RHEL 5/CentOS 5 - sshd becomes unresponsive

Posted by ewwhite on Server Fault See other posts from Server Fault or by ewwhite
Published on 2012-12-10T17:44:26Z Indexed on 2012/12/11 5:06 UTC
Read the original article Hit count: 445

Filed under:

linux

|

centos

|

ssh

|

redhat

|

ldap

I have a number of CentOS 5.x and RHEL 5.x systems whose SSH daemons become unresponsive, preventing remote logins.

The typical error from the connecting side is:

$ ssh db1
db1 :  ssh_exchange_identification: Connection closed by remote host

Examining /var/log/messages after a forced reboot shows the following leading up to the restart:

Dec 10 10:45:51 db1 sshd[14593]: fatal: Privilege separation user sshd does not exist
Dec 10 10:46:02 db1 sshd[14595]: fatal: Privilege separation user sshd does not exist
Dec 10 10:46:54 db1 sshd[14711]: fatal: Privilege separation user sshd does not exist
Dec 10 10:47:38 db1 sshd[14730]: fatal: Privilege separation user sshd does not exist

These systems use LDAP authentication and the nsswitch.conf file is configured to look at local "files" first.

[root@db1 ~]# cat /etc/nsswitch.conf
#
# /etc/nsswitch.conf
#

passwd:     files ldap
shadow:     files ldap
group:      files ldap

hosts:      files dns

The Privilege-separated SSH user exists in the local password file.

[root@db1 ~]# grep ssh /etc/passwd
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin

Any ideas on what the root cause is? I did not see any Red Hat errata that covers this.

© Server Fault or respective owner

Related posts about linux

apt-get install and update fail

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I've got a problem with apt-get update and apt-get install ... commands . every time update or installing fails and errors are : Get:1 http://dl.google.com stable Release.gpg [198B] Ign http://dl.google.com/linux/chrome/deb/ stable/main Translation-en_US Get:2 http://dl… >>> More
kernel module compiling error

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
sh@ubuntu:/home/ccpp/helloworld$ make gcc-4.6 -O2 -DMODULE -D_KERNEL_ -W -Wall -Wstrict-prototypes -Wmissing-prototypes -isystem /lib/modules/`uname -r`/build/include -c -o hello-1.o hello-1.c hello-1.c:4:0: warning: "MODULE" redefined [enabled by default] <command-line>:0:0: note: this is… >>> More
Build-Essentials installation failing

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I am having trouble accessing the several critical header files that show to be a part of the build process. The "Ubuntu Software Center" shows "Build Essentials" as installed: Next I did the following two commands, which did not improve the problem: ~$ sudo apt-get install build-essential [sudo]… >>> More
Updating Debian kernel

as seen on Super User - Search for 'Super User'
I'm trying to update my Debian machine to 2.6.32-46 (which is the new stable). However, after doing apt-get update my apt-cache search linux-image shows me: linux-headers-2.6.32-5-486 - Header files for Linux 2.6.32-5-486 linux-headers-2.6.32-5-686-bigmem - Header files for Linux 2.6.32-5-686-bigmem linux-headers-2… >>> More
Serial connection over a single USB cable (Windows to linux, or linux to linux)

as seen on Server Fault - Search for 'Server Fault'
I'm helping out with a project for an embedded device that only has USB and no serial. This device is running Linux. These days, when we need to connect to a serial port on a device we typically use a USB to serial adapter (on something like a phone system or a load balancing device, etc). I would… >>> More

Related posts about centos

Problems with repositories on CentOS 3.9

as seen on Super User - Search for 'Super User'
Hello, I have CentOS 3.9 for i386. When I try to instal some thing with yum, i.e: yum install firefox or yum install firefox* or yum list firefox and so on, I get: +++++++++++++++++++ yum info firefox Gathering header information file(s) from server(s) Server: CentOS-3 - Addons Server: CentOS-3 -… >>> More
Problems with repositories on CentOS 3.9

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello, I have CentOS 3.9 for i386. When I try to instal some thing with yum, i.e: yum install firefox or yum install firefox* or yum list firefox and so on, I get: +++++++++++++++++++ yum info firefox Gathering header information file(s) from server(s) Server: CentOS-3 - Addons Server: CentOS-3 -… >>> More
centos yum problems

as seen on Server Fault - Search for 'Server Fault'
I am really new to using linux and have just formatted my centos 5.2 vps and am trying to install links by using the command yum install links. But the following error gets displayed: [root@inverses ~]# yum install links Loading "fastestmirror" plugin Loading mirror speeds from cached hostfile *… >>> More
Networking issues with Linux server (CentOS 5.3)

as seen on Server Fault - Search for 'Server Fault'
I have a Linux server hosting our bug tracking software (CentOS 5.2 Kernel 2.6.18-128.4.1.el5) that I have having some strange network problems with. The machine is configured with two NICS, one for the public interface and the other for our server back end network. The problem is that after doing… >>> More
Networking issues with Linux server (CentOS 5.3)

as seen on Server Fault - Search for 'Server Fault'
I have a Linux server hosting our bug tracking software (CentOS 5.2 Kernel 2.6.18-128.4.1.el5) that I have having some strange network problems with. The machine is configured with two NICS, one for the public interface and the other for our server back end network. The problem is that after doing… >>> More