Issues with passwordless ssh login after first attempt

grif1179 · 20 March 2021 11:10

Issues with passwordless ssh login after first attempt

Hello, I was trying to setup a passwordless ssh server on one of my old PCs and ran into a strange issue that I couldn’t figure out.

I setup the sshd_config following a guide, and then created the public/private key on my client machine, which is an ipad if that is important.

Then before attempting port forwarding I tested on my local network and was initially able to login on my client machine, but I tried opening emacs which got the terminal stuck so I just killed the app I was connecting with. After doing this I wasn’t able to connect again until hours later.

So I was wondering does this sound like a config issue on the server side, or does it sound like a issue with the app I’m using on the ipad not closing the connection properly?

Below I’ll post as much helpful information I know about:

sshd_config

Port <non-std-port>

LoginGraceTime 2m
PermitRootLogin no
MaxAuthTries 5
AuthorizedKeysFile	.ssh/authorized_keys
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM yes

PrintMotd no # pam does that
ClientAliveInterval 720
Subsystem	sftp	/usr/lib/ssh/sftp-server
Protocol 2
AllowUsers <my-user>

journalctl -u sshd

These are the messages printed whether the login is successful or not.

<DATE> <USER> sshd[<#>]: pam_systemd_home(sshd:account): systemd-homed is not available: Unit dbus-org.freedesktop.home1.service not found.
<DATE> <USER> sshd[<#>]: Accepted publickey for <USER> from <IP> port <PORT> ssh2: RSA SHA256:<SHA>
<DATE> <USER> sshd[<#>]: pam_unix(sshd:session): session opened for user <USER>(uid=<#1>) by (uid=<#2>)
<DATE> <USER> sshd[<#>]: pam_env(sshd:session): deprecated reading of user environment enabled

linux-aarhus · 20 March 2021 11:23

When you ask in this forum I presume you are running the ssh service on a Manjaro system?

I think your issue may be related to the AllowUsers property - and from your log it seems this property is causing the deprecation message you find.

I have user accounts several remote systems requiring key authentication. If a connection breaks for one reason or another - I can just start a new session - of course any files I have been editing will be lost - unless the application secures a temp file with the edits.

grif1179 · 21 March 2021 13:07

Thank you so much for the help.

Yes I am running Manjaro using bspwm community edition. I removed AllowUsers from the config file and that sadly didn’t help, but I did find a pattern.

After suspending the server the next ssh attempt after unsuspending will always work. Once connected I can cd, ls, and man as much as I want but the moment I use vim, emacs, less, or even cat the session gets stuck until it times out and then I can’t connected again until I suspend the server again.

It seems like any attempt to read/write to a file is breaking the ssh connection, with the exception of man.

Also using systemctl restart sshd doesn’t allow me to connect again. Only suspending and unsuspending the server seems to allow me to connect again.