 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
I have a co-located Solaris 2.6 server that I can no longer log into
remotely, and I've been unable to identify how it broke or how I can fix
it. We'll be building a replacement once we identify all the dependencies,
but in the meantime I need to re-enable remote access.
When I ssh to it from an OpenSSH client, it hangs immediately after I type
my password, until I type something. As soon as I touch the keyboard, it
gives the error
Received disconnect: 2: Window overflow received channel data.
When I try to connect with the commercial ssh 2.3.0 client, I get the
following immediately after typing my password:
Authentication successful.
Failed to allocate pty!
After getting these results, I enabled telnet for testing, and got the
following:
Connected to xxxxxxxx.
Escape character is '^]'.
telnetd: could not grant slave pty.
Connection closed by foreign host.
I can login on the console with no problems.
I can find nothing on the system that would be using up ptys. The system
is running sshd 2.0.13, apache 1.3.12, an Oracle client, and something
called WebCrossing.
I've been searcing the web for attacks that disable ptys, and came up with
a report about Rootkit/Smurf Payload Toolkit, but I found no evidence on
the system that seemed to match this.
As far as the ptys are concerned, I looked at /dev/pty* and
/devices/pseudo/ptc at 0:pty* and compared these to another Solaris 2.6
server that doesn't have this problem, and found them identical. They all
have the same permissions, same owner and group (root/sys), same major and
minor numbers (25 and 0-47).
I don't know what else to check at this point. Any suggestions would be
appreciated.
Thanks.
--
John Abreau / Executive Director, Boston Linux & Unix
ICQ#28611923 / AIM abreauj / Email jabr at blu.org
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
