2: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 | |
debug2: ciphers ctos: aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com | |
debug2: ciphers stoc: aes128-ctr,aes128-gcm@openssh.com,aes192-ctr,aes256-ctr,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com | |
debug2: MACs ctos: hmac-sha1,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com,umac-64-etm@openssh.com,umac-64@openssh.com | |
debug2: MACs stoc: hmac-sha1,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-512-etm@openssh.com,umac-128-etm@openssh.com,umac-128@openssh.com,umac-64-etm@openssh.com,umac-64@openssh.com | |
debug2: compression ctos: none,zlib@openssh.com | |
debug2: compression stoc: none,zlib@openssh.com | |
debug2: languages ctos: | |
debug2: languages stoc: | |
debug2: first_kex_follows 0 | |
debug2: reserved 0 | |
debug1: kex: algorithm: curve25519-sha256@libssh.org | |
debug1: kex: host key algorithm: ecdsa-sha2-nistp256 | |
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none | |
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none | |
debug3: send packet: type 30 | |
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY | |
debug3: receive packet: type 31 | |
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:1GXi*** | |
debug3: hostkeys_foreach: reading file "/home/client/.ssh/known_hosts" | |
debug3: record_hostkey: found key type ECDSA in file /home/client/.ssh/known_hosts:1 | |
debug3: load_hostkeys: loaded 1 keys from <server IP> | |
debug1: Host '<server IP>' is known and matches the ECDSA host key. | |
debug1: Found key in /home/client/.ssh/known_hosts:1 | |
debug3: send packet: type 21 | |
debug2: set_newkeys: mode 1 | |
debug1: rekey after 134217728 blocks | |
debug1: SSH2_MSG_NEWKEYS sent | |
debug1: expecting SSH2_MSG_NEWKEYS | |
debug3: receive packet: type 21 | |
debug2: set_newkeys: mode 0 | |
debug1: rekey after 134217728 blocks | |
debug1: SSH2_MSG_NEWKEYS received | |
debug2: key: /home/client/.ssh/id_rsa (0x55e7ba68b200), agent | |
debug2: key: /home/client/.ssh/id_dsa ((nil)) | |
debug2: key: /home/client/.ssh/id_ecdsa ((nil)) | |
debug2: key: /home/client/.ssh/id_ed25519 ((nil)) | |
debug3: send packet: type 5 | |
debug3: receive packet: type 6 | |
debug2: service_accept: ssh-userauth | |
debug1: SSH2_MSG_SERVICE_ACCEPT received | |
debug3: send packet: type 50 | |
debug3: receive packet: type 51 | |
debug1: Authentications that can continue: publickey,password | |
debug3: start over, passed a different list publickey,password | |
debug3: preferred publickey,keyboard-interactive,password | |
debug3: authmethod_lookup publickey | |
debug3: remaining preferred: keyboard-interactive,password | |
debug3: authmethod_is_enabled publickey | |
debug1: Next authentication method: publickey | |
debug1: Offering RSA public key: /home/client/.ssh/id_rsa | |
debug3: send_pubkey_test | |
debug3: send packet: type 50 | |
debug2: we sent a publickey packet, wait for reply | |
debug3: receive packet: type 60 | |
debug1: Server accepts key: pkalg ssh-rsa blen 279 | |
debug2: input_userauth_pk_ok: fp SHA256:Kq+m*** | |
debug3: sign_and_send_pubkey: RSA SHA256:Kq+m*** | |
sign_and_send_pubkey: signing failed: agent refused operation | |
debug1: Trying private key: /home/client/.ssh/id_dsa | |
debug3: no such identity: /home/client/.ssh/id_dsa: No such file or directory | |
debug1: Trying private key: /home/client/.ssh/id_ecdsa | |
debug3: no such identity: /home/client/.ssh/id_ecdsa: No such file or directory | |
debug1: Trying private key: /home/client/.ssh/id_ed25519 | |
debug3: no such identity: /home/client/.ssh/id_ed25519: No such file or directory | |
debug2: we did not send a packet, disable method | |
debug3: authmethod_lookup password | |
debug3: remaining preferred: ,password | |
debug3: authmethod_is_enabled password | |
debug1: Next authentication method: password | |
admin@<server IP>'s password: | |
debug3: send packet: type 50 | |
debug2: we sent a password packet, wait for reply | |
debug3: receive packet: type 52 | |
debug1: Authentication succeeded (password). | |
Authenticated to <server IP> ([<server IP>]:22). | |
debug1: channel 0: new [client-session] | |
debug3: ssh_session2_open: channel_new: 0 | |
debug2: channel 0: send open | |
debug3: send packet: type 90 | |
debug1: Requesting no-more-sessions@openssh.com | |
debug3: send packet: type 80 | |
debug1: Entering interactive session. | |
debug1: pledge: network | |
debug3: receive packet: type 80 | |
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 | |
debug3: receive packet: type 91 | |
debug2: callback start | |
debug2: fd 3 setting TCP_NODELAY | |
debug3: ssh_packet_set_tos: set IP_TOS 0x10 | |
debug2: client_session2_setup: id 0 | |
debug2: channel 0: request pty-req confirm 1 | |
debug3: send packet: type 98 | |
debug2: channel 0: request shell confirm 1 | |
debug3: send packet: type 98 | |
debug2: callback done | |
debug2: channel 0: open confirm rwindow 0 rmax 32768 | |
debug3: receive packet: type 99 | |
debug2: channel_input_status_confirm: type 99 id 0 | |
debug2: PTY allocation request accepted on channel 0 | |
debug2: channel 0: rcvd adjust 87380 | |
debug3: receive packet: type 99 | |
debug2: channel_input_status_confirm: type 99 id 0 | |
debug2: shell request accepted on channel 0 | |
debug1: PAM: establishing credentials | |
debug1: permanently_set_uid: 1024/100 | |
Environment: | |
USER=admin | |
LOGNAME=admin | |
HOME=/var/services/homes/admin | |
PATH=/usr/bin:/bin:/usr/sbin:/sbin | |
MAIL=/var/mail/admin | |
SHELL=/bin/sh | |
SSH_CLIENT=<client IP> 54376 22 | |
SSH_CONNECTION=<client IP> 54376 <server IP> 22 | |
SSH_TTY=/dev/pts/12 | |
TERM=xterm | |
admin@server:~$ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
admin@server:~$ sudo /usr/bin/sshd -d | |
debug1: Config token is ciphers | |
debug1: Config token is kexalgorithms | |
debug1: Config token is macs | |
debug1: Config token is rsaauthentication | |
debug1: Config token is pubkeyauthentication | |
debug1: Config token is authorizedkeysfile | |
debug1: Config token is challengeresponseauthentication | |
debug1: Config token is usepam | |
debug1: Config token is allowtcpforwarding | |
debug1: Config token is useprivilegeseparation | |
debug1: Config token is chrootdirectory | |
debug1: Config token is subsystem | |
debug1: Config token is match | |
debug1: Config token is allowtcpforwarding | |
debug1: Config token is match | |
debug1: Config token is allowtcpforwarding | |
debug1: Config token is match | |
debug1: Config token is allowtcpforwarding | |
debug1: Config token is gatewayports | |
debug1: HPN Buffer Size: 87380 | |
debug1: sshd version OpenSSH_6.8, OpenSSL 1.0.2h-fips 3 May 2016 | |
debug1: private host key #0: ssh-rsa SHA256:yX/j*** | |
debug1: private host key #1: ssh-dss SHA256:ue7W*** | |
debug1: private host key #2: ecdsa-sha2-nistp256 SHA256:1GXi*** | |
debug1: private host key #3: ssh-ed25519 SHA256:wOMF*** | |
debug1: rexec_argv[0]='/usr/bin/sshd' | |
debug1: rexec_argv[1]='-d' | |
Set /proc/self/oom_adj from 0 to -17 | |
debug1: Bind to port 22 on 0.0.0.0. | |
debug1: Server TCP RWIN socket size: 87380 | |
debug1: HPN Buffer Size: 87380 | |
Server listening on 0.0.0.0 port 22. | |
debug1: Bind to port 22 on ::. | |
debug1: Server TCP RWIN socket size: 87380 | |
debug1: HPN Buffer Size: 87380 | |
Server listening on :: port 22. | |
debug1: Server will not fork when running in debugging mode. | |
debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 9 | |
debug1: inetd sockets after dupping: 4, 4 | |
Connection from <client IP> port 54376 on <server IP> port 22 | |
debug1: HPN Disabled: 0, HPN Buffer Size: 87380 | |
debug1: Client protocol version 2.0; client software version OpenSSH_7.3 | |
SSH: Server;Ltype: Version;Remote: <client IP>-54376;Protocol: 2.0;Client: OpenSSH_7.3 | |
debug1: match: OpenSSH_7.3 pat OpenSSH* compat 0x04000000 | |
debug1: Remote is NON-HPN aware | |
debug1: Enabling compatibility mode for protocol 2.0 | |
debug1: Local version string SSH-2.0-OpenSSH_6.8p1-hpn14v6 | |
debug1: permanently_set_uid: 1024/100 [preauth] | |
debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] | |
debug1: SSH2_MSG_KEXINIT sent [preauth] | |
debug1: SSH2_MSG_KEXINIT received [preauth] | |
debug1: AUTH STATE IS 0 [preauth] | |
debug1: REQUESTED ENC.NAME is 'chacha20-poly1305@openssh.com' [preauth] | |
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none [preauth] | |
SSH: Server;Ltype: Kex;Remote: <client IP>-54376;Enc: chacha20-poly1305@openssh.com;MAC: (null);Comp: none [preauth] | |
debug1: REQUESTED ENC.NAME is 'chacha20-poly1305@openssh.com' [preauth] | |
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none [preauth] | |
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] | |
debug1: SSH2_MSG_NEWKEYS sent [preauth] | |
debug1: expecting SSH2_MSG_NEWKEYS [preauth] | |
debug1: SSH2_MSG_NEWKEYS received [preauth] | |
debug1: KEX done [preauth] | |
debug1: userauth-request for user admin service ssh-connection method none [preauth] | |
SSH: Server;Ltype: Authname;Remote: <client IP>-54376;Name: admin [preauth] | |
debug1: attempt 0 failures 0 [preauth] | |
debug1: get user realname admin => admin | |
debug1: Config token is ciphers | |
debug1: Config token is kexalgorithms | |
debug1: Config token is macs | |
debug1: Config token is rsaauthentication | |
debug1: Config token is pubkeyauthentication | |
debug1: Config token is authorizedkeysfile | |
debug1: Config token is challengeresponseauthentication | |
debug1: Config token is usepam | |
debug1: Config token is allowtcpforwarding | |
debug1: Config token is useprivilegeseparation | |
debug1: Config token is chrootdirectory | |
debug1: Config token is subsystem | |
debug1: Config token is match | |
debug1: Config token is allowtcpforwarding | |
debug1: Config token is match | |
debug1: user admin matched 'User admin' at line 154 | |
debug1: Config token is allowtcpforwarding | |
debug1: Config token is match | |
debug1: Config token is allowtcpforwarding | |
debug1: Config token is gatewayports | |
debug1: PAM: initializing for "admin" | |
debug1: PAM: setting PAM_RHOST to "<client IP>" | |
debug1: PAM: setting PAM_TTY to "ssh" | |
debug1: userauth-request for user admin service ssh-connection method publickey [preauth] | |
debug1: attempt 1 failures 0 [preauth] | |
debug1: test whether pkalg/pkblob are acceptable [preauth] | |
debug1: temporarily_use_uid: 1024/100 (e=0/0) | |
debug1: trying public key file /var/services/homes/admin/.ssh/authorized_keys | |
debug1: fd 5 clearing O_NONBLOCK | |
debug1: matching key found: file /var/services/homes/admin/.ssh/authorized_keys, line 1 RSA SHA256:Kq+m*** | |
debug1: restore_uid: 0/0 | |
Postponed publickey for admin from <client IP> port 54376 ssh2 [preauth] | |
debug1: userauth-request for user admin service ssh-connection method password [preauth] | |
debug1: attempt 2 failures 0 [preauth] | |
debug1: PAM: password authentication accepted for admin | |
debug1: do_pam_account: called | |
Accepted password for admin from <client IP> port 54376 ssh2: RSA SHA256:Kq+m*** | |
debug1: monitor_child_preauth: admin has been authenticated by privileged process | |
debug1: monitor_read_log: child log fd closed | |
debug1: PAM: establishing credentials | |
User child is on pid 18396 | |
debug1: ssh_packet_set_postauth: called | |
debug1: Entering interactive session for SSH2. | |
debug1: server_init_dispatch_20 | |
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384 | |
debug1: input_session_request | |
debug1: channel 0: new [server-session] | |
debug1: session_new: session 0 | |
debug1: session_open: channel 0 | |
debug1: session_open: session 0: link with channel 0 | |
debug1: server_input_channel_open: confirm session | |
debug1: server_input_global_request: rtype no-more-sessions@openssh.com want_reply 0 | |
debug1: server_input_channel_req: channel 0 request pty-req reply 1 | |
debug1: session_by_channel: session 0 channel 0 | |
debug1: session_input_channel_req: session 0 req pty-req | |
debug1: Allocating pty. | |
debug1: session_new: session 0 | |
lastlog_openseek: Couldn't stat /var/log/lastlog: No such file or directory | |
lastlog_openseek: Couldn't stat /var/log/lastlog: No such file or directory | |
debug1: session_pty_req: session 0 alloc /dev/pts/12 | |
debug1: Ignoring unsupported tty mode opcode 42 (0x2a) | |
debug1: server_input_channel_req: channel 0 request shell reply 1 | |
debug1: session_by_channel: session 0 channel 0 | |
debug1: session_input_channel_req: session 0 req shell | |
Starting session: shell on pts/12 for admin from <client IP> port 54376 | |
debug1: Setting controlling tty using TIOCSCTTY. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment