[Mandriva] sshd ne démarre plus au boot
Résolu
bob031
Messages postés
8158
Date d'inscription
Statut
Membre
Dernière intervention
-
bob031 Messages postés 8158 Date d'inscription Statut Membre Dernière intervention -
bob031 Messages postés 8158 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
voici mon souci, depuis un certain temps, sur la Mandriva, et du jour au lendemain j'ai le message suivant :
error: Bind to port 22 on 192.168.1.2 failed: Cannot assign requested address
je constate que cela est dû suite à une modification de mon fichier "sshd_config" comme suit :
Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
ListenAddress 192.168.1.2
mon fichier /var/log/messages :
Apr 12 19:20:29 mandriva sshd[4008]: Server listening on 0.0.0.0 port 22.
Apr 12 21:32:34 mandriva sshd[4008]: Received signal 15; terminating.
Apr 13 15:53:10 mandriva sshd[4028]: Server listening on 0.0.0.0 port 22.
Apr 13 20:08:53 mandriva sshd[4028]: Received signal 15; terminating.
Apr 13 20:08:54 mandriva sshd[6248]: Server listening on 192.168.1.2 port 22.
Apr 13 23:05:24 mandriva sshd[6248]: Received signal 15; terminating.
Apr 14 07:44:50 mandriva sshd[3900]: error: Bind to port 22 on 192.168.1.2 failed: Cannot assign requested address.
Apr 14 07:44:50 mandriva sshd[3900]: fatal: Cannot bind any address.
Apr 14 17:54:04 mandriva sshd[3958]: error: Bind to port 22 on 192.168.1.2 failed: Cannot assign requested address.
Apr 14 17:54:04 mandriva sshd[3958]: fatal: Cannot bind any address.
Apr 15 07:22:23 mandriva sshd[3979]: error: Bind to port 22 on 192.168.1.2 failed: Cannot assign requested address.
Apr 15 07:22:23 mandriva sshd[3979]: fatal: Cannot bind any address.
pourtant les informations du fichier sshd_config sont les mêmes pour la debian, la gentoo et la fedora et je n'ai pas ce message d'erreur.
pourtant lorsque je relance le service en console :
[root@mandriva log]# /sbin/service sshd status
sshd est mort, mais le sous-système reste verrouillé
[root@mandriva log]# /sbin/service sshd restart
Arrêt de sshd : [ OK ]
Lancement de sshd : [ OK ]
[root@mandriva log]#
et /var/log/messages :
May 13 07:12:37 mandriva sshd[6030]: Server listening on 192.168.1.2 port 22.
Alors pourquoi avec la Mandriva ????? Bug ????
merci.
peut-être quelques pistes :
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/216847
https://www.hugedomains.com/domain_profile.cfm?d=hagybrandon&e=com
voici mon souci, depuis un certain temps, sur la Mandriva, et du jour au lendemain j'ai le message suivant :
error: Bind to port 22 on 192.168.1.2 failed: Cannot assign requested address
je constate que cela est dû suite à une modification de mon fichier "sshd_config" comme suit :
Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
ListenAddress 192.168.1.2
mon fichier /var/log/messages :
Apr 12 19:20:29 mandriva sshd[4008]: Server listening on 0.0.0.0 port 22.
Apr 12 21:32:34 mandriva sshd[4008]: Received signal 15; terminating.
Apr 13 15:53:10 mandriva sshd[4028]: Server listening on 0.0.0.0 port 22.
Apr 13 20:08:53 mandriva sshd[4028]: Received signal 15; terminating.
Apr 13 20:08:54 mandriva sshd[6248]: Server listening on 192.168.1.2 port 22.
Apr 13 23:05:24 mandriva sshd[6248]: Received signal 15; terminating.
Apr 14 07:44:50 mandriva sshd[3900]: error: Bind to port 22 on 192.168.1.2 failed: Cannot assign requested address.
Apr 14 07:44:50 mandriva sshd[3900]: fatal: Cannot bind any address.
Apr 14 17:54:04 mandriva sshd[3958]: error: Bind to port 22 on 192.168.1.2 failed: Cannot assign requested address.
Apr 14 17:54:04 mandriva sshd[3958]: fatal: Cannot bind any address.
Apr 15 07:22:23 mandriva sshd[3979]: error: Bind to port 22 on 192.168.1.2 failed: Cannot assign requested address.
Apr 15 07:22:23 mandriva sshd[3979]: fatal: Cannot bind any address.
pourtant les informations du fichier sshd_config sont les mêmes pour la debian, la gentoo et la fedora et je n'ai pas ce message d'erreur.
pourtant lorsque je relance le service en console :
[root@mandriva log]# /sbin/service sshd status
sshd est mort, mais le sous-système reste verrouillé
[root@mandriva log]# /sbin/service sshd restart
Arrêt de sshd : [ OK ]
Lancement de sshd : [ OK ]
[root@mandriva log]#
et /var/log/messages :
May 13 07:12:37 mandriva sshd[6030]: Server listening on 192.168.1.2 port 22.
Alors pourquoi avec la Mandriva ????? Bug ????
merci.
peut-être quelques pistes :
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/216847
https://www.hugedomains.com/domain_profile.cfm?d=hagybrandon&e=com
A voir également:
- [Mandriva] sshd ne démarre plus au boot
- Windows ne démarre pas - Guide
- Dual boot - Guide
- Hiren's boot - Télécharger - Divers Utilitaires
- Boot camp - Télécharger - Systèmes d'exploitation
- Clé boot windows - Guide
4 réponses
bon, je n'ai pas encore trouvé le pourquoi ....
autre petit souci, j'ai eu droit à une attaque de type brute force.
[root@mandriva log]# grep Invalid auth.log
May 11 21:04:24 mandriva sshd[7212]: Invalid user admin from 88.33.202.155
May 11 21:04:36 mandriva sshd[7216]: Invalid user stud from 88.33.202.155
May 11 21:04:42 mandriva sshd[7218]: Invalid user trash from 88.33.202.155
May 11 21:04:52 mandriva sshd[7220]: Invalid user aaron from 88.33.202.155
May 11 21:04:58 mandriva sshd[7222]: Invalid user gt05 from 88.33.202.155
May 11 21:05:04 mandriva sshd[7224]: Invalid user william from 88.33.202.155
May 11 21:05:11 mandriva sshd[7226]: Invalid user stephanie from 88.33.202.155
May 11 21:05:49 mandriva sshd[7238]: Invalid user gary from 88.33.202.155
May 11 21:06:02 mandriva sshd[7243]: Invalid user guest from 88.33.202.155
May 11 21:06:08 mandriva sshd[7245]: Invalid user test from 88.33.202.155
May 11 21:06:14 mandriva sshd[7247]: Invalid user oracle from 88.33.202.155
May 11 21:09:01 mandriva sshd[7398]: Invalid user lab from 88.33.202.155
May 11 21:09:14 mandriva sshd[7413]: Invalid user oracle from 88.33.202.155
May 11 21:09:20 mandriva sshd[7415]: Invalid user svn from 88.33.202.155
May 11 21:09:26 mandriva sshd[7418]: Invalid user iraf from 88.33.202.155
May 11 21:09:33 mandriva sshd[7420]: Invalid user swsoft from 88.33.202.155
May 11 21:09:39 mandriva sshd[7422]: Invalid user production from 88.33.202.155
May 11 21:09:45 mandriva sshd[7424]: Invalid user guest from 88.33.202.155
May 11 21:09:51 mandriva sshd[7426]: Invalid user gast from 88.33.202.155
May 11 21:09:58 mandriva sshd[7428]: Invalid user gast from 88.33.202.155
May 11 21:10:04 mandriva sshd[7430]: Invalid user oliver from 88.33.202.155
May 11 21:10:10 mandriva sshd[7432]: Invalid user sirsi from 88.33.202.155
May 11 21:10:16 mandriva sshd[7434]: Invalid user nagios from 88.33.202.155
May 11 21:10:26 mandriva sshd[7436]: Invalid user nagios from 88.33.202.155
May 11 21:10:32 mandriva sshd[7438]: Invalid user nagios from 88.33.202.155
May 11 21:10:38 mandriva sshd[7440]: Invalid user nagios from 88.33.202.155
May 11 21:10:45 mandriva sshd[7443]: Invalid user backuppc from 88.33.202.155
May 11 21:10:51 mandriva sshd[7445]: Invalid user wolfgang from 88.33.202.155
May 11 21:10:57 mandriva sshd[7448]: Invalid user vmware from 88.33.202.155
May 11 21:11:03 mandriva sshd[7450]: Invalid user stats from 88.33.202.155
May 11 21:11:10 mandriva sshd[7452]: Invalid user kor from 88.33.202.155
[root@mandriva log]#
je sais le pourquoi je pense, j'avais commis une grosse bévue dans mes règles iptables
les quelques règles élémentaires de sécurité que j'avais introduites ont fonctionné.
pourtant je m'interroge sur fail2ban que j'avais installé et correctement configuré (enfin je crois), et qui ne m'indique aucun message dans les logs.
merci.
quelques infos glânées :
System: Monitoring the fail2ban log
https://www.the-art-of-web.com/system/fail2ban-log/
quelques idées :
http://ubuntuforums.org/showthread.php?t=444157
quelques commandes utiles :
autre petit souci, j'ai eu droit à une attaque de type brute force.
[root@mandriva log]# grep Invalid auth.log
May 11 21:04:24 mandriva sshd[7212]: Invalid user admin from 88.33.202.155
May 11 21:04:36 mandriva sshd[7216]: Invalid user stud from 88.33.202.155
May 11 21:04:42 mandriva sshd[7218]: Invalid user trash from 88.33.202.155
May 11 21:04:52 mandriva sshd[7220]: Invalid user aaron from 88.33.202.155
May 11 21:04:58 mandriva sshd[7222]: Invalid user gt05 from 88.33.202.155
May 11 21:05:04 mandriva sshd[7224]: Invalid user william from 88.33.202.155
May 11 21:05:11 mandriva sshd[7226]: Invalid user stephanie from 88.33.202.155
May 11 21:05:49 mandriva sshd[7238]: Invalid user gary from 88.33.202.155
May 11 21:06:02 mandriva sshd[7243]: Invalid user guest from 88.33.202.155
May 11 21:06:08 mandriva sshd[7245]: Invalid user test from 88.33.202.155
May 11 21:06:14 mandriva sshd[7247]: Invalid user oracle from 88.33.202.155
May 11 21:09:01 mandriva sshd[7398]: Invalid user lab from 88.33.202.155
May 11 21:09:14 mandriva sshd[7413]: Invalid user oracle from 88.33.202.155
May 11 21:09:20 mandriva sshd[7415]: Invalid user svn from 88.33.202.155
May 11 21:09:26 mandriva sshd[7418]: Invalid user iraf from 88.33.202.155
May 11 21:09:33 mandriva sshd[7420]: Invalid user swsoft from 88.33.202.155
May 11 21:09:39 mandriva sshd[7422]: Invalid user production from 88.33.202.155
May 11 21:09:45 mandriva sshd[7424]: Invalid user guest from 88.33.202.155
May 11 21:09:51 mandriva sshd[7426]: Invalid user gast from 88.33.202.155
May 11 21:09:58 mandriva sshd[7428]: Invalid user gast from 88.33.202.155
May 11 21:10:04 mandriva sshd[7430]: Invalid user oliver from 88.33.202.155
May 11 21:10:10 mandriva sshd[7432]: Invalid user sirsi from 88.33.202.155
May 11 21:10:16 mandriva sshd[7434]: Invalid user nagios from 88.33.202.155
May 11 21:10:26 mandriva sshd[7436]: Invalid user nagios from 88.33.202.155
May 11 21:10:32 mandriva sshd[7438]: Invalid user nagios from 88.33.202.155
May 11 21:10:38 mandriva sshd[7440]: Invalid user nagios from 88.33.202.155
May 11 21:10:45 mandriva sshd[7443]: Invalid user backuppc from 88.33.202.155
May 11 21:10:51 mandriva sshd[7445]: Invalid user wolfgang from 88.33.202.155
May 11 21:10:57 mandriva sshd[7448]: Invalid user vmware from 88.33.202.155
May 11 21:11:03 mandriva sshd[7450]: Invalid user stats from 88.33.202.155
May 11 21:11:10 mandriva sshd[7452]: Invalid user kor from 88.33.202.155
[root@mandriva log]#
je sais le pourquoi je pense, j'avais commis une grosse bévue dans mes règles iptables
les quelques règles élémentaires de sécurité que j'avais introduites ont fonctionné.
pourtant je m'interroge sur fail2ban que j'avais installé et correctement configuré (enfin je crois), et qui ne m'indique aucun message dans les logs.
merci.
quelques infos glânées :
System: Monitoring the fail2ban log
https://www.the-art-of-web.com/system/fail2ban-log/
quelques idées :
http://ubuntuforums.org/showthread.php?t=444157
quelques commandes utiles :
# netstat -tulpn | grep :22 # /usr/sbin/sshd -t
je commence à voir la "lumière" ...
[root@mandriva log]# grep ERROR fail2ban.log
2008-04-13 20:40:14,195 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-04-13 23:05:24,979 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-04-14 07:44:55,790 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-04-14 12:49:30,278 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-04-14 12:49:35,168 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-04-14 12:53:45,941 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-04-14 12:53:51,213 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-04-14 12:56:39,752 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-04-14 12:56:44,281 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
les dates dans fail2ban.log et /var/log/messages sont identiques : 2008-04-13
je pense que je n'ai pas bien compris "faire écouter ssh que sur une interface donnée" (option ListenAddress)
je vais remettre :
et voir ce que cela donne !
[root@mandriva log]# grep ERROR fail2ban.log
2008-04-13 20:40:14,195 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-04-13 23:05:24,979 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-04-14 07:44:55,790 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-04-14 12:49:30,278 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-04-14 12:49:35,168 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-04-14 12:53:45,941 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-04-14 12:53:51,213 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-04-14 12:56:39,752 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-04-14 12:56:44,281 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
les dates dans fail2ban.log et /var/log/messages sont identiques : 2008-04-13
je pense que je n'ai pas bien compris "faire écouter ssh que sur une interface donnée" (option ListenAddress)
je vais remettre :
ListenAddress 0.0.0.0
et voir ce que cela donne !
ok ! avec :
ListenAddress 0.0.0.0
sshd démarre au boot !
concernant fail2ban : j'ai le sentiment que l'IP n'est pas bannie, puisque je ne vois pas de message m'indiquant que cela a été fait !
de plus j'ai toujours ceci :
2008-05-13 06:15:41,615 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-05-13 09:40:21,046 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-05-13 12:03:57,944 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
pas très clair tout ça .....je ne suis pas prêt de voir la "lumière" !
:-))
ListenAddress 0.0.0.0
sshd démarre au boot !
concernant fail2ban : j'ai le sentiment que l'IP n'est pas bannie, puisque je ne vois pas de message m'indiquant que cela a été fait !
de plus j'ai toujours ceci :
2008-05-13 06:15:41,615 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
2008-05-13 09:40:21,046 fail2ban.actions.action: ERROR rm -f <tmpfile> returned 200
2008-05-13 12:03:57,944 fail2ban.actions.action: ERROR touch <tmpfile> returned 200
pas très clair tout ça .....je ne suis pas prêt de voir la "lumière" !
:-))
Bouaaaaaaaaaaaaaaaaa !
bon ben tout semble fonctionner correctement !
sshd : ok mais je comprend pas pourquoi "ListenAddress 192.168.1.2" ne fonctionne pas !
fail2ban : mon pote du 88.33.202.155 a bien été banni !
[root@mandriva ~]# fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf
Running tests
=============
Use regex file : /etc/fail2ban/filter.d/sshd.conf
Use log file : /var/log/auth.log
Results
=======
Failregex:
[1] Authentication failure for .* from <HOST>
[2] Failed [-/\w+]+ for .* from <HOST>
[3] ROOT LOGIN REFUSED .* FROM <HOST>
[4] [iI](?:llegal|nvalid) user .* from <HOST>
Number of matches:
[1] 0 match(es)
[2] 0 match(es)
[3] 0 match(es)
[4] 31 match(es)
Addresses found:
[1]
[2]
[3]
[4]
88.33.202.155 (Sun May 11 21:04:24 2008)
88.33.202.155 (Sun May 11 21:04:36 2008)
88.33.202.155 (Sun May 11 21:04:42 2008)
88.33.202.155 (Sun May 11 21:04:52 2008)
88.33.202.155 (Sun May 11 21:04:58 2008)
88.33.202.155 (Sun May 11 21:05:04 2008)
88.33.202.155 (Sun May 11 21:05:11 2008)
88.33.202.155 (Sun May 11 21:05:49 2008)
88.33.202.155 (Sun May 11 21:06:02 2008)
88.33.202.155 (Sun May 11 21:06:08 2008)
88.33.202.155 (Sun May 11 21:06:14 2008)
88.33.202.155 (Sun May 11 21:09:01 2008)
88.33.202.155 (Sun May 11 21:09:14 2008)
88.33.202.155 (Sun May 11 21:09:20 2008)
88.33.202.155 (Sun May 11 21:09:26 2008)
88.33.202.155 (Sun May 11 21:09:33 2008)
88.33.202.155 (Sun May 11 21:09:39 2008)
88.33.202.155 (Sun May 11 21:09:45 2008)
88.33.202.155 (Sun May 11 21:09:51 2008)
88.33.202.155 (Sun May 11 21:09:58 2008)
88.33.202.155 (Sun May 11 21:10:04 2008)
88.33.202.155 (Sun May 11 21:10:10 2008)
88.33.202.155 (Sun May 11 21:10:16 2008)
88.33.202.155 (Sun May 11 21:10:26 2008)
88.33.202.155 (Sun May 11 21:10:32 2008)
88.33.202.155 (Sun May 11 21:10:38 2008)
88.33.202.155 (Sun May 11 21:10:45 2008)
88.33.202.155 (Sun May 11 21:10:51 2008)
88.33.202.155 (Sun May 11 21:10:57 2008)
88.33.202.155 (Sun May 11 21:11:03 2008)
88.33.202.155 (Sun May 11 21:11:10 2008)
Date template hits:
31 hit: Month Day Hour:Minute:Second
0 hit: Weekday Month Day Hour:Minute:Second Year
0 hit: Year/Month/Day Hour:Minute:Second
0 hit: Day/Month/Year:Hour:Minute:Second
0 hit: Year-Month-Day Hour:Minute:Second
0 hit: TAI64N
0 hit: Epoch
Success, the total number of match is 31
However, look at the above section 'Running tests' which could contain important
information.
[root@mandriva ~]#
source : http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Testing
un détail omis : j'utilise postfix !
FIN !
bon ben tout semble fonctionner correctement !
sshd : ok mais je comprend pas pourquoi "ListenAddress 192.168.1.2" ne fonctionne pas !
fail2ban : mon pote du 88.33.202.155 a bien été banni !
[root@mandriva ~]# fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf
Running tests
=============
Use regex file : /etc/fail2ban/filter.d/sshd.conf
Use log file : /var/log/auth.log
Results
=======
Failregex:
[1] Authentication failure for .* from <HOST>
[2] Failed [-/\w+]+ for .* from <HOST>
[3] ROOT LOGIN REFUSED .* FROM <HOST>
[4] [iI](?:llegal|nvalid) user .* from <HOST>
Number of matches:
[1] 0 match(es)
[2] 0 match(es)
[3] 0 match(es)
[4] 31 match(es)
Addresses found:
[1]
[2]
[3]
[4]
88.33.202.155 (Sun May 11 21:04:24 2008)
88.33.202.155 (Sun May 11 21:04:36 2008)
88.33.202.155 (Sun May 11 21:04:42 2008)
88.33.202.155 (Sun May 11 21:04:52 2008)
88.33.202.155 (Sun May 11 21:04:58 2008)
88.33.202.155 (Sun May 11 21:05:04 2008)
88.33.202.155 (Sun May 11 21:05:11 2008)
88.33.202.155 (Sun May 11 21:05:49 2008)
88.33.202.155 (Sun May 11 21:06:02 2008)
88.33.202.155 (Sun May 11 21:06:08 2008)
88.33.202.155 (Sun May 11 21:06:14 2008)
88.33.202.155 (Sun May 11 21:09:01 2008)
88.33.202.155 (Sun May 11 21:09:14 2008)
88.33.202.155 (Sun May 11 21:09:20 2008)
88.33.202.155 (Sun May 11 21:09:26 2008)
88.33.202.155 (Sun May 11 21:09:33 2008)
88.33.202.155 (Sun May 11 21:09:39 2008)
88.33.202.155 (Sun May 11 21:09:45 2008)
88.33.202.155 (Sun May 11 21:09:51 2008)
88.33.202.155 (Sun May 11 21:09:58 2008)
88.33.202.155 (Sun May 11 21:10:04 2008)
88.33.202.155 (Sun May 11 21:10:10 2008)
88.33.202.155 (Sun May 11 21:10:16 2008)
88.33.202.155 (Sun May 11 21:10:26 2008)
88.33.202.155 (Sun May 11 21:10:32 2008)
88.33.202.155 (Sun May 11 21:10:38 2008)
88.33.202.155 (Sun May 11 21:10:45 2008)
88.33.202.155 (Sun May 11 21:10:51 2008)
88.33.202.155 (Sun May 11 21:10:57 2008)
88.33.202.155 (Sun May 11 21:11:03 2008)
88.33.202.155 (Sun May 11 21:11:10 2008)
Date template hits:
31 hit: Month Day Hour:Minute:Second
0 hit: Weekday Month Day Hour:Minute:Second Year
0 hit: Year/Month/Day Hour:Minute:Second
0 hit: Day/Month/Year:Hour:Minute:Second
0 hit: Year-Month-Day Hour:Minute:Second
0 hit: TAI64N
0 hit: Epoch
Success, the total number of match is 31
However, look at the above section 'Running tests' which could contain important
information.
[root@mandriva ~]#
source : http://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Testing
un détail omis : j'utilise postfix !
FIN !