sshd service stopped, exist status 255

Friday, April 20th, 2018

I had one server with an sshd service which would terminate right after starting.

The event log would have the following error:

The description for Event ID 0 from source sshd cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.

The following information was included with the event:

sshd: PID 9960: `sshd' service stopped, exit status: 255

Not too helpful of a message.

I decided to re-run the setup with an elevated Cygwin terminal.

ssh-host-config

*** Info: Generating missing SSH host keys
*** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
*** Info: Creating default /etc/sshd_config file

*** Info: StrictModes is set to 'yes' by default.
*** Info: This is the recommended setting, but it requires that the POSIX
*** Info: permissions of the user's home directory, the user's .ssh
*** Info: directory, and the user's ssh key files are tight so that
*** Info: only the user has write permissions.
*** Info: On the other hand, StrictModes don't work well with default
*** Info: Windows permissions of a home directory mounted with the
*** Info: 'noacl' option, and they don't work at all if the home
*** Info: directory is on a FAT or FAT32 partition.
*** Query: Should StrictModes be used? (yes/no) yes

*** Info: Privilege separation is set to 'sandbox' by default since
*** Info: OpenSSH 6.1. This is unsupported by Cygwin and has to be set
*** Info: to 'yes' or 'no'.
*** Info: However, using privilege separation requires a non-privileged account
*** Info: called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep.
*** Query: Should privilege separation be used? (yes/no) yes
*** Info: Note that creating a new user requires that the current account have
*** Info: Administrator privileges. Should this script attempt to create a
*** Query: new local account 'sshd'? (yes/no) no
*** ERROR: Couldn't create user 'sshd'!
*** ERROR: Privilege separation set to 'no' again!
*** ERROR: Check your /etc/sshd_config file!
*** Info: Updating /etc/sshd_config file

*** Info: Sshd service is already installed.




*** Warning: Host configuration exited with 1 errors or warnings!
*** Warning: Make sure that all problems reported are fixed,
*** Warning: then re-run ssh-host-config.

After that.  The service stayed up.

Make sure you verify the access.  This particular server had sshd configured for one login and of course I didn’t have the password.

 

 

Advertisements

Is Linux using DHCP?

Friday, March 9th, 2018

I have been working on other things which are not Linux related so obvious things have reached the area of “oh….the answer is……”

A question was raised about a Linux virtual machine using DHCP. I remembered it wasn’t but I blanked on where to look for the answer.

Simply look in the file: /etc/sysconfig/network-scripts/ifcfg-eth0

Look for:

BOOTPROTO=dhcp
ONBOOT=yes

That shows DHCP is in use.

 

Skip first line with import-csv

Friday, October 20th, 2017

I have a data file which generates with a header line. I have check script which uses the file and I wanted to skip it but I am using a foreach loop and did not want to add an if/then.

The problem line:

Import-Csv $file -header("fullname","email", "notification","version") foreach {

I remembered the select -first option and I wondered if there was a skip option?

I made a quick change and added a pipe with select -skip 1

Import-Csv $file -header("fullname","email", "notification","version") | select -skip 1 | foreach {

Tested the script and sure enough the first line was skipped.

 

Killing a zombie process in Solaris

Friday, August 11th, 2017

Yes we do have a couple Solaris servers around and I had a case of a zombie preventing a user from accessing it. How do I kill those again?

A zombie is the slang identifier for what is called a defunct process. The child processes are gone but the image remains.

How to find them:

ps -ef | grep -i defunt

The preap command is needed to kill it.  Find the one that is causing your problem and enter:

preap 11111

It should give you a message with status code 0 to show it worked. You can also verify by entering:

ps -ef | grep 11111

The only thing that should be seen is the grep command.

Named Pipes Provider, error: 40 – Could not open a connection to SQL Server

Friday, August 11th, 2017

This is a small entry mainly for my part.  For the life of me, I keep forgetting this with SQL Express.

We are using it for small Citrix sites and get the big long error when I try to establish my Xendesktop Controller.

In this matter, pipe and TCP/IP have to be enabled!

The steps:

  • SQL Configuration Manager
  • SQL Server Network Configuration.
  • Change Named Pipes to Enabled
  • Change TCP/IP to Enabled.
  • Start SQL Server Management Studio
  • Right-Click the Server entry
  • Select restart
  • Wait

After that the SQL portion of the Xendesktop setup works.

*sighs*

 

Remote Console is unavailable. It is already in use by a different client

Wednesday, May 24th, 2017

I had a situation where I didn’t have the iLO virtual drives for an HP server. Whomever installed it, didn’t apply the iLO license.

After I installed the proper license; I was rewarded with:

iLO “Remote Console is unavailable. It is already in use by 
a different client”

Tried a few things but nothing worked. The iLO was simply locked.

You can force it to reset. On the top level (this is for iLO3), look for the diagnostics link under Information. Click the Diagnostics link

Look for the Reset button.  Click it and you will be tossed for the session. Wait about thirty seconds and login again.

 

Telephone activation is no longer supported

Thursday, April 27th, 2017

I have a secured cluster where there is no Net access. The users had licenses for Office 2013 and wanted to use them inside the cluster.

Office likes to activate itself.  It tried and gave an error.  I restarted Word and it gave the options for Internet and telephone activation.  I selected telephone and I selected my location and was rewarded with:

Telephone activation is no longer supported for your product

Oooooookay.  No Net and no telephone…….

Luckily this is just a “feature.”

I went through the telephone process and activated the installation.  The only problem now are templates which appear to be downloaded from the Net.  But, I will take care of that if they complain.

Failed to download this file. Error code 0x800C0008

Friday, January 6th, 2017

One of our services gave an odd error. External user would attempt to access it and they would get an error about a configuration file not downloading.

The part of the error message that interested me was:

Failed to download this file. Error code 0x800C0008

What was odd was the service worked inside the firewall.

I thought it was browser related and checked the Net.

I tried the suggested registry change:

  1. Start Registry Editor.
  2. For a per-user setting, locate the following registry key:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings

    For a per-computer setting, locate the following registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  3. On the Edit menu, click Add Value, and then add the following value:
    BypassSSLNoCacheCheck“=Dword:00000001
  4. Exit Registry Editor.

This did not need a reboot and the change worked.

To add more “oddness” the service started working before the affected users made the change.

Hmmmmmm?  Network people or Security people?

Mouse selecting many things

Wednesday, January 4th, 2017

Minor odd issue.  For some reason my mouse was selecting all virtual machines in XenCenter.

Problem was simply a stuck shift key.  Banged it a couple times and the problem went away.

 

Adblock Plus now sells ads?

Tuesday, September 13th, 2016

This used to be an add blocker but they have been positioning themselves as an advertiser preaching the nonsense of acceptable ads. It’s an old approach.  Present a new “service” and then start doing what was done before but you have people paying for it.  When cable TV first appeared, the big selling point was “ad free.” Once the base was established; it changed we are going to introduce ads so we don’t have to charge more. Now we pay for the privileged of getting ads.

Adblock at the moment doesn’t charge but in time there will be paid levels to “reduce” ads or better control them.

I am dumping them.

Look into uBlock origin. They have a link for an iOS 9 product and I know they have addons for Chrome and Firefox.

Souce.