SSH Server Limiting Logins To One (476 Views)
Reply
Valued Contributor
Rick Dyson
Posts: 229
Registered: ‎08-07-2001
Message 1 of 8 (476 Views)
Accepted Solution

SSH Server Limiting Logins To One

I have an AlphaServer running OpenVMS v8.3 patched to current kits and TCP/IP v5.7 ECO 2 (I believe most recent?) and am using SSHd.  I have found that only ONE session can be connected to the server at a time.  I can Set Host many times with an SSH as well, but that is all.  Telnet is disabled.  When a SSH session is connected, another one attempted fails with "warning: Authentication failed."

 

The only non-default config value I use is the Port is not at 22.  I am using the [TCPIP$SSH.SSH2]]sshd2_config. file.  I did find a config option for "MaxConnections" that was not defined explicitly.  I have tried making it a value like 10 with no impact.

 

Anyone else ever seen this problem?

 

Rick

Honored Contributor
Steven Schweda
Posts: 9,091
Registered: ‎02-23-2005
Message 2 of 8 (472 Views)

Re: SSH Server Limiting Logins To One

Frequent Advisor
Maurizio De Tommaso_
Posts: 42
Registered: ‎03-11-2004
Message 3 of 8 (456 Views)

Re: SSH Server Limiting Logins To One

TCP/IP V5.7ECO3 is the latest patch kit for the OpenVMS ip Stack (Aplha and Integrity platforms).

 

Can you post the output of the following command ?

 

$ tcpip show service ssh /full

 

 

Honored Contributor
Duncan Morris
Posts: 666
Registered: ‎08-07-2003
Message 4 of 8 (451 Views)

Re: SSH Server Limiting Logins To One

Hi Rick,

 

is your problem that only one SSH connection is accepted on the server  from multiple sources, or that YOU can only make a single SSH connection to your server?

 

There is a problem with Reflections and multiple logins from the same source, which can be addressed by changing an option on the SSH client:

 

> The SSH-server on the host is not capable of combining
> authentication for multiple sessions. Please uncheck the
> option 'Reuse Sessions' as shown in the screenshot below.
> You can find it in the Security settings of your session file

If this is not your issue, then the output requested by Maurizio will be informative. Around here, I see

 

$ tcpip show servi ssh/fu

Service: SSH
                           State:     Enabled
Port:               22     Protocol:  TCP             Address:  0.0.0.0
Inactivity:          5     User_name: TCPIP$SSH       Process:  TCPIP$SSH
Limit:              25     Active:        0           Peak:         1

 

 


Duncan

Valued Contributor
Rick Dyson
Posts: 229
Registered: ‎08-07-2001
Message 5 of 8 (439 Views)

Re: SSH Server Limiting Logins To One

You found it.  The Limit in the service is set to 1!  I did not change anything in the SSH config.  Is this default?  I have I64 boxes with v8.3-1H1 and TCPIP v5.7 too that were not like that. I will dig around.

 

If I use an SSH client from somewhere, I could not connect anymore SSH sessions, though I was able to "Set Host" from other local VMS boxes as many more times as I tried.  I am the only user of this new build system so it was all done with just probably my account only.

 

SSHd is the SSH server that TCPIP Services for OpenVMS uses as the "SSH Server"

 

$ tcpip show service ssh /full
 
Service: SSH
                           State:     Enabled
Port:             1022     Protocol:  TCP             Address:  0.0.0.0
Inactivity:          5     User_name: TCPIP$SSH       Process:  TCPIP$SSH
Limit:               1     Active:        1           Peak:         1
 
File:         TCPIP$SYSTEM:TCPIP$SSH_RUN.COM
Flags:        Listen
 
Socket Opts:  Rcheck Scheck
 Receive:            0     Send:               0
 
Log Opts:     None
 File:        not defined
 
Security
 Reject msg:  not defined
 Accept host: 0.0.0.0
 Accept netw: 0.0.0.0

 

Thank you all who pointed here to look.  I guess the config file value of undefined or even explicitly defined of 10 is not used.

 

rick

Honored Contributor
Steven Schweda
Posts: 9,091
Registered: ‎02-23-2005
Message 6 of 8 (424 Views)

Re: SSH Server Limiting Logins To One

Honored Contributor
Duncan Morris
Posts: 666
Registered: ‎08-07-2003
Message 7 of 8 (392 Views)

Re: SSH Server Limiting Logins To One

Steven,

 

the limit is set to 10000 in TCPIP$CONFIG.COM for TCPIP V5.7 ECO3 on IA64 and AXP

 

I suffered from the script kiddies in the past, and so reduced the limit on my internet facing personal servers.

 

Duncan

Honored Contributor
Steven Schweda
Posts: 9,091
Registered: ‎02-23-2005
Message 8 of 8 (381 Views)

Re: SSH Server Limiting Logins To One

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.