ONTAP Discussions

cant ssh to 7mode filer after systemshell session left open

explorer12

I left  ssh systemshell session open and window was closed later on, I was hoping that the session would time out but it’s not happening. The result is that now you cannot log in using root user. There is a access by SP using naroot maybe you know easy way to get rid of that hanging session. (except restart/takeover etc). Please advise recomended solution to that issue.

I have been looking for processes from systemshell and i see, is the only sollution to kill those root processes ? it's kind of harcore way of resolving such a minor problem, any better ideas ?

 

root    6798  0.0  0.0     0    32  ??  WL   11Jun16   0:28.66 [sshd]
root    6835  0.0  0.0     0    32  ??  WL   11Jun16   0:00.01 [sshd]

root    6837  0.0  0.0     0    32  ??  WL   11Jun16   0:00.04 [sshd]
root    6963  0.0  0.0     0    32  ??  WL   11Jun16   0:00.08 [sshd]

root    6964  0.0  0.0     0    32  ??  WL   11Jun16   0:00.06 [sshd]

root    6965  0.0  0.0     0    32  ??  WL   11Jun16   0:00.02 [sshd]

root    6966  0.0  0.0     0    32  ??  WL   11Jun16   0:00.03 [sshd]

root    6967  0.0  0.0     0    32  ??  WL   11Jun16   0:00.05 [sshd]

root    6968  0.0  0.0     0    32  ??  WL   11Jun16   0:00.01 [sshd]

 

 

root    1058  0.0  0.0     0    16  ??  WL   11Jun16   0:00.00 [console_login_m
root    1063  0.0  0.0     0    16  ??  WL   11Jun16   5:22.53 [rlmauth_login_m
root    6503  0.0  0.3 22560  2592 rlm  Is+  11Jun16   0:00.01 login /dev/conso

root    6501  0.0  0.3 22816  2704 con  Is+  11Jun16   0:00.01 login /dev/cuaco

root    6502  0.0  0.3 22816  2704 sp.  Ss+  11Jun16   3:50.16 login /dev/cuasp

root   14107  0.0  0.2 35032  1896   0  I<s+  4:15PM   0:00.02 login

root   21093  0.0  0.2 34996  1836   1  Ss    9:28AM   0:00.01 login [pam] (log

 

 

 

 

 

 

 

3 REPLIES 3

netapplem

I had this issue and was just successful in releasing the systemshell session.  

 

I logged into the system via the sp and then did a "system console" to get access to the system.  Unlocking and setting the password to diag user via the advanced privileged commands were done so that I could access the systemshell.

 

Here is a copy of my log, I will explain what I did under the output:


fas01*> systemshell

Data ONTAP/amd64 (fas01) (pts/1)

login: diag
Password:
Last login: Wed Jul 19 16:01:25 from localhost


WARNING:  The system shell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly.  Use this environment
only when directed to do so by support personnel.

fas01% ps -ef
  PID  TT  STAT      TIME COMMAND
83586   1  S      0:00.01 USER=diag LOGNAME=diag HOME=/var/home/diag SHELL=/bin
83591   1  R+     0:00.00 USER=diag LOGNAME=diag HOME=/var/home/diag SHELL=/bin
fas01% sudo ps -ef
  PID  TT  STAT      TIME COMMAND
 3474 rlm  Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
 3472 con  Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
 3473 sp.  Ss+    0:20.00 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0  Is+    0:00.01 TERM=xterm login
83585   1  Ss     0:00.01 TERM=xterm login [pam] (login)
83592   1  R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% sudo ps -ef
  PID  TT  STAT      TIME COMMAND
 3474 rlm  Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
 3472 con  Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
 3473 sp.  Ss+    0:20.09 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0  Is+    0:00.01 TERM=xterm login
83585   1  Is     0:00.01 TERM=xterm login [pam] (login)
83593   1  R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% exit
logout
fas01*> systemshell

Data ONTAP/amd64 (fas01) (pts/1)

login: diag
Password:

Last login: Wed Jul 19 17:04:03 from localhost


WARNING:  The system shell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly.  Use this environment
only when directed to do so by support personnel.

fas01% sudo ps -ef
  PID  TT  STAT      TIME COMMAND
 3474 rlm  Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
 3472 con  Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
 3473 sp.  Ss+    0:20.33 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0  Is+    0:00.01 TERM=xterm login
83602   1  Ss     0:00.01 TERM=xterm login [pam] (login)
83608   1  R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% sudo kill -9 82943
fas01%



I logged into the system shell and ran a "ps -ef" and was only able to see current session.

Next I ran a "sudo ps -ef" to see all processes running.

I ran the "sudo ps -ef" a couple times to see if any changes presented itself and what stayed.

The TT column showed "rlm", "con", and "sp."  I felt that it would not be any of these sessions.  So I ignored them.

I was interested in PID 82943 and 83585.  At this point I logged out of the systemshell and logged back in.

Again seeing that PID 82943 was still there, I attempted to kill the process.

Killing the process was unsuccessful as myself (obviously), so I performed the "sudo kill -9 82943".

I then attempted to log in via SSH to the system and was successful for the first time in hours.


I hope this helps someone else.

dbenadib

Hi,

 

If I well understand then you can use the following command :

 

ssh -l username:password Filername logout telnet

this will close the openned session

 

BR 

explorer12

 

Unfortunately logout telnet command doesn't work in case of locked systemshell ssh session

 

Regards

Ex

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public