OpenSSH Troubleshooting

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

Internal

Troubleshooting sshd Server

Execute the sshd Server in Foreground

One method to troubleshoot a sshd server in an attempt to figure out why a specific ssh connection does not work as intended, is to stop the current sshd server (stopping the server won't drop the existing connections) and start it in foreground: 

systemctl stop sshd

/usr/sbin/sshd -d [-D] [-d] [-d]

sshd running in foreground behaves differently than the same binary running in background - for example, a foreground server will allow root logging with a public key without password, while the background server won't, so this method has limited usefulness in some cases.

Turn On Debug Logging

Stop the current sshd server (stopping the server won't drop the existing connections), increase logging verbosity as described here: sshd Logging Verbosity, and restart the server. 

systemctl stop sshd
# update logging verbosity
systemctl start sshd

Increased log output will be available in /var/log/secure.

Retrieved from "https://kb.novaordis.com/index.php?title=OpenSSH_Troubleshooting&oldid=25608"