2014-03-08, 14:16
Hi,
I have been succesfully using xbian on my pi to watch videos on my main PC. I have been using the ssh option, until one day it stopped working. I am unsure if the change has been on the xbian side or the PC (debian) side.
I CAN still ssh to the xbian, and from there I CAN still ssh and sftp back to my main computer using the same user/pass. The problem only occurs using the gui of xbmc.
I am also including the /etc/ssh/sshd_config, however in trying to solve this problem I found that PasswordAuthentication was set to no, however I was able to ssh with this set to both yes and no (after a service ssh restart).
Logs + confs:
sshd_config:
xbmc log with debugging
succesful non gui ssh ing, to both IP and hostname
halp!
Further:
cat /var/log/auth.log
Code:
Feb 26 13:16:08 evanpc sshd[6514]: Accepted password for share from 192.168.1.7 port 52228 ssh2
Feb 26 13:16:11 evanpc sshd[6514]: pam_unix(sshd
ession): session opened for user share by (uid=0)
It seems like the gui is succesfully getting the session, then the gui reports a fail, and does not close the connection... curiouser and curiouser
further:
similar problem found at http://forum.stmlabs.com/showthread.php?tid=4777 .
deleting known_hosts did not work for me, he doesnt really post a solution other than that, other than rolling back.
I have been succesfully using xbian on my pi to watch videos on my main PC. I have been using the ssh option, until one day it stopped working. I am unsure if the change has been on the xbian side or the PC (debian) side.
I CAN still ssh to the xbian, and from there I CAN still ssh and sftp back to my main computer using the same user/pass. The problem only occurs using the gui of xbmc.
I am also including the /etc/ssh/sshd_config, however in trying to solve this problem I found that PasswordAuthentication was set to no, however I was able to ssh with this set to both yes and no (after a service ssh restart).
Logs + confs:
sshd_config:
Code:
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 1024
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication no
#AuthorizedKeysFile %h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yesxbmc log with debugging
Code:
00:04:13 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:13 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:13 T:3042783232 DEBUG: Keyboard: scancode: 1c, sym: 000d, unicode: 0000, modifier: 0
00:04:13 T:3042783232 DEBUG: OnKey: return (f00d) pressed, action is Select
00:04:13 T:3042783232 DEBUG: CGUIMediaWindow::GetDirectory (sftp://share:**THE_CORRECT_PASSWORD**@192.168.1.3:22//media/)
00:04:13 T:3042783232 DEBUG: ParentPath = [sources://video/]
00:04:13 T:2691691584 NOTICE: Thread Jobworker start, auto delete: true
00:04:13 T:2691691584 INFO: SFTPSession: Creating new session on host '192.168.1.3:22' with user 'share'
00:04:14 T:3042783232 DEBUG: ------ Window Init (DialogBusy.xml) ------
00:04:14 T:2945446976 DEBUG: CecLogMessage - << Recorder 1 (1) -> TV (0): POLL
00:04:14 T:2945446976 DEBUG: CecLogMessage - << 10
00:04:14 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:14 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:15 T:2945446976 DEBUG: CecLogMessage - << Recorder 1 (1) -> TV (0): POLL
00:04:15 T:2945446976 DEBUG: CecLogMessage - << 10
00:04:15 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:15 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:16 T:2945446976 DEBUG: CecLogMessage - << Recorder 1 (1) -> TV (0): POLL
00:04:16 T:2945446976 DEBUG: CecLogMessage - << 10
00:04:16 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:16 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:17 T:2945446976 DEBUG: CecLogMessage - << Recorder 1 (1) -> TV (0): POLL
00:04:17 T:2945446976 DEBUG: CecLogMessage - << 10
00:04:17 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:17 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:18 T:2945446976 DEBUG: CecLogMessage - << Recorder 1 (1) -> TV (0): POLL
00:04:18 T:2945446976 DEBUG: CecLogMessage - << 10
00:04:18 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:18 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:18 T:2691691584 ERROR: SFTPSession: Failed to authenticate via password 'Access denied. Authentication that can continue: password'
00:04:18 T:2691691584 ERROR: SFTPSession: Not connected, can't list directory
00:04:18 T:3042783232 ERROR: GetDirectory - Error getting sftp://share:**THE_CORRECT_PASSWORD**@192.168.1.3:22//media/
00:04:18 T:3042783232 ERROR: CGUIMediaWindow::GetDirectory(sftp://share:**THE_CORRECT_PASSWORD**@192.168.1.3:22//media/) failed
00:04:18 T:3042783232 DEBUG: CGUIMediaWindow::GetDirectory (sources://video/)
00:04:18 T:3042783232 DEBUG: ParentPath = []
00:04:19 T:2805986368 NOTICE: Thread Background Loader start, auto delete: false
00:04:19 T:3042783232 DEBUG: ------ Window Init (DialogOK.xml) ------
00:04:19 T:3042783232 DEBUG: ------ Window Deinit (DialogBusy.xml) ------
00:04:19 T:2805986368 DEBUG: Thread Background Loader 2805986368 terminating
00:04:19 T:2945446976 DEBUG: CecLogMessage - << Recorder 1 (1) -> TV (0): POLL
00:04:19 T:2945446976 DEBUG: CecLogMessage - << 10
00:04:19 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:19 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:20 T:2945446976 DEBUG: CecLogMessage - << Recorder 1 (1) -> TV (0): POLL
00:04:20 T:2945446976 DEBUG: CecLogMessage - << 10
00:04:20 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:20 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:21 T:2945446976 DEBUG: CecLogMessage - << Recorder 1 (1) -> TV (0): POLL
00:04:21 T:2945446976 DEBUG: CecLogMessage - << 10
00:04:21 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:21 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:22 T:2945446976 DEBUG: CecLogMessage - << Recorder 1 (1) -> TV (0): POLL
00:04:22 T:2945446976 DEBUG: CecLogMessage - << 10
00:04:22 T:2945446976 DEBUG: Previous line repeats 1 times.
00:04:22 T:2945446976 DEBUG: CecLogMessage - >> POLL not sent
00:04:23 T:3042783232 DEBUG: Checking device: /dev/input/event0succesful non gui ssh ing, to both IP and hostname
Code:
xbian@xbian ~/.xbmc $ ssh share@evanpc
share@evanpc's password:
Linux evanpc 3.12-1-amd64 #1 SMP Debian 3.12.9-1 (2014-02-01) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Wed Feb 26 12:21:53 2014 from xbian
Could not chdir to home directory /home/share: No such file or directory
$ exit
Connection to evanpc closed.
xbian@xbian ~/.xbmc $ sftp [email protected]
[email protected]'s password:
Connected to 192.168.1.3.
sftp> exit
xbian@xbian ~/.xbmc $halp!
Further:
cat /var/log/auth.log
Code:
Feb 26 13:16:08 evanpc sshd[6514]: Accepted password for share from 192.168.1.7 port 52228 ssh2
Feb 26 13:16:11 evanpc sshd[6514]: pam_unix(sshd
ession): session opened for user share by (uid=0)It seems like the gui is succesfully getting the session, then the gui reports a fail, and does not close the connection... curiouser and curiouser
further:
similar problem found at http://forum.stmlabs.com/showthread.php?tid=4777 .
deleting known_hosts did not work for me, he doesnt really post a solution other than that, other than rolling back.