ssh with xinetd

Question

I want to configure xinetd for ssh connections (port 55555).

Here is my config files:

/etc/xinetd.d/sshd

service ssh
{
        disable = no
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/sbin/sshd
        server_args     = -i
        log_on_success += HOST PID
        log_on_failure += HOST USERID
        nice            = 10
}

Then I change the port number in the service file :

vi /etc/services
    ssh  55555/tcp

Finally , I stop ssh deamon et restart xinedt:

service sshd stop
service xinetd restart

I have set port to 55555 and I have tried to log with putty. "Welcome page" is displayed, but when entering password, error is displayed.

"Network error: Software caused connection abord"

I check xinetd status, there is no pb.

In the log file(/var/log/secure) :

May 22 16:00:00 ttpp sshd[12734]: debug1: do_cleanup
May 22 16:00:00 ttpp sshd[12734]: debug1: PAM: cleanup
May 22 16:00:14 ttpp sshd[12761]: debug1: Bind to port 54321 on ::.
May 22 16:00:14 ttpp sshd[12761]: Server listening on :: port 54321.
May 22 16:00:14 ttpp sshd[12761]: debug1: Bind to port 54321 on 0.0.0.0.
May 22 16:00:14 ttpp sshd[12761]: error: Bind to port 54321 on 0.0.0.0 failed: Address already in use.
May 22 16:00:25 ttpp sshd[12763]: debug1: rexec start in 4 out 4 newsock 4 pipe 6 sock 7
May 22 16:00:25 ttpp sshd[12761]: debug1: Forked child 12763.
May 22 16:00:25 ttpp sshd[12763]: debug1: inetd sockets after dupping: 3, 3
May 22 16:00:25 ttpp sshd[12763]: Connection from ***.***.***.*** port 61943
May 22 16:00:25 ttpp sshd[12763]: debug1: Client protocol version 2.0; client software version PuTTY_Release_0.62
May 22 16:00:25 ttpp sshd[12763]: debug1: no match: PuTTY_Release_0.62
May 22 16:00:25 ttpp sshd[12763]: debug1: Enabling compatibility mode for protocol 2.0
May 22 16:00:25 ttpp sshd[12763]: debug1: Local version string SSH-2.0-OpenSSH_4.3
May 22 16:00:25 ttpp sshd[12764]: debug1: permanently_set_uid: 74/74
May 22 16:00:25 ttpp sshd[12764]: debug1: list_hostkey_types: ssh-rsa,ssh-dss
May 22 16:00:25 ttpp sshd[12764]: debug1: SSH2_MSG_KEXINIT sent
May 22 16:00:25 ttpp sshd[12764]: debug1: SSH2_MSG_KEXINIT received
May 22 16:00:25 ttpp sshd[12764]: debug1: kex: client->server aes256-ctr hmac-sha1 none
May 22 16:00:25 ttpp sshd[12764]: debug1: kex: server->client aes256-ctr hmac-sha1 none
May 22 16:00:25 ttpp sshd[12764]: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
May 22 16:00:25 ttpp sshd[12764]: debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
May 22 16:00:25 ttpp sshd[12764]: debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
May 22 16:00:25 ttpp sshd[12764]: debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
May 22 16:00:25 ttpp sshd[12764]: debug1: SSH2_MSG_NEWKEYS sent
May 22 16:00:25 ttpp sshd[12764]: debug1: expecting SSH2_MSG_NEWKEYS
May 22 16:00:25 ttpp sshd[12764]: debug1: SSH2_MSG_NEWKEYS received
May 22 16:00:25 ttpp sshd[12764]: debug1: KEX done
May 22 16:00:26 ttpp sshd[12764]: debug1: userauth-request for user **** service ssh-connection method none
May 22 16:00:26 ttpp sshd[12764]: debug1: attempt 0 failures 0
May 22 16:00:26 ttpp sshd[12763]: debug1: PAM: initializing for "****"
May 22 16:00:26 ttpp sshd[12764]: debug1: userauth-request for user **** service ssh-connection method gssapi-with-mic
May 22 16:00:26 ttpp sshd[12764]: debug1: attempt 1 failures 1
May 22 16:00:26 ttpp sshd[12763]: debug1: PAM: setting PAM_RHOST to "p37200-ipbffx02marunouchi.tokyo.ocn.ne.jp"
May 22 16:00:26 ttpp sshd[12763]: debug1: PAM: setting PAM_TTY to "ssh"
May 22 16:00:26 ttpp sshd[12763]: debug1: An invalid name was supplied\nHostname cannot be canonicalized\n
May 22 16:00:30 ttpp sshd[12764]: debug1: userauth-request for user **** service ssh-connection method password
May 22 16:00:30 ttpp sshd[12764]: debug1: attempt 2 failures 2
May 22 16:00:30 ttpp sshd[12763]: debug1: PAM: password authentication accepted for ****
May 22 16:00:30 ttpp sshd[12763]: debug1: do_pam_account: called
May 22 16:00:30 ttpp sshd[12763]: Accepted password for **** from ***.***.***.*** port 61943 ssh2
May 22 16:00:30 ttpp sshd[12763]: debug1: monitor_child_preauth: **** has been authenticated by privileged process
May 22 16:00:30 ttpp sshd[12763]: debug1: temporarily_use_uid: 501/10 (e=0/0)
May 22 16:00:30 ttpp sshd[12763]: debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism
May 22 16:00:30 ttpp sshd[12763]: debug1: restore_uid: 0/0
May 22 16:00:30 ttpp sshd[12763]: debug1: PAM: establishing credentials
May 22 16:00:30 ttpp sshd[12763]: pam_unix(sshd:session): session opened for user **** by (uid=0)
May 22 16:00:30 ttpp sshd[12765]: debug1: PAM: reinitializing credentials
May 22 16:00:30 ttpp sshd[12765]: debug1: permanently_set_uid: 501/10
May 22 16:00:30 ttpp sshd[12765]: debug1: Entering interactive session for SSH2.
May 22 16:00:30 ttpp sshd[12765]: debug1: server_init_dispatch_20
May 22 16:00:30 ttpp sshd[12765]: debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
May 22 16:00:30 ttpp sshd[12765]: debug1: input_session_request
May 22 16:00:30 ttpp sshd[12765]: debug1: channel 0: new [server-session]
May 22 16:00:30 ttpp sshd[12765]: debug1: session_new: init
May 22 16:00:30 ttpp sshd[12765]: debug1: session_new: session 0
May 22 16:00:30 ttpp sshd[12765]: debug1: session_open: channel 0
May 22 16:00:30 ttpp sshd[12765]: debug1: session_open: session 0: link with channel 0
May 22 16:00:30 ttpp sshd[12765]: debug1: server_input_channel_open: confirm session
May 22 16:00:30 ttpp sshd[12765]: debug1: server_input_channel_req: channel 0 request pty-req reply 1
May 22 16:00:30 ttpp sshd[12765]: debug1: session_by_channel: session 0 channel 0
May 22 16:00:30 ttpp sshd[12765]: debug1: session_input_channel_req: session 0 req pty-req
May 22 16:00:30 ttpp sshd[12765]: debug1: Allocating pty.
May 22 16:00:30 ttpp sshd[12763]: debug1: session_new: init
May 22 16:00:30 ttpp sshd[12763]: debug1: session_new: session 0
May 22 16:00:30 ttpp sshd[12763]: debug1: user_context: user_u:system_r:unconfined_t old_tty_context: user_u:object_r:devpts_t
May 22 16:00:30 ttpp sshd[12765]: debug1: session_pty_req: session 0 alloc /dev/pts/4
May 22 16:00:30 ttpp sshd[12765]: debug1: server_input_channel_req: channel 0 request shell reply 1
May 22 16:00:30 ttpp sshd[12765]: debug1: session_by_channel: session 0 channel 0
May 22 16:00:30 ttpp sshd[12765]: debug1: session_input_channel_req: session 0 req shell
May 22 16:00:30 ttpp sshd[12766]: debug1: Setting controlling tty using TIOCSCTTY.
May 22 16:00:33 ttpp sshd[12765]: debug1: server_input_channel_req: channel 0 request window-change reply 0
May 22 16:00:33 ttpp sshd[12765]: debug1: session_by_channel: session 0 channel 0
May 22 16:00:33 ttpp sshd[12765]: debug1: session_input_channel_req: session 0 req window-change
May 22 17:21:31 ttpp sshd[12761]: debug1: Forked child 13170.
May 22 17:21:31 ttpp sshd[13170]: debug1: rexec start in 4 out 4 newsock 4 pipe 6 sock 7
May 22 17:21:31 ttpp sshd[13170]: debug1: inetd sockets after dupping: 3, 3
May 22 17:21:31 ttpp sshd[13170]: Connection from ***.***.***.*** port 62208
May 22 17:21:31 ttpp sshd[13170]: debug1: Client protocol version 2.0; client software version PuTTY_Release_0.62
May 22 17:21:31 ttpp sshd[13170]: debug1: no match: PuTTY_Release_0.62
May 22 17:21:31 ttpp sshd[13170]: debug1: Enabling compatibility mode for protocol 2.0
May 22 17:21:31 ttpp sshd[13170]: debug1: Local version string SSH-2.0-OpenSSH_4.3
May 22 17:21:31 ttpp sshd[13171]: debug1: permanently_set_uid: 74/74
May 22 17:21:31 ttpp sshd[13171]: debug1: list_hostkey_types: ssh-rsa,ssh-dss
May 22 17:21:31 ttpp sshd[13171]: debug1: SSH2_MSG_KEXINIT sent
May 22 17:21:31 ttpp sshd[13171]: debug1: SSH2_MSG_KEXINIT received
May 22 17:21:31 ttpp sshd[13171]: debug1: kex: client->server aes256-ctr hmac-sha1 none
May 22 17:21:31 ttpp sshd[13171]: debug1: kex: server->client aes256-ctr hmac-sha1 none
May 22 17:21:31 ttpp sshd[13171]: debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
May 22 17:21:31 ttpp sshd[13171]: debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
May 22 17:21:31 ttpp sshd[13171]: debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
May 22 17:21:31 ttpp sshd[13171]: debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
May 22 17:21:31 ttpp sshd[13171]: debug1: SSH2_MSG_NEWKEYS sent
May 22 17:21:31 ttpp sshd[13171]: debug1: expecting SSH2_MSG_NEWKEYS
May 22 17:21:31 ttpp sshd[13171]: debug1: SSH2_MSG_NEWKEYS received
May 22 17:21:31 ttpp sshd[13171]: debug1: KEX done
May 22 17:21:34 ttpp sshd[13171]: debug1: userauth-request for user **** service ssh-connection method none
May 22 17:21:34 ttpp sshd[13171]: debug1: attempt 0 failures 0
May 22 17:21:34 ttpp sshd[13170]: debug1: PAM: initializing for "****"
May 22 17:21:34 ttpp sshd[13170]: debug1: PAM: setting PAM_RHOST to "p37200-ipbffx02marunouchi.tokyo.ocn.ne.jp"
May 22 17:21:34 ttpp sshd[13170]: debug1: PAM: setting PAM_TTY to "ssh"
May 22 17:21:34 ttpp sshd[13171]: debug1: userauth-request for user **** service ssh-connection method gssapi-with-mic
May 22 17:21:34 ttpp sshd[13171]: debug1: attempt 1 failures 1
May 22 17:21:34 ttpp sshd[13170]: debug1: An invalid name was supplied\nHostname cannot be canonicalized\n
May 22 17:21:36 ttpp sshd[13171]: debug1: userauth-request for user **** service ssh-connection method password
May 22 17:21:36 ttpp sshd[13171]: debug1: attempt 2 failures 2
May 22 17:21:36 ttpp sshd[13170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=p37200-ipbffx02marunouchi.tokyo.ocn.ne.jp  user=****
May 22 17:21:39 ttpp sshd[13170]: debug1: PAM: password authentication failed for ****: Authentication failure
May 22 17:21:39 ttpp sshd[13170]: Failed password for **** from ***.***.***.*** port 62208 ssh2
May 22 17:21:42 ttpp sshd[13171]: debug1: userauth-request for user **** service ssh-connection method password
May 22 17:21:42 ttpp sshd[13171]: debug1: attempt 3 failures 3
May 22 17:21:42 ttpp sshd[13170]: debug1: PAM: password authentication accepted for ****
May 22 17:21:42 ttpp sshd[13170]: debug1: do_pam_account: called
May 22 17:21:42 ttpp sshd[13170]: Accepted password for **** from ***.***.***.*** port 62208 ssh2
May 22 17:21:42 ttpp sshd[13170]: debug1: monitor_child_preauth: **** has been authenticated by privileged process
May 22 17:21:42 ttpp sshd[13170]: debug1: temporarily_use_uid: 501/10 (e=0/0)
May 22 17:21:42 ttpp sshd[13170]: debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism
May 22 17:21:42 ttpp sshd[13170]: debug1: restore_uid: 0/0
May 22 17:21:42 ttpp sshd[13170]: debug1: PAM: establishing credentials
May 22 17:21:42 ttpp sshd[13170]: pam_unix(sshd:session): session opened for user **** by (uid=0)
May 22 17:21:42 ttpp sshd[13172]: debug1: PAM: reinitializing credentials
May 22 17:21:42 ttpp sshd[13172]: debug1: permanently_set_uid: 501/10
May 22 17:21:42 ttpp sshd[13172]: debug1: Entering interactive session for SSH2.
May 22 17:21:42 ttpp sshd[13172]: debug1: server_init_dispatch_20
May 22 17:21:42 ttpp sshd[13172]: debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
May 22 17:21:42 ttpp sshd[13172]: debug1: input_session_request
May 22 17:21:42 ttpp sshd[13172]: debug1: channel 0: new [server-session]
May 22 17:21:42 ttpp sshd[13172]: debug1: session_new: init
May 22 17:21:42 ttpp sshd[13172]: debug1: session_new: session 0
May 22 17:21:42 ttpp sshd[13172]: debug1: session_open: channel 0
May 22 17:21:42 ttpp sshd[13172]: debug1: session_open: session 0: link with channel 0
May 22 17:21:42 ttpp sshd[13172]: debug1: server_input_channel_open: confirm session
May 22 17:21:42 ttpp sshd[13172]: debug1: server_input_channel_req: channel 0 request pty-req reply 1
May 22 17:21:42 ttpp sshd[13172]: debug1: session_by_channel: session 0 channel 0
May 22 17:21:42 ttpp sshd[13172]: debug1: session_input_channel_req: session 0 req pty-req
May 22 17:21:42 ttpp sshd[13172]: debug1: Allocating pty.
May 22 17:21:42 ttpp sshd[13170]: debug1: session_new: init
May 22 17:21:42 ttpp sshd[13170]: debug1: session_new: session 0
May 22 17:21:42 ttpp sshd[13170]: debug1: user_context: user_u:system_r:unconfined_t old_tty_context: user_u:object_r:devpts_t
May 22 17:21:42 ttpp sshd[13172]: debug1: session_pty_req: session 0 alloc /dev/pts/5
May 22 17:21:42 ttpp sshd[13172]: debug1: server_input_channel_req: channel 0 request shell reply 1
May 22 17:21:42 ttpp sshd[13172]: debug1: session_by_channel: session 0 channel 0
May 22 17:21:42 ttpp sshd[13172]: debug1: session_input_channel_req: session 0 req shell
May 22 17:21:42 ttpp sshd[13173]: debug1: Setting controlling tty using TIOCSCTTY.
May 22 17:21:44 ttpp sshd[13172]: debug1: server_input_channel_req: channel 0 request window-change reply 0
May 22 17:21:44 ttpp sshd[13172]: debug1: session_by_channel: session 0 channel 0
May 22 17:21:44 ttpp sshd[13172]: debug1: session_input_channel_req: session 0 req window-change
May 22 17:22:10 ttpp sudo:     **** : TTY=pts/5 ; PWD=/home/**** ; USER=root ; COMMAND=/usr/bin/tail -150 /var/log/secure

OS: centos 5

Any ideas ?

Thank you !

why this question is down-rated?! I have same problem now, same problem which was already asked 9 years ago here and still there is no correct aswser for this old question!!! — Mojtaba Rezaeian, Apr 12 '21 at 20:46

score 1 · Answer 1 · answered May 22 '12 at 11:42

1

Why would you do this versus setting Port 55555 in the /etc/ssh/sshd_config configuration file? Is this a security issue or a resource issue?

answered May 22 '12 at 11:42

ewwhite

194,921
91
434
799

1

I also set Port 5555 in /etc/ssh/sshd_config . It seems that SElinux blocks ssh connections... any ideas ? Thank you – canu johann May 23 '12 at 01:00

score 0 · Answer 2 · answered May 22 '12 at 06:54

0

I would switch log level to DEBUG in /etc/ssh/sshd_config, try to login again and then check /var/log/auth (or /var/log/secure) to see the errors.

answered May 22 '12 at 06:54

Zaar Hai

447
5
12

Thank you for your answer. I have tried with the debug mode. (see message) – May 22 '12 at 07:04
So far I did not see any errors in the log. Are you sure these are all of the log messages after you get "Network error: Software caused connection abord"? If yes, then I would try running ssh in regular mode on port 22 and see that everything is working. – Zaar Hai May 22 '12 at 08:19
Thank you. Without xinetd, ssh connections work. I have update log output (last 100 lines). I appreciate your help ! – May 22 '12 at 08:28
Sorry, I'm out of clues for xinetd. If you just want SSH daemon to listen on higher port, then you can set so in sshd_config. – Zaar Hai May 22 '12 at 09:16
Thank you for your help. If I found a solution, I will post it here ! – May 22 '12 at 09:23
Maybe I 've found error ! SElinux blocks connection : May 22 18:40:12 ttpp sshd[13904]: error: deny MLS level s0-s0:c0.c1023 May 22 18:40:12 tt-ppy sshd[13904]: error: Failed to get default securit May 22 18:40:12 tt-pp sshd[13904]: fatal: SELinux failure. Aborting con – May 22 '12 at 09:43

ssh with xinetd

2 Answers2