000012492 - APP 3.0.X - cannot configure sshd in the operations console  eth0 not displayed under available interfaces

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000012492
Applies ToSecurID Appliance 3.X
rPath Linux
IssueAPP 3.0.X- cannot configure sshd in the operations console

-In operations console, trying to enable sshd

Administration->Networking->Configure connectivity using sshd, check box on "enable sshd", save, but no interfaces show as available.

Furthermore, when you attempt to start sshd from the command line with

     service sshd start

Will fail to start, and will hrow an unknown interface error

Cause

A null value is present on a ListenAddress interface directive in /etc/ssh/sshd_config, for example

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       ForceCommand cvs server
UsePrivilegeSeparation no
ListenAddress
ListenAddress 192.168.131.20

Or:

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       ForceCommand cvs server
UsePrivilegeSeparation no
ListenAddress

This will prevent sshd from binding to the eth0 port and cause the interface not to be present in the operations console

Resolution

The listen address should contain the primary ip address for the appliance.  There should only be one occurance for this appliance

-In an instance where there are two lines for ListenAddress in sshd_config, remove the extra entry that does not contain a value.

-In an instance where there is a single line for ListenAddress in sshd_config, populate the ip address for primary interface, eth0

A properly formatted entry will look like

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       ForceCommand cvs server
UsePrivilegeSeparation no
ListenAddress 192.168.131.20

Now restart sshd from the command line

chconfig sshd on

service sshd start

Legacy Article IDa58470

Attachments

    Outcomes