Client_loop: send disconnect: Broken pipe

PS /home/rokejulianlockhart> ssh rokejulianlockhart@localhost    
The authenticity of host 'localhost (::1)' can't be established.
ED25519 key fingerprint is SHA256:5MJszyzHAAZMvSrnQHZ+u4NPF8GhG42KaC692IxGwjU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'localhost' (ED25519) to the list of known hosts.
(rokejulianlockhart@localhost) Password: 
client_loop: send disconnect: Broken pipe
NativeCommandExitException: Program "ssh" ended with non-zero exit code: 255.
PS /home/rokejulianlockhart>

Neither
0. SDB:OpenSSH basics - openSUSE Wiki nor
0. How to Fix Client_loop: send disconnect: Broken pipe Error
assisted me.

#	$OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# To modify the system-wide sshd configuration, create a "*.conf" file under
# "/etc/ssh/sshd_config.d/" which will be automatically included below.
# Don't edit this configuration file itself if possible to avoid update
# problems.
Include /etc/ssh/sshd_config.d/*.conf

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.
Include /usr/etc/ssh/sshd_config.d/*.conf

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile	.ssh/authorized_keys

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords yes

# Change to no to disable s/key passwords
#KbdInteractiveAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the KbdInteractiveAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via KbdInteractiveAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and KbdInteractiveAuthentication to 'no'.
UsePAM yes

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
X11UseLocalhost yes
#PermitTTY yes
PrintMotd no
PrintLastLog no
TCPKeepAlive no
#PermitUserEnvironment no
#Compression delayed
ClientAliveInterval 300
ClientAliveCountMax 3
#UseDNS no
#PidFile /run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem	sftp	/usr/libexec/ssh/sftp-server

# This enables accepting locale enviroment variables LC_* LANG, see sshd_config(5).
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	X11Forwarding no
#	AllowTcpForwarding no
#	PermitTTY no
#	ForceCommand cvs server
PS /home/rokejulianlockhart> sudo ss -tulpn | grep :22                                    
[sudo] password for root: 
tcp   LISTEN 0      128                               0.0.0.0:22         0.0.0.0:*    users:(("sshd",pid=20960,fd=3))            
tcp   LISTEN 0      128                                  [::]:22            [::]:*    users:(("sshd",pid=20960,fd=4))            
PS /home/rokejulianlockhart>
PS /home/rokejulianlockhart> sudo lsof -i:22                                        
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sshd    20960 root    3u  IPv4 297220      0t0  TCP *:ssh (LISTEN)
sshd    20960 root    4u  IPv6 297222      0t0  TCP *:ssh (LISTEN)
PS /home/rokejulianlockhart>

@rokejulianlockhart what sshd_config did you modify? You should just be creating your own tweaks in /etc/ssh/sshd_config.d/ for example;

cat /etc/ssh/sshd_config.d/mytweaks.conf

PermitRootLogin yes
PasswordAuthentication yes

Restart the sshd service.

1 Like

Oh. I was modifying /etc/ssh/sshd_config.

How can I revert /etc/ssh/sshd_config back to what it should be?
Additionally, does the filename of my “tweaks” in sshd_config.d/ matter?

I swear all the online documentation said to edit /etc/ssh/sshd_config.


* sshd.service - OpenSSH Daemon
     Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; preset: disabled)
     Active: active (running) since Thu 2023-06-01 15:32:54 BST; 1h 20min ago
    Process: 20957 ExecStartPre=/usr/sbin/sshd-gen-keys-start (code=exited, status=0/SUCCESS)
    Process: 20959 ExecStartPre=/usr/sbin/sshd -t $SSHD_OPTS (code=exited, status=0/SUCCESS)
   Main PID: 20960 (sshd)
      Tasks: 1
        CPU: 126ms
     CGroup: /system.slice/sshd.service
             `-20960 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"

Jun 01 15:34:42 RQN6C6 sshd[21271]: fatal: PAM: pam_setcred(): Permission denied
Jun 01 15:41:03 RQN6C6 sshd[22972]: pam_kwallet5(sshd:auth): pam_kwallet5: pam_sm_authenticate
Jun 01 15:41:03 RQN6C6 sshd[22972]: pam_kwallet5(sshd:auth): pam_kwallet5: Couldn't get password (it is empty)
Jun 01 15:41:03 RQN6C6 sshd[22972]: pam_kwallet5(sshd:auth): pam_kwallet5: Empty or missing password, doing nothing
Jun 01 15:41:03 RQN6C6 sshd[22972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2a02:c7c:6aa6:3f00:f22f:74ff:fe23:55ef  user=rokejulianlockhart
Jun 01 15:41:06 RQN6C6 sshd[22986]: pam_kwallet5(sshd:auth): pam_kwallet5: pam_sm_authenticate
Jun 01 15:41:06 RQN6C6 sshd[22986]: pam_kwallet5(sshd:auth): pam_kwallet5: Couldn't get password (it is empty)
Jun 01 15:41:09 RQN6C6 sshd[22972]: Accepted keyboard-interactive/pam for rokejulianlockhart from 2a02:c7c:6aa6:3f00:f22f:74ff:fe23:55ef port 48534 ssh2
Jun 01 15:41:09 RQN6C6 sshd[22972]: pam_kwallet5(sshd:setcred): pam_kwallet5: pam_sm_setcred
Jun 01 15:41:09 RQN6C6 sshd[22972]: fatal: PAM: pam_setcred(): Permission denied

@rokejulianlockhart there is no /etc/ssh/sshd_config file? You must have copied it from somewhere? Just delete it and let the /usr/etc/ssh/sshd_config control, then you override those settings with your config.

Are you certain, @malcolmlewis?

Get-ChildItem '/etc/ssh/'

outputs


    Directory: /etc/ssh

UnixMode         User Group         LastWriteTime         Size Name
--------         ---- -----         -------------         ---- ----
drwxr-xr-x       root root       24/07/2023 18:19            0 ssh_config.d
drwxr-xr-x       root root       24/07/2023 18:19            0 sshd_config.d
-rw-------       root root       24/01/2023 21:13         1381 ssh_host_dsa_key
-rw-r--r--       root root       24/01/2023 21:13          604 ssh_host_dsa_key.pub
-rw-------       root root       24/01/2023 21:13          505 ssh_host_ecdsa_key
-rw-r--r--       root root       24/01/2023 21:13          176 ssh_host_ecdsa_key.pub
-rw-------       root root       24/01/2023 21:13          411 ssh_host_ed25519_key
-rw-r--r--       root root       24/01/2023 21:13           96 ssh_host_ed25519_key.pub
-rw-------       root root       24/01/2023 21:13         2602 ssh_host_rsa_key
-rw-r--r--       root root       24/01/2023 21:13          568 ssh_host_rsa_key.pub
-rw-r-----       root root       01/06/2023 15:32         3723 sshd_config

I don’t recall copying anything to that directory, much less duplicate *.d files. I’ll delete it though.

@rokejulianlockhart extrememly positive :wink:

Tumbleweed
ls /etc/ssh*
ssh_config.d   ssh_host_dsa_key      ssh_host_ecdsa_key      ssh_host_ed25519_key      ssh_host_rsa_key
sshd_config.d  ssh_host_dsa_key.pub  ssh_host_ecdsa_key.pub  ssh_host_ed25519_key.pub  ssh_host_rsa_key.pub

ls /usr/etc/ssh*
moduli  ssh_config  ssh_config.d  sshd_config  sshd_config.d

MicroOS
ls /etc/ssh*
ssh_config.d  sshd_config.d  ssh_host_ecdsa_key  ssh_host_ecdsa_key.pub  ssh_host_ed25519_key  ssh_host_ed25519_key.pub  ssh_host_rsa_key  ssh_host_rsa_key.pub

ls /usr/etc/ssh*
moduli  ssh_config  ssh_config.d  sshd_config  sshd_config.d
1 Like

That worked! Just deleting the file and restarting sshd worked! I can’t tell you how much time you’ve saved me.

@rokejulianlockhart Did you restart sshd service?

1 Like

Yeah, that was what worked. Deleting the file and restarting it. Thank you, loads.

https://forums.opensuse.org/t/client-loop-send-disconnect-broken-pipe/166597/9