1

When I attempt to log in to a CentOS box via ssh, it hangs after putting in the password. I can get in to the system via console and when i run w I can see "cvs server" running for the user trying to login. 

USER    TTY   FROM       LOGIN   IDLE   PCPU   WHAT
root    pts/1 systemname 11:37   1:14m  0.00s  cvs server

In the secure logs it looks like it was a valid login:

Accept password for root from 172.0.0.17 port 53270 ssh2
pam_unix(sshd:session): session opened for user root by (uid=0)

It appears like a normal login, but it will never actually give me the prompt. I've tried restarting the SSHD service, same issues. This is a production box so im a little hesitant to reboot it. I can't seem to find anything in the log files that looks suspect.

When I run ssh -vvv and try to connect, it also looks fine but I never get the login message after "request accepting on channel.." Here is the paste of the end of -vvv:

debug2: channel 1: request shell confirm 1
debug3: send packet: type 98
debug2: callback done
debug2: channel 1: open confirm rwindow 0 rmax 32768
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 1
debug2: PTY allocation request accepted on channel 1
debug2: channel 1: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 1
debug2: shell request accepted on channel 1

Also, I went through the network firewall to see if maybe it was dropping packets or something, nothing like that is happening. I also tried from some other system, same issue.

I've never seen this before and can't seem to find any good info on this exact issue. Any help, most appreciated!

EDIT: I only have a root account on here and there is no .bashrc or .bash_profile that I can find in root, or anywhere else. However, I do see an cvs.sh and a cvs.csh in /etc/profile.d/. I did see a for loop in /etc/profile/ that is looking for scripts in /etc/profile.d/ to run at startup.

Here are the contents of those scripts:

cvs.sh

# change default from rsh to ssh for cvs command
export CVS_RSH=${CVS_RSH-ssh}

cvs.csh

# change default from rsh to ssh for cvs command
if ( "$?CVS_RSH" == 0 ) setenv CVS_RSH ssh

I thought maybe it was looking for cvs and also server but I don't see anything with server in the script directory. Is there somewhere else I should be looking? All the normal places ive seen profile files, nothing is there.

Thanks!

saleetzo
  • 570
  • 2
  • 9
  • 23
  • 1
    Your .bashrc or similar file on the remote server is running some command (ie this cvs command) which is hanging. If you can't figure it out, [edit] your question to include your .bashrc, .bash_profile, or other relevant files from the remote server. – Kenster Mar 20 '18 at 21:00
  • I updated my question for ya -- thank you. I can't find where there is a profile trying to run those commands other than what I have edited in my question. – saleetzo Mar 20 '18 at 22:40
  • So if you log in as root on the console you get a shell, but via SSH you get a hung session because of t CVS server process? – roaima Mar 20 '18 at 22:54
  • Yes -- correct. I am able to login through console just fine but hangs via ssh. When Im in the console, I check logs and navigate, just can't find what's wrong. When I run 'cvs sever' from console, it hangs as well... might be a clue. – saleetzo Mar 20 '18 at 22:58
  • Thanks guys -- you helped me at least verify 100% that it wasn't a profile issue. Ended up being `sshd_config` entry... – saleetzo Mar 20 '18 at 23:35

1 Answers1

1

I have found the troublemaker. There was an old entry in sshd_config that contained ForceCommand cvs server. Once I adjusted the comment mark and restart the service, I was able to log in just fine.

I actually went through this file at first but didn't check everything bit by bit. Could have saved me an hour or 2 to be thorough off the bat...

saleetzo
  • 570
  • 2
  • 9
  • 23