[500XRP悬赏] OpenVZ ubuntu10.04 中 SSH 无法启动的问题

juicy

2014-01-07 11:03:05 +08:00

没用过10.04，只用过12.04，不知道我推测的方式是否在10.04还是有效，不管怎样，还是试试吧

先尝试重启下sshd服务，然后试试 less /var/log/auth.log|grep ssh

看看输出什么

felix021

2014-01-07 11:04:54 +08:00

sshd -d

andybest

2014-01-07 11:07:46 +08:00

@juicy

Starting PowerConsole v1.3 <> (c)2012 soluslabs ltd.
please wait...
successfully logged in.
entered into CT 1980
root@ssd:/# /etc/init.d/ssh restart
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service ssh restart

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the restart(8) utility, e.g. restart ssh
ssh stop/pre-start, process 502
root@ssd:/#
root@ssd:/# less /var/log/auth.log|grep ssh
Jan 10 14:10:50 atlsvz7 sshd[30]: Received signal 15; terminating.
Jan 10 14:10:50 atlsvz7 sshd[144]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:50 atlsvz7 sshd[144]: Server listening on :: port 22.
Jan 10 14:10:50 atlsvz7 sshd[144]: Received signal 15; terminating.
Jan 10 14:10:50 atlsvz7 sshd[251]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:50 atlsvz7 sshd[251]: Server listening on :: port 22.
Jan 10 14:10:50 atlsvz7 sshd[251]: Received signal 15; terminating.
Jan 10 14:10:50 atlsvz7 sshd[277]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:50 atlsvz7 sshd[277]: Server listening on :: port 22.
Jan 10 14:10:50 atlsvz7 sshd[277]: Received signal 15; terminating.
Jan 10 14:10:50 atlsvz7 sshd[304]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:50 atlsvz7 sshd[304]: Server listening on :: port 22.
Jan 10 14:10:50 atlsvz7 sshd[304]: Received signal 15; terminating.
Jan 10 14:10:52 ssd sshd[222]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:52 ssd sshd[222]: Server listening on :: port 22.
Jan 10 14:10:52 ssd sshd[222]: Received signal 15; terminating.
Jan 10 14:10:52 ssd sshd[292]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:52 ssd sshd[292]: Server listening on :: port 22.
Jan 10 14:10:52 ssd sshd[292]: Received signal 15; terminating.
Jan 10 14:10:52 ssd sshd[340]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:52 ssd sshd[340]: Server listening on :: port 22.
....
Jan 10 14:10:57 ssd sshd[2965]: Received signal 15; terminating.
Jan 10 14:10:57 ssd sshd[2991]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:57 ssd sshd[2991]: Server listening on :: port 22.
Jan 10 14:12:53 ssd sshd[3144]: Accepted password for root from 222.125.162.152 port 62849 ssh2
Jan 10 14:12:53 ssd sshd[3144]: pam_env(sshd:setcred): Unable to open env file: /etc/default/locale: No such file or directory
Jan 10 14:12:53 ssd sshd[3144]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jan 10 14:12:54 ssd sshd[3155]: error: lastlog_get_entry: Error reading from /var/log/lastlog: Expecting 292, got 1
Jan 10 14:12:54 ssd sshd[3155]: pam_env(sshd:setcred): Unable to open env file: /etc/default/locale: No such file or directory
root@ssd:/#
root@ssd:/# date
Tue Jan 7 11:06:07 CST 2014
root@ssd:/#
root@ssd:/#

andybest

2014-01-07 11:09:31 +08:00

@juicy 非常感谢，但在 /var/log/auth.log 似乎没记录到启动信息呢，是不是日志进程没有开启？

andybest

2014-01-07 11:11:34 +08:00

@felix021 谢谢，sshd -d 怎么运行应该？这样正确吗？

root@ssd:~# /etc/init.d/ssh -d
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service ssh -d

The script you are attempting to invoke has been converted to an Upstart
job, but -d is not supported for Upstart jobs.
root@ssd:~#

felix021

2014-01-07 11:19:18 +08:00

@andybest /usr/sbin/sshd -d

juicy

2014-01-07 11:30:02 +08:00

@andybest

Server listening on 0.0.0.0 port 22.
这个应该表示sshd服务正在正常监听22端口吧，但是还是找不到sshd的进程么？

ps aux|grep ssh 的结果是什么

（另外，日志记录的怎么是Jan 10那天的信息。。。难道是去年的。。。）

andybest

2014-01-07 11:40:08 +08:00

@felix021

root@ssd:/# /usr/sbin/sshd -d
debug1: sshd version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: read PEM private key done: type RSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: private host key: #1 type 2 DSA
Missing privilege separation directory: /var/run/sshd
root@ssd:/#

运行后SSH仍然是未启动状态：
root@ssd:/# netstat -nl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 2875821005 @/com/ubuntu/upstart
root@ssd:/#
root@ssd:/# ps auxf
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 1.0 2504 1360 ? Ss 09:50 0:00 init
root 2 0.0 0.0 0 0 ? S 09:50 0:00 [kthreadd/1980]
root 3 0.0 0.0 0 0 ? S 09:50 0:00 \_ [khelper/1980]
root 270 0.0 0.6 2336 888 ? Ss 09:50 0:00 cron
root 477 0.0 0.5 27496 752 ? Ss 11:05 0:00 vzctl: pts/0
root 478 0.0 1.2 3004 1648 pts/0 Ss+ 11:05 0:00 \_ -bash
root 548 0.0 0.5 27496 756 ? Ss 11:31 0:00 vzctl: pts/1
root 549 0.0 1.2 3004 1628 pts/1 Ss+ 11:31 0:00 \_ -bash
root 568 0.0 0.5 27496 756 ? Ss 11:38 0:00 vzctl: pts/2
root 569 0.0 1.2 3004 1640 pts/2 Ss 11:38 0:00 \_ -bash
root 582 0.0 0.6 2392 856 pts/2 R+ 11:39 0:00 \_ ps auxf

andybest

2014-01-07 11:41:58 +08:00

@juicy 日志的确是去年的，我通常买了VPS后会关闭不必要的服务，，不知道是关了什么导致没有日志记录（安装什么可以恢复日志记录？）

Server listening on 0.0.0.0 port 22.
后但没有任何SSH进程（可以在ps auxf中看到，没有sshd）

root@ssd:/# ps aux|grep ssh
root 584 0.0 0.4 1820 568 pts/2 S+ 11:40 0:00 grep --color=auto ssh
root@ssd:/#

juicy

2014-01-07 11:45:36 +08:00

看到你刚在的回复，你看看 /var/run/ 下有没有 sshd/ 文件夹，有的话删掉试试

andybest

2014-01-07 11:50:55 +08:00

@juicy 谢谢，没有这个文件夹：

root@ssd:/var/run# ls sshd
ls: cannot access sshd: No such file or directory

root@ssd:/var/run# ls ssh
ls: cannot access ssh: No such file or directory

juicy

2014-01-07 11:55:06 +08:00

那你手动创建一个

mkdir /var/run/sshd
chmod 0755 /var/run/sshd

然后再尝试重启服务

andybest

2014-01-07 12:04:08 +08:00

@juicy 谢谢

root@ssd:/# mkdir /var/run/sshd
root@ssd:/# chmod 0755 /var/run/sshd
root@ssd:/# /etc/init.d/ssh restart
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service ssh restart

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the restart(8) utility, e.g. restart ssh
ssh stop/pre-start, process 641
root@ssd:/#

执行完毕后检查 ps auxf 与 netstat -nl 还与之前完全一样，并且/var/run/sshd无任何内容：

root@ssd:/var/run/sshd# ls -l
total 0
root@ssd:/var/run/sshd#

evefree2

2014-01-07 12:16:53 +08:00

我用debian，前几天也是装了openvz，ssh启动不了，不过后来解决了，错误和楼主不太一样

juicy

2014-01-07 12:19:31 +08:00

/etc/ssh/sshd_not_to_be_run 这个文件存在吗？

andybest

2014-01-07 12:43:56 +08:00

@juicy 不存在

root@ssd:/# ls /etc/ssh/sshd_not_to_be_run
ls: cannot access /etc/ssh/sshd_not_to_be_run: No such file or directory

每次这个问题出现都是服务器重启，或者官方维护导致offline后，我再online后 SSH 就无法启动了

andybest

2014-01-07 12:44:49 +08:00

@juicy 而在重启前一般VPS都稳定运行好久了（100多天）
今天这个是两台配置，应用完全一样的VPS，一个重启后正常，一个重启后 SSH 无法启动。。。
非常怪异

juicy

2014-01-07 13:04:57 +08:00

楼主有没有尝试过用service命令，而不直接运行sshd的脚本。

sudo service ssh start

感觉楼主的问题似乎要深入debug了

andybest

2014-01-07 13:10:01 +08:00

@juicy 尝试过，结果是一样的

这是台 Ramnode VPS，但同样的问题也出现在其他VPS提供商的 OpenVZ 架构VPS上
我曾经发过多次Ticket请求协助解决该问题，但结果都是让我重装系统（拿unmanaged说事。。。）

我觉得你所的很对，应该看 /var/log/auth.log 记录来确定问题，但不知道为啥我这个没有记录 auth.log 。。。如果能恢复记录 auth.log 我觉得就可以确定问题了

再次感谢：）

lijinma

2014-01-07 13:21:08 +08:00

什么服务器，CentOS / RHEL / Fedora 应该是 /var/log/secure，而不是/var/log/auth.log

楼主看一下？