cant ssh to 7mode filer after systemshell session left open

explorer12 · ‎2016-09-14

I left ssh systemshell session open and window was closed later on, I was hoping that the session would time out but it’s not happening. The result is that now you cannot log in using root user. There is a access by SP using naroot maybe you know easy way to get rid of that hanging session. (except restart/takeover etc). Please advise recomended solution to that issue.

I have been looking for processes from systemshell and i see, is the only sollution to kill those root processes ? it's kind of harcore way of resolving such a minor problem, any better ideas ?

root 6798 0.0 0.0 0 32 ?? WL 11Jun16 0:28.66 [sshd]
root 6835 0.0 0.0 0 32 ?? WL 11Jun16 0:00.01 [sshd]

root 6837 0.0 0.0 0 32 ?? WL 11Jun16 0:00.04 [sshd]
root 6963 0.0 0.0 0 32 ?? WL 11Jun16 0:00.08 [sshd]

root 6964 0.0 0.0 0 32 ?? WL 11Jun16 0:00.06 [sshd]

root 6965 0.0 0.0 0 32 ?? WL 11Jun16 0:00.02 [sshd]

root 6966 0.0 0.0 0 32 ?? WL 11Jun16 0:00.03 [sshd]

root 6967 0.0 0.0 0 32 ?? WL 11Jun16 0:00.05 [sshd]

root 6968 0.0 0.0 0 32 ?? WL 11Jun16 0:00.01 [sshd]

root    1058 0.0 0.0     0    16 ?? WL   11Jun16   0:00.00 [console_login_m
root    1063 0.0 0.0     0    16 ?? WL   11Jun16   5:22.53 [rlmauth_login_m
root    6503 0.0 0.3 22560 2592 rlm Is+ 11Jun16   0:00.01 login /dev/conso

root 6501 0.0 0.3 22816 2704 con Is+ 11Jun16 0:00.01 login /dev/cuaco

root 6502 0.0 0.3 22816 2704 sp. Ss+ 11Jun16 3:50.16 login /dev/cuasp

root 14107 0.0 0.2 35032 1896 0 I<s+ 4:15PM 0:00.02 login

root 21093 0.0 0.2 34996 1836 1 Ss 9:28AM 0:00.01 login [pam] (log

dbenadib · ‎2016-09-14

Hi,

If I well understand then you can use the following command :

ssh -l username:password Filername logout telnet

this will close the openned session

BR

explorer12 · ‎2016-09-14

Unfortunately logout telnet command doesn't work in case of locked systemshell ssh session

Regards

Ex

netapplem · ‎2017-07-19

I had this issue and was just successful in releasing the systemshell session.

I logged into the system via the sp and then did a "system console" to get access to the system. Unlocking and setting the password to diag user via the advanced privileged commands were done so that I could access the systemshell.

Here is a copy of my log, I will explain what I did under the output:

fas01*> systemshell

Data ONTAP/amd64 (fas01) (pts/1)

login: diag
Password:
Last login: Wed Jul 19 16:01:25 from localhost

WARNING: The system shell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly. Use this environment
only when directed to do so by support personnel.

fas01% ps -ef
PID TT STAT      TIME COMMAND
83586   1 S      0:00.01 USER=diag LOGNAME=diag HOME=/var/home/diag SHELL=/bin
83591   1 R+     0:00.00 USER=diag LOGNAME=diag HOME=/var/home/diag SHELL=/bin
fas01% sudo ps -ef
PID TT STAT      TIME COMMAND
3474 rlm Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
3472 con Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
3473 sp. Ss+    0:20.00 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0 Is+    0:00.01 TERM=xterm login
83585   1 Ss     0:00.01 TERM=xterm login [pam] (login)
83592   1 R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% sudo ps -ef
PID TT STAT      TIME COMMAND
3474 rlm Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
3472 con Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
3473 sp. Ss+    0:20.09 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0 Is+    0:00.01 TERM=xterm login
83585   1 Is     0:00.01 TERM=xterm login [pam] (login)
83593   1 R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% exit
logout
fas01*> systemshell

Data ONTAP/amd64 (fas01) (pts/1)

login: diag
Password:

Last login: Wed Jul 19 17:04:03 from localhost

WARNING: The system shell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly. Use this environment
only when directed to do so by support personnel.

fas01% sudo ps -ef
PID TT STAT      TIME COMMAND
3474 rlm Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
3472 con Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
3473 sp. Ss+    0:20.33 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0 Is+    0:00.01 TERM=xterm login
83602   1 Ss     0:00.01 TERM=xterm login [pam] (login)
83608   1 R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% sudo kill -9 82943
fas01%

I logged into the system shell and ran a "ps -ef" and was only able to see current session.

Next I ran a "sudo ps -ef" to see all processes running.

I ran the "sudo ps -ef" a couple times to see if any changes presented itself and what stayed.

The TT column showed "rlm", "con", and "sp." I felt that it would not be any of these sessions. So I ignored them.

I was interested in PID 82943 and 83585. At this point I logged out of the systemshell and logged back in.

Again seeing that PID 82943 was still there, I attempted to kill the process.

Killing the process was unsuccessful as myself (obviously), so I performed the "sudo kill -9 82943".

I then attempted to log in via SSH to the system and was successful for the first time in hours.

I hope this helps someone else.