I have a very curious problem on an centos 6.5(now 6.6) machine. After an update between june 11th and october 21th the trouble begins (packages: http://pastebin.com/gXvaycLL). After a restart in october it was not possible to login on the server using ssh. The client always stops with the following message:
ssh_exchange_identification: read: Connection reset by peer
I tried to login on the server directly. First I tried to login using the console. After entering the password, the server rejected it by saying "incorrect password".
The same on the graphical mode. But the password was correct.
Now I found a solution: After deactivating selinux by append selinux=0 in bootmanager.
Now I was able to login into the console on server. Furthermore I was unable to login using ssh (also using localhost).
After this I edit /etc/selinux/config and set SELINUX value from enforcing to permissive later to disable. After reboot I was unable to login, even if I set disabled.
The only way to login is by setting selinux=0.
Now I found the malefactor: rsyslog. If I disable the logging on start, everything is fine accept the logging.
The curious thing is: All other services like apache and mysql are working correctly if rsyslogd is started.
Here is the lower part of sshd logging using debug3:
[...]
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug3: fd 5 is not O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 8 config len 599
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: -1, -1
setsockopt SO_KEEPALIVE: Bad file descriptor
debug1: getpeername failed: Bad file descriptor
debug1: get_remote_port failed
As you can see, both inetd sockets are invalid. If rsyslog is not started, there are positive sockets and everything is fine.
I've tried to fix it by reinstall rsyslog (with fresh/unedited config) and also reinstall selinux-libraries. I also made the update from centos6.5 to actual version 6.6 Have anyone an idea how can I fix this problem?
Best Answer
I've got the same issue on OEL 6 and found out that the following patch is the root cause:
nss-softokn-freebl-3.14.3-17.el6.x86_64.rpm
After updating it I'm unable to login via ssh.
Thanks for your post, it was helpful.