[500XRP悬赏] OpenVZ ubuntu10.04 中 SSH 无法启动的问题

没用过10.04， 只用过12.04， 不知道我推测的方式是否在10.04还是有效， 不管怎样， 还是试试吧

先尝试重启下sshd服务， 然后试试 less /var/log/auth.log|grep ssh

看看输出什么

sshd -d

@juicy

Starting PowerConsole v1.3 <> (c)2012 soluslabs ltd.
please wait...
successfully logged in.
entered into CT 1980
root@ssd:/# /etc/init.d/ssh restart
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service ssh restart

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the restart(8) utility, e.g. restart ssh
ssh stop/pre-start, process 502
root@ssd:/#
root@ssd:/# less /var/log/auth.log|grep ssh
Jan 10 14:10:50 atlsvz7 sshd[30]: Received signal 15; terminating.
Jan 10 14:10:50 atlsvz7 sshd[144]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:50 atlsvz7 sshd[144]: Server listening on :: port 22.
Jan 10 14:10:50 atlsvz7 sshd[144]: Received signal 15; terminating.
Jan 10 14:10:50 atlsvz7 sshd[251]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:50 atlsvz7 sshd[251]: Server listening on :: port 22.
Jan 10 14:10:50 atlsvz7 sshd[251]: Received signal 15; terminating.
Jan 10 14:10:50 atlsvz7 sshd[277]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:50 atlsvz7 sshd[277]: Server listening on :: port 22.
Jan 10 14:10:50 atlsvz7 sshd[277]: Received signal 15; terminating.
Jan 10 14:10:50 atlsvz7 sshd[304]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:50 atlsvz7 sshd[304]: Server listening on :: port 22.
Jan 10 14:10:50 atlsvz7 sshd[304]: Received signal 15; terminating.
Jan 10 14:10:52 ssd sshd[222]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:52 ssd sshd[222]: Server listening on :: port 22.
Jan 10 14:10:52 ssd sshd[222]: Received signal 15; terminating.
Jan 10 14:10:52 ssd sshd[292]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:52 ssd sshd[292]: Server listening on :: port 22.
Jan 10 14:10:52 ssd sshd[292]: Received signal 15; terminating.
Jan 10 14:10:52 ssd sshd[340]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:52 ssd sshd[340]: Server listening on :: port 22.
....
Jan 10 14:10:57 ssd sshd[2965]: Received signal 15; terminating.
Jan 10 14:10:57 ssd sshd[2991]: Server listening on 0.0.0.0 port 22.
Jan 10 14:10:57 ssd sshd[2991]: Server listening on :: port 22.
Jan 10 14:12:53 ssd sshd[3144]: Accepted password for root from 222.125.162.152 port 62849 ssh2
Jan 10 14:12:53 ssd sshd[3144]: pam_env(sshd:setcred): Unable to open env file: /etc/default/locale: No such file or directory
Jan 10 14:12:53 ssd sshd[3144]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jan 10 14:12:54 ssd sshd[3155]: error: lastlog_get_entry: Error reading from /var/log/lastlog: Expecting 292, got 1
Jan 10 14:12:54 ssd sshd[3155]: pam_env(sshd:setcred): Unable to open env file: /etc/default/locale: No such file or directory
root@ssd:/#
root@ssd:/# date
Tue Jan 7 11:06:07 CST 2014
root@ssd:/#
root@ssd:/#

@juicy 非常感谢，但在 /var/log/auth.log 似乎没记录到启动信息呢，是不是日志进程没有开启？

@felix021 谢谢，sshd -d 怎么运行应该？这样正确吗？

root@ssd:~# /etc/init.d/ssh -d
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service ssh -d

The script you are attempting to invoke has been converted to an Upstart
job, but -d is not supported for Upstart jobs.
root@ssd:~#

@andybest /usr/sbin/sshd -d

@andybest

Server listening on 0.0.0.0 port 22.
这个应该表示sshd服务正在正常监听22端口吧， 但是还是找不到sshd的进程么？

ps aux|grep ssh 的结果是什么

（另外，日志记录的怎么是Jan 10那天的信息。。。难道是去年的。。。）

@felix021

root@ssd:/# /usr/sbin/sshd -d
debug1: sshd version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: read PEM private key done: type RSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: private host key: #1 type 2 DSA
Missing privilege separation directory: /var/run/sshd
root@ssd:/#

运行后SSH仍然是未启动状态：
root@ssd:/# netstat -nl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 2875821005 @/com/ubuntu/upstart
root@ssd:/#
root@ssd:/# ps auxf
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 1.0 2504 1360 ? Ss 09:50 0:00 init
root 2 0.0 0.0 0 0 ? S 09:50 0:00 [kthreadd/1980]
root 3 0.0 0.0 0 0 ? S 09:50 0:00 \_ [khelper/1980]
root 270 0.0 0.6 2336 888 ? Ss 09:50 0:00 cron
root 477 0.0 0.5 27496 752 ? Ss 11:05 0:00 vzctl: pts/0
root 478 0.0 1.2 3004 1648 pts/0 Ss+ 11:05 0:00 \_ -bash
root 548 0.0 0.5 27496 756 ? Ss 11:31 0:00 vzctl: pts/1
root 549 0.0 1.2 3004 1628 pts/1 Ss+ 11:31 0:00 \_ -bash
root 568 0.0 0.5 27496 756 ? Ss 11:38 0:00 vzctl: pts/2
root 569 0.0 1.2 3004 1640 pts/2 Ss 11:38 0:00 \_ -bash
root 582 0.0 0.6 2392 856 pts/2 R+ 11:39 0:00 \_ ps auxf

@juicy 日志的确是去年的，我通常买了VPS后会关闭不必要的服务，，不知道是关了什么导致没有日志记录（安装什么可以恢复日志记录？）


Server listening on 0.0.0.0 port 22.
后但没有任何SSH进程（可以在ps auxf中看到，没有sshd）

root@ssd:/# ps aux|grep ssh
root 584 0.0 0.4 1820 568 pts/2 S+ 11:40 0:00 grep --color=auto ssh
root@ssd:/#

看到你刚在的回复， 你看看 /var/run/ 下有没有 sshd/ 文件夹， 有的话删掉试试

@juicy 谢谢，没有这个文件夹：

root@ssd:/var/run# ls sshd
ls: cannot access sshd: No such file or directory

root@ssd:/var/run# ls ssh
ls: cannot access ssh: No such file or directory

那你手动创建一个

mkdir /var/run/sshd
chmod 0755 /var/run/sshd

然后再尝试重启服务

@juicy 谢谢

root@ssd:/# mkdir /var/run/sshd
root@ssd:/# chmod 0755 /var/run/sshd
root@ssd:/# /etc/init.d/ssh restart
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service ssh restart

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the restart(8) utility, e.g. restart ssh
ssh stop/pre-start, process 641
root@ssd:/#


执行完毕后检查 ps auxf 与 netstat -nl 还与之前完全一样，并且/var/run/sshd无任何内容：

root@ssd:/var/run/sshd# ls -l
total 0
root@ssd:/var/run/sshd#

我用debian，前几天也是装了openvz，ssh启动不了，不过后来解决了，错误和楼主不太一样

/etc/ssh/sshd_not_to_be_run 这个文件存在吗？

@juicy 不存在

root@ssd:/# ls /etc/ssh/sshd_not_to_be_run
ls: cannot access /etc/ssh/sshd_not_to_be_run: No such file or directory

每次这个问题出现都是服务器重启，或者官方维护导致offline后，我再online后 SSH 就无法启动了

@juicy 而在重启前一般VPS都稳定运行好久了（100多天）
今天这个是两台配置，应用完全一样的VPS，一个重启后正常，一个重启后 SSH 无法启动。。。
非常怪异

楼主有没有尝试过用service命令， 而不直接运行sshd的脚本。

sudo service ssh start

感觉楼主的问题似乎要深入debug了

@juicy 尝试过，结果是一样的

这是台 Ramnode VPS，但同样的问题也出现在其他VPS提供商的 OpenVZ 架构VPS上
我曾经发过多次Ticket请求协助解决该问题，但结果都是让我重装系统（拿unmanaged说事。。。）

我觉得你所的很对，应该看 /var/log/auth.log 记录来确定问题，但不知道为啥我这个没有记录 auth.log 。。。如果能恢复记录 auth.log 我觉得就可以确定问题了

再次感谢 ：）

什么服务器，CentOS / RHEL / Fedora 应该是 /var/log/secure，而不是/var/log/auth.log

楼主看一下？

@lijinma 谢谢，是Ubuntu 10.04 server，没有这个文件：
root@ssd:/# cat /var/log/secure
cat: /var/log/secure: No such file or directory

@andybest log的问题 你看看/etc/ssh/sshd_config 这个文件下的logLevel有没有设置成Quiet， 也许是这个原因

@andybest 噢，不好意思，没看到；

那你enable一下log:

sudo service rsyslog restart
或者
/etc/init.d/syslog restart

然后看一下：/etc/syslog.conf 里面应该有：

`auth,authpriv.* /var/log/auth.log`

类似的配置；

@juicy 检查了，是默认的：
LogLevel INFO

执行/usr/sbin/sshd -d的时候
返回Missing privilege separation directory: /var/run/sshd
这里应该是有问题的， 我尝试了一下用自己的机子， 没有发现这条提示

当楼主运行
mkdir /var/run/sshd
chmod 0755 /var/run/sshd
之后，
楼主可否再执行一下/usr/sbin/sshd -d

@lijinma 谢谢，奇怪的是syslog无法安装和启动：

root@ssd:/# sudo service rsyslog restart
rsyslog: unrecognized service
root@ssd:/#
root@ssd:/# service rsyslog restart
rsyslog: unrecognized service
root@ssd:/#
root@ssd:/# /etc/init.d/syslog restart
-bash: /etc/init.d/syslog: No such file or directory
root@ssd:/#
root@ssd:/# apt-get install syslog
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package syslog
root@ssd:/#
root@ssd:/# apt-get install syslogd
Reading package lists... Done
Building dependency tree
Reading state information... Done
Note, selecting sysklogd instead of syslogd
The following extra packages will be installed:
klogd sysklogd
The following NEW packages will be installed:
klogd sysklogd
0 upgraded, 2 newly installed, 0 to remove and 47 not upgraded.
Need to get 0B/116kB of archives.
After this operation, 369kB of additional disk space will be used.
Do you want to continue [Y/n]? y

Selecting previously deselected package sysklogd.
(Reading database ... 26840 files and directories currently installed.)
Unpacking sysklogd (from .../sysklogd_1.5-5ubuntu4_i386.deb) ...
Selecting previously deselected package klogd.
Unpacking klogd (from .../klogd_1.5-5ubuntu4_i386.deb) ...
Processing triggers for man-db ...
Setting up sysklogd (1.5-5ubuntu4) ...
* Starting system log daemon...
...done.

Setting up klogd (1.5-5ubuntu4) ...
* Starting kernel log daemon...




...fail!

root@ssd:/#

@juicy 牛！！！！！启动了：

root@ssd:/# mkdir /var/run/sshd
mkdir: cannot create directory `/var/run/sshd': File exists
root@ssd:/#
root@ssd:/# chmod 0755 /var/run/sshd

root@ssd:/# /usr/sbin/sshd -d
debug1: sshd version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: read PEM private key done: type RSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Bind to port 22 on ::.
Server listening on :: port 22.



可以SSH连接了，在22端口，如何恢复SSH服务？

@andybest

那太好了！！ Ctrl-C退出当前debugger模式，按正常方式启动就可以了吧

@juicy

使用：

root@ssd:/# /etc/init.d/ssh start
Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service ssh start

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the start(8) utility, e.g. start ssh
ssh stop/pre-start, process 994

仍然无法启动 ssh 服务，不过 auth.log 有日志了！

root@ssd:/# tail /var/log/auth.log

Jan 7 08:14:38 ssd groupadd[578]: group added to /etc/group: name=klog, GID=111
Jan 7 08:14:38 ssd groupadd[578]: group added to /etc/gshadow: name=klog
Jan 7 08:14:38 ssd groupadd[578]: new group: name=klog, GID=111
Jan 7 08:14:38 ssd useradd[582]: new user: name=klog, UID=107, GID=111, home=/home/klog, shell=/bin/false
Jan 7 08:14:38 ssd usermod[587]: change user 'klog' password
Jan 7 08:14:38 ssd chage[592]: changed password expiry for klog
Jan 7 08:15:01 ssd CRON[622]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 7 08:15:01 ssd CRON[622]: pam_unix(cron:session): session closed for user root
Jan 7 08:25:01 ssd CRON[651]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 7 08:25:01 ssd CRON[651]: pam_unix(cron:session): session closed for user root
Jan 7 08:35:01 ssd CRON[658]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 7 08:35:01 ssd CRON[658]: pam_unix(cron:session): session closed for user root
Jan 7 08:36:01 ssd CRON[663]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 7 08:36:01 ssd CRON[663]: pam_unix(cron:session): session closed for user root
Jan 7 08:45:01 ssd CRON[668]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 7 08:45:01 ssd CRON[668]: pam_unix(cron:session): session closed for user root
Jan 7 08:55:01 ssd CRON[675]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 7 13:55:01 ssd CRON[940]: pam_unix(cron:session): session closed for user root
Jan 7 13:57:12 ssd sshd[947]: debug1: sshd version OpenSSH_5.3p1 Debian-3ubuntu7
Jan 7 13:57:12 ssd sshd[947]: debug1: read PEM private key done: type RSA
Jan 7 13:57:12 ssd sshd[947]: debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
Jan 7 13:57:12 ssd sshd[947]: debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
Jan 7 13:57:12 ssd sshd[947]: debug1: private host key: #0 type 1 RSA
Jan 7 13:57:12 ssd sshd[947]: debug1: read PEM private key done: type DSA
Jan 7 13:57:12 ssd sshd[947]: debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
Jan 7 13:57:12 ssd sshd[947]: debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
Jan 7 13:57:12 ssd sshd[947]: debug1: private host key: #1 type 2 DSA
Jan 7 13:57:13 ssd sshd[947]: pam_env(sshd:setcred): Unable to open env file: /etc/default/locale: No such file or directory
Jan 7 13:57:13 ssd sshd[947]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jan 7 13:57:13 ssd sshd[958]: pam_env(sshd:setcred): Unable to open env file: /etc/default/locale: No such file or directory
Jan 7 13:57:40 ssd sshd[947]: pam_unix(sshd:session): session closed for user root
Jan 7 13:57:40 ssd sshd[947]: pam_env(sshd:setcred): Unable to open env file: /etc/default/locale: No such file or directory

@juicy 我reboot了系统，dropbear 与 openssh 两个 ssh 服务（在不同端口）还是仍然没有开启

@juicy 现在是使用
/etc/init.d/ssh start
启动后，/var/log/auth.log中会多一条记录：

Jan 7 14:10:32 ssd dropbear[412]: premature exit: Failed to daemonize: No such device

同时SSH服务并没有启动

reboot之前 添加完/var/run/sshd/ 之后 运行 /etc/init.d/ssh start还是不能正常启动sshd?

@juicy 是的，使用
/usr/sbin/sshd -d
可以启动，但如果用
/etc/init.d/ssh start
则无法启动，并且 auth.log里多一条记录：
Jan 7 14:15:12 ssd dropbear[453]: premature exit: Failed to daemonize: No such device

@juicy 使用 /usr/sbin/sshd -d 可正常启动，输出信息为：

root@ssd:/# /usr/sbin/sshd -d
debug1: sshd version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: read PEM private key done: type RSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Bind to port 22 on ::.
Server listening on :: port 22.

......

快没招了。。。
你试一下把 /dev/null 给删了并重新创建一下

rm /dev/null


mknod /dev/null c 1 3

然后再启动一下sshd服务

@juicy 搞定了！！！！！正常启动了！！！

请教一下：
rm /dev/null
mknod /dev/null c 1 3

这俩是什么神奇的指令，干吗的

另外，给我你的ripple钱包地址吧， 500 XRP送上！！

终于。。。

我看到类似/etc/init.d/ssh的启动脚本里都会出现/dev/null这个”黑洞“文件， 在网上搜资料的时候发现似乎有人在这里遇到过问题， 所以尝试推荐你重新创建一下这个特殊的文件

我的地址
rhRpVb7eXvj2ybmdTi6EeARKa6X26Rf3XK
感谢楼主

@juicy 非常感谢！ 500 XRP已发！

Your transaction has been submitted.

Your account balance will update once the payment has cleared.

@juicy 但我的帐户余额还没扣除，等下看看

@andybest 哈哈 恭喜楼主；

@juicy 请问收到 XRP 了吗？我这没有显示记录呢

@lijinma 多谢，你的回答也是正确的，但 @juicy 直接帮我解决了问题，所以真不好意思，唯有感谢了！ :")

@andybest 好像还没收到， 你填的地址应该没错吧

@juicy 没填错，我又发了一次，这次我余额减了500了，转账记录：
Address sent to:rhRpVb7eXvj2ybmdTi6EeARKa6X26Rf3XK
Amount received:500 XRP
Currency received:XRP

应该收到了吧，多谢啊！ ：）））

@juicy 刚刚收到了， 感谢楼主。

另外， 如果重启之后/dev/null还是有问题， 推荐楼主可以将

rm /dev/null
mknod /dev/null c 1 3

加入 /etc/rc.local 中

这样每次重启， 系统就能自动帮你完成新建/dev/null的过程

@juicy 好，是不是再遇到这个问题，我直接执行：
rm /dev/null
mknod /dev/null c 1 3

即可解决了？是不是没必要用这个：
mkdir /var/run/sshd
chmod 0755 /var/run/sshd

也就是，是不是就是 /dev/null 的问题？

@andybest 这个我也不确定， 都有可能吧， 楼主自测一下应该就能知道了。 不过我记得脚本里有一段是去查找/var/run/sshd是否存在，不存在就新建的代码， 所以可能就不需要了。 之前没有创建/var/run/sshd可能是程序还没有执行到那一步

如果真的有必要手动添加， 那和上面一样， 将下面的代码加到 /etc/rc.local 里

if [ ! -d /var/run/sshd ]; then
mkdir /var/run/sshd
chmod 0755 /var/run/sshd
fi

。。。楼主多发了500XRP, 马上退给楼主。。。。。

。。。好像网页端展现有问题， history里出现了两条相同的记录， 我还以为是楼主多发了。。。

@juicy 多谢！！ ：）