OulpulCaae I CaseT,s,e I Stepl,s,e j T elll T ext l ext
Anexo 01: Entreviste el Llo Cerios Rulz Lune Presidente del ACICUJE
All messages related to a connection received by a remote SSH client are preceded by a session ID. These messages adhere to the following format:
<session id> := <remote IP address>:<remote port>
<remote ip address> is the IP address of the system the SSH client is connecting from and <remote port> is the port number assigned to the SSH client session on the remote side.
The messages are as follows:
<session id>: Error: <error description>
<error description>
Is a description the error condition.
Cause: An error occurred on the SSH session. Typical errors include network related errors.
Effect: The SSH session is closed.
Recovery: Any corrective action depends on <error description>.
<session id>: Disconnect from remote: <disconnect reason>
<disconnect reason>
Is a description received from the remote client to describe the reason for disconnecting.
Cause: The SSH client gracefully terminated the SSH session.
Effect: The SSH session is closed.
Recovery: Any corrective action depends on <disconnect reason>. It may be required on the remote SSH client side. Contact the comForte support, if <disconnect reason> indicates an SSH protocol error.
<session id>: User auth method mismatch, available: <remaining methods>, <requested method>
<remaining methods>
List of SSH authentication methods that are supported by SSH2 that have not been tried by the SSH client.
<requested method>
Authentication method requested by the SSH client.
Cause: The SSH client tried to use an authentication method not supported by SSH2.
Effect: The remote SSH user cannot be authenticated.
Recovery: Configure an authentication method for SSH client that is supported by SSH2, e.g. "public key" authentication.
<session id>: Authentication of user <user name> failed: <error detail>
<user name>
Name of the remote user. <error detail>
Describes the reason for the authentication failure.
Cause: An error occurred during the authentication of the user. Typical errors are: "User not found": <user name> does not exist in the SSHCTL.
"User is frozen": <user name> exists in the SSHCTL but is frozen.
Effect: The remote SSH user cannot be authenticated. The session will be terminated.
Recovery: Any corrective action depends on the reason for the authentication failure. It may be required to add, correct or thaw a user name using SSHCOM.
<session id>: No more authentication requests possible for <user name>
<user name>
Name of the remote user.
Cause: The maximum number of authentication requests exceeded. Typically, this condition can
occur with password authentication, if the SSH clients sends an invalid password for three times.
Effect: The remote SSH user cannot be authenticated. The session will be terminated.
Recovery: Use correct credentials for the user with the SSH client.
<session id>: password change for user <user name> failed: <error detail>
<user name>
Name of the remote user <error detail>
is a description of the error that made the password change fail.
Cause: An error occurred when trying to change the user’s password, upon request of the SSH client.
Effect: The password could not be changed.
<session id>: public key authentication failed, algorithm not supported.
Cause: The SSH client tried to use an algorithm for public key authentication that is not supported by SSH2.
Effect: The password could not be changed
Recovery: Configure the SSH client to use a public key algorithm supported by SSH2.
<session id>: public key authentication failed, too many keys
Cause: The SSH client has more that ten public keys that did not match any public key stored for the user in the SSHCTL.
Effect: The public key authentication is aborted. The user cannot be authenticated.
Recovery: Reduce the number of identities (private keys) for the user presented by the SSH client. Usually, this involves adding fewer keys to an SSH agent.
<session id>: public key authentication failed, invalid signature
Cause: The signature presented by the SSH client does not match the public key.
Effect: The authentication is rejected.
Recovery: Check the SSH client that presented the invalid signature.
<session id>: <authentication method> for user <user name> not supported
<authentication method>
Is the authentication method requested by the SSH client <user name>
Is the name of the remote user.
Cause: The SSH client requested an authentication method that is not supported by SSH2 or has been disallowed for this user.
Effect: The authentication is rejected.
Recovery: Use a supported authentication method with the SSH client. Check the settings for this user in the SSH2 user base.
<session id>: channel request for subsystem sftp denied
Cause: SFTP is administratively disallowed for this user.
Effect: The channel request for the SFTP subsystem is rejected.
Recovery: Have the SSH client not use SFTP or grant SFTP access by setting the SFTP-
SECURITY attribute for the user to a value other than NONE.
<session id>: SFTPSERV process initialisation failed, could not chdir or chroot to user's SFTP-INITIAL-DIRECTORY, error <error number>
<error number>
Is the error number that was raised by the chdir or chroot operation.
Cause: Chdir or chroot failed when setting the user’s SFTP-INITIAL-DIRECTORY. A possible
reason is that the directory does not exist.
Effect: The channel request for the SFTP subsystem is rejected.
<session id>: could not launch program <program name>, error <error number>, detail <detail error number>
<program name>
Is the name of the program file that SSH2 tried to start. <error number>
Is the error number that was raised by the PROCESSCREATE function. <error number detail>
Is the detail error number that was raised by the PROCESSCREATE function.
Cause: PROCESSCREATE failed with an error
Effect: The channel request (e.g. subsystem SFTP) fails which the process (e.g. SFTPSERV) should be created for.
Recovery: Check the NonStop server documentation for PROCESSCREATE error descriptions.
If SFTPSERV could not be started make sure the program is located in the same directory as SSH2.
<session id>: SFTPSERV process initialisation failed, error <error number> during startup procedure
<error number>
Is the error number that was raised during the initialization of the SFTPSERV process.
Cause: An error occurred during the initial inter process communication with the SFTPSERV
process.
Effect: The channel request for the SFTP subsystem is rejected.
Recovery: Check if SFTPSERV abended during the initialization procedure. Contact comForte if
this problem persists.
<session id>: forwarding from <host>:<port> to <target host>:<target port> denied
<host>
Is the IP address of the socket client the SSH client tries to forward a connection from. <port>
Is the IP address of the socket client the SSH client tries to forward a connection from. <target host>
Is the IP address the SSH client requested to forward the connection to. <target port>
Is the port number the SSH client requested to forward the connection to.
Cause: An SSH client requested the forwarding of a connection. However, this has been administratively prohibited, e.g. by setting the ALLOWTCPFORWARDING parameter to FALSE.
Effect: The forwarding request is rejected.
Recovery: If forwarding is desired, check the setting of ALLOWTCPFORWARDING.
<session id>: forwarding <protocol> connection from <host>:<port> to <target host>:<target port> failed (<error detail>)
Is the IP address of the socket client the SSH client tries to forward a connection from. <port>
Is the IP address of the socket client the SSH client tries to forward a connection from. <target host>
Is the IP address the SSH client requested to forward the connection to. <target port>
Is the port number the SSH client requested to forward the connection to. <error detail>
Describes the error that occurred.
Cause: An error occurred when trying to forward a connection.
Effect: The forwarding request fails.
Recovery: Any corrective action depends on <error detail>. A typical error is a failure to connect to the target host and port. The SSH client may need to correct its port forwarding configuration.
<session id>: listen request on <interface>:<port> denied
<interface>
Is the IP address of the local interface the SSH client tries to establish a listen for. <port>
Is the port number SSH client tries to listen on.
Cause: The SSH client tried to establish a remote port forwarding with the SSH2 server. However, this has been administratively prohibited, e.g. by setting the
ALLOWTCPFORWARDING parameter to FALSE.
Effect: The forwarding request is rejected.
Recovery: If forwarding is desired, check the setting of ALLOWTCPFORWARDING.
<session id>: remote forwarding request failed, server could not listen on <interface>:<port> (<error detail>)
<interface>
Is the IP address of the local interface SSH client tries to establish a listen for. <port>
Is the port number SSH client tries to listen on. <error detail>
Describes the error that occurred.
Cause: An error occurred when trying to establish a listen for remote port forwarding
Effect: The remote port forwarding request fails.
Recovery: Any corrective action depends on <error detail>. A typical error is a failure to bind to the given port. The SSH client may need to correct its port forwarding configuration.