Subscribe

cant ssh to 7mode filer after systemshell session left open

I left  ssh systemshell session open and window was closed later on, I was hoping that the session would time out but it’s not happening. The result is that now you cannot log in using root user. There is a access by SP using naroot maybe you know easy way to get rid of that hanging session. (except restart/takeover etc). Please advise recomended solution to that issue.

I have been looking for processes from systemshell and i see, is the only sollution to kill those root processes ? it's kind of harcore way of resolving such a minor problem, any better ideas ?

 

root    6798  0.0  0.0     0    32  ??  WL   11Jun16   0:28.66 [sshd]
root    6835  0.0  0.0     0    32  ??  WL   11Jun16   0:00.01 [sshd]

root    6837  0.0  0.0     0    32  ??  WL   11Jun16   0:00.04 [sshd]
root    6963  0.0  0.0     0    32  ??  WL   11Jun16   0:00.08 [sshd]

root    6964  0.0  0.0     0    32  ??  WL   11Jun16   0:00.06 [sshd]

root    6965  0.0  0.0     0    32  ??  WL   11Jun16   0:00.02 [sshd]

root    6966  0.0  0.0     0    32  ??  WL   11Jun16   0:00.03 [sshd]

root    6967  0.0  0.0     0    32  ??  WL   11Jun16   0:00.05 [sshd]

root    6968  0.0  0.0     0    32  ??  WL   11Jun16   0:00.01 [sshd]

 

 

root    1058  0.0  0.0     0    16  ??  WL   11Jun16   0:00.00 [console_login_m
root    1063  0.0  0.0     0    16  ??  WL   11Jun16   5:22.53 [rlmauth_login_m
root    6503  0.0  0.3 22560  2592 rlm  Is+  11Jun16   0:00.01 login /dev/conso

root    6501  0.0  0.3 22816  2704 con  Is+  11Jun16   0:00.01 login /dev/cuaco

root    6502  0.0  0.3 22816  2704 sp.  Ss+  11Jun16   3:50.16 login /dev/cuasp

root   14107  0.0  0.2 35032  1896   0  I<s+  4:15PM   0:00.02 login

root   21093  0.0  0.2 34996  1836   1  Ss    9:28AM   0:00.01 login [pam] (log

 

 

 

 

 

 

 

Re: cant ssh to 7mode filer after systemshell session left open

Hi,

 

If I well understand then you can use the following command :

 

ssh -l username:password Filername logout telnet

this will close the openned session

 

BR 

Re: cant ssh to 7mode filer after systemshell session left open

 

Unfortunately logout telnet command doesn't work in case of locked systemshell ssh session

 

Regards

Ex

Re: cant ssh to 7mode filer after systemshell session left open

I had this issue and was just successful in releasing the systemshell session.  

 

I logged into the system via the sp and then did a "system console" to get access to the system.  Unlocking and setting the password to diag user via the advanced privileged commands were done so that I could access the systemshell.

 

Here is a copy of my log, I will explain what I did under the output:


fas01*> systemshell

Data ONTAP/amd64 (fas01) (pts/1)

login: diag
Password:
Last login: Wed Jul 19 16:01:25 from localhost


WARNING:  The system shell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly.  Use this environment
only when directed to do so by support personnel.

fas01% ps -ef
  PID  TT  STAT      TIME COMMAND
83586   1  S      0:00.01 USER=diag LOGNAME=diag HOME=/var/home/diag SHELL=/bin
83591   1  R+     0:00.00 USER=diag LOGNAME=diag HOME=/var/home/diag SHELL=/bin
fas01% sudo ps -ef
  PID  TT  STAT      TIME COMMAND
 3474 rlm  Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
 3472 con  Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
 3473 sp.  Ss+    0:20.00 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0  Is+    0:00.01 TERM=xterm login
83585   1  Ss     0:00.01 TERM=xterm login [pam] (login)
83592   1  R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% sudo ps -ef
  PID  TT  STAT      TIME COMMAND
 3474 rlm  Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
 3472 con  Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
 3473 sp.  Ss+    0:20.09 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0  Is+    0:00.01 TERM=xterm login
83585   1  Is     0:00.01 TERM=xterm login [pam] (login)
83593   1  R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% exit
logout
fas01*> systemshell

Data ONTAP/amd64 (fas01) (pts/1)

login: diag
Password:

Last login: Wed Jul 19 17:04:03 from localhost


WARNING:  The system shell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly.  Use this environment
only when directed to do so by support personnel.

fas01% sudo ps -ef
  PID  TT  STAT      TIME COMMAND
 3474 rlm  Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
 3472 con  Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
 3473 sp.  Ss+    0:20.33 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0  Is+    0:00.01 TERM=xterm login
83602   1  Ss     0:00.01 TERM=xterm login [pam] (login)
83608   1  R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% sudo kill -9 82943
fas01%



I logged into the system shell and ran a "ps -ef" and was only able to see current session.

Next I ran a "sudo ps -ef" to see all processes running.

I ran the "sudo ps -ef" a couple times to see if any changes presented itself and what stayed.

The TT column showed "rlm", "con", and "sp."  I felt that it would not be any of these sessions.  So I ignored them.

I was interested in PID 82943 and 83585.  At this point I logged out of the systemshell and logged back in.

Again seeing that PID 82943 was still there, I attempted to kill the process.

Killing the process was unsuccessful as myself (obviously), so I performed the "sudo kill -9 82943".

I then attempted to log in via SSH to the system and was successful for the first time in hours.


I hope this helps someone else.