SSH, SFTP issue

Friday, February 19, 2010 at 9:28 AM
  1. If 'configure' can't find ssl, change the configure command to:
    ./configure --prefix=/usr --with-ssl-dir=\ /usr/local/ssl --with-tcp-wrappers 

  2. Sometimes compilation of openssh bombs out with the following error messages:
    sshd.c:1660: error: storage size of req isn't known sshd.c:1663: warning: implicit declaration of function fromhost sshd.c:1660: warning: unused variable req
  3. Another frequent problem is that configure bombs out with the message:
    configure: error: Your OpenSSL headers do not match your library 
    The easiest solution is to go to your openssl directory and type:
    make install cd include/openssl cp * /usr/include/openssl/ cp * /usr/local/ssl/include/openssl/ 
    Compile openssh, using the following command line, and substitute the appropriate path after --with-ssl-dir :
    ./configure --prefix=/usr --with-tcp-wrappers \ --with-ssl-dir=/usr/local/ssl make make install 
  4. If it says:
    Connecting to carbon...  OpenSSL version mismatch. Built against 90603f, you have 90607f  Couldn't read packet: Connection reset by peer 
    Get rid of your old libcrypto libraries in /usr/lib and rerun ldconfig:
    cd /usr/local/ssl/lib cp * /usr/lib/ ldconfig 
    Then rebuild and reinstall openssh (make clean; make; make install), and restart sshd.
  5. Sometimes ssh has the following connection problem:
    On client
    Request for subsystem 'sftp' failed on channel 0 Couldn't read packet: Connection reset by peer
    On server
    sshd[7079]: Accepted password for tjnelson from port 32777 ssh2 sshd[7079]: subsystem request for sftp sshd[7079]: error: subsystem: cannot stat /usr/local/libexec/sftp-server:  No such file or directory sshd[7079]: subsystem request for sftp failed, subsystem not found
    To solve this problem, do the following:
    Edit /etc/ssh/sshd_config and add:
    Subsystem       sftp    /usr/local/libexec/sftp-server Protocol 2
    Create /usr/libexec and make a link to sftp-server. For some reason sshd sometimes looks there instead of the path specified in its configuration file.
    mkdir /usr/libexec cd /usr/libexec ln -s /usr/lib/ssh/sftp-server sftp-server 
    Stop and start sshd (don't restart, because the port takes a while to close).
    cd /etc/rc.d ./sshd stop ./sshd restart 
  6. If it says:
    checking for socklen_t equivalent... configure:  error: Cannot find a type to use in place of socklen_t
    this means your computer is totally screwed, and you should take it out back and shoot it.
  7. If it says:
    sshd re-exec requires execution with an absolute path
    The startup script needs to be modified to include the full path of sshd.
  8. If it says:
    Permission denied (publickey,keyboard-interactive).
    This can happen after an upgrade when you change from PAM to password authentication. Edit /etc/ssh/sshd_conf and change PasswordAuthentication to yes.


Post a Comment

Solaris | Powered by Blogger | Entries (RSS) | Comments (RSS) | Designed by MB Web Design | XML Coded By