#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Keywords:
---------------------------+-------------------
Hi,
my login name should be 'jachym' the password I expect to be the same as
I'm using currently e.g. for trac, I'm listed at https://www.osgeo.org
/cgi-bin/auth/ldap_shell.py
still, I can not log in (using ssh) to adhoc.osgeo.osuosl.org: my password
does not work. Any hint?
Thank you
Jachym
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+--------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+--------------------
Comment (by strk):
Your LDAP record is missing
{{{
objectClass: posixAccount
}}}
I don't know how to add/remove it, the wiki page doesn't tell.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:1>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+--------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: new
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+--------------------
Comment (by strk):
Ok this could be the fault of a recent change to the ldap_shell.py script.
Were you given shell access recently ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:2>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+---------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: closed
Priority: normal | Milestone:
Component: Systems Admin | Resolution: fixed
Keywords: |
---------------------------+---------------------
Changes (by strk):
* status: new => closed
* resolution: => fixed
Comment:
Confirmed, the script is currently unable to give users shell access.
Your account was fixed to get the appropriate class now, but the script is
still broken.
Will file a separate issue for that.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:3>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+---------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: closed
Priority: normal | Milestone:
Component: Systems Admin | Resolution: fixed
Keywords: ldap |
---------------------------+---------------------
Changes (by strk):
* keywords: => ldap
Comment:
For the record: the script was fixed (#1785)
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:4>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Changes (by jachym):
* status: closed => reopened
* resolution: fixed =>
Comment:
I can confirm: yes, recently (yesterday) by tkralidis
Thank you for your help, still no luck:
{{{
jachym@krovak:~$ ssh jachym@adhoc.osgeo.osuosl.org
ssh_exchange_identification: read: Connection reset by peer
}}}
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:5>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by strk):
I'm afraid I don't know how to help with that.
IIRC it also happened to me and was fixed by Wildintellect.
Alex: ideas ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:6>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by strk):
Oh, maybe your IP is being banned for too many failed logins:
sshd[23260]: refused connect from XXX.168.191.132
You should be unbanned now, can you try again ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:7>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by jachym):
yes, that's my IP
still no luck
{{{
jachym@krovak:~$ ssh jachym@adhoc.osgeo.osuosl.org
ssh_exchange_identification: read: Connection reset by peer
jachym@krovak:~$ ssh jachym@demo.pywps.org
ssh_exchange_identification: read: Connection reset by peer
}}}
maybe restarting some service? just asking - you know your job better than
I do mine.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:8>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by strk):
You were also cought by denyhosts, now cleaned manually.
Can you test again ? (with care, don't try more than once 
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:9>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by strk):
Actually, denyhosts re-bans your IP after I clean it.
This is due to the configuration which checks the logs for
failed logins attempts, and only purges entries after 1 week.
It seems too much for me, I would lower it, but maybe
in your case you could be whitelisted ? Is your IP static and stable ?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:10>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by strk):
Purge time is being discussed in #1787
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:11>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by jachym):
No, it's not. Will it be whitelisted again during next week? One week from
now, right?
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:12>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by strk):
One week since last failed login attempt, I think.
If you are in rush I could temporarely whitelist you,
coordinating on IRC
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:13>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by strk):
Or, you could try logging in from a different IP
(maybe stepping by a different OSGeo machine, as you should have
access to all of them now)
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:14>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+-----------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Systems Admin | Resolution:
Keywords: ldap |
---------------------------+-----------------------
Comment (by strk):
For the record, I temporarely added Jachim IP to hosts.allow and removed
it after he did log in.
Teoretically, he should be able to login again, from that IP, within one
week (until the purge time is changed, as requested in #1787)
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:15>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
#1784: can not ssh to adhoc.osgeo.osuosl.org
---------------------------+---------------------
Reporter: jachym | Owner: sac@…
Type: task | Status: closed
Priority: normal | Milestone:
Component: Systems Admin | Resolution: fixed
Keywords: ldap |
---------------------------+---------------------
Changes (by strk):
* status: reopened => closed
* resolution: => fixed
Comment:
Assuming fixed. Please reopen if there's anything more to do.
PS: AdHoc services should be moved elsewhere so please make sure to update
the associated wiki page if needed (with contacts and state):
https://wiki.osgeo.org/wiki/AdhocVM
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/1784#comment:16>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.