SSH connection getting closed automatically after a sudo command
I have two servers running the same version of RedHat 6.4, however one of them behaves differently when I run remote sudo
commands through SSH on it. On server1, the connection is automatically closed after a successful sudo
command, but on server3, the connection is kept open.
Note that for these tests the sudo
user had the NOPASSWD flag so no prompt is asked. As far as I know, all configurations on these servers are the same (they were cloned).
I tested using this:
ssh -vvv user@server1 << EOF
sudo ls -l /home/
ls -l /home/
pwd
EOF
If I run this on server1 I get a single file listing.
debug3: Wrote 32 bytes for a total of 1621
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
Running without the sudo
command on the same server I get my two file listing and the pwd
result
ssh -vvv user@server1 << EOF
ls -l /home/
ls -l /home/
pwd
EOF
Result:
debug3: Wrote 32 bytes for a total of 1605
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
/home/user
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
However, running the script with the sudo
command on server3 I get the result of all 3 commands like the previous test. I compared the output of the ssh -vvv
logs from both servers (1 and 3) and everything seems the same except for a debug line in a different order when the connection is closed (see client_input...
line).
server1 (same with or without sudo
)
[command results]
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
server3
[command results]
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd close
I would like to know how to fix server1 so that the connection isn't automatically closed so that my script can execute completely when including sudo
commands.
ssh rhel sudo
add a comment |
I have two servers running the same version of RedHat 6.4, however one of them behaves differently when I run remote sudo
commands through SSH on it. On server1, the connection is automatically closed after a successful sudo
command, but on server3, the connection is kept open.
Note that for these tests the sudo
user had the NOPASSWD flag so no prompt is asked. As far as I know, all configurations on these servers are the same (they were cloned).
I tested using this:
ssh -vvv user@server1 << EOF
sudo ls -l /home/
ls -l /home/
pwd
EOF
If I run this on server1 I get a single file listing.
debug3: Wrote 32 bytes for a total of 1621
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
Running without the sudo
command on the same server I get my two file listing and the pwd
result
ssh -vvv user@server1 << EOF
ls -l /home/
ls -l /home/
pwd
EOF
Result:
debug3: Wrote 32 bytes for a total of 1605
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
/home/user
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
However, running the script with the sudo
command on server3 I get the result of all 3 commands like the previous test. I compared the output of the ssh -vvv
logs from both servers (1 and 3) and everything seems the same except for a debug line in a different order when the connection is closed (see client_input...
line).
server1 (same with or without sudo
)
[command results]
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
server3
[command results]
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd close
I would like to know how to fix server1 so that the connection isn't automatically closed so that my script can execute completely when including sudo
commands.
ssh rhel sudo
I wonder if errexit is being set?
– Jeff Schaller
Dec 18 at 15:41
1
also, compare the/etc/sudoers
files (including/etc/sudoers.d/*
), keeping an eye out for anyrequiretty
or!requiretty
differences. Perhaps server3 has been configured to allow sudo without requiring atty
, and server1 has not. One way to test would be to modify the server 1 command fromssh -vvv user@server1 ...
tossh -t -vvv user@server1...
. The-t
option will force the allocation of a tty. If sudo works doing that, then it's a tty requirement stuffing you up.
– Tim Kennedy
Dec 18 at 15:44
errexit is off (command is successful anyway).requiretty
is commented out in the sudoers file andsudoers.d
directory is empty.
– Bibz
Dec 18 at 15:53
I tried adding thessh -t ...
and I have the same issue.
– Bibz
Dec 20 at 14:13
add a comment |
I have two servers running the same version of RedHat 6.4, however one of them behaves differently when I run remote sudo
commands through SSH on it. On server1, the connection is automatically closed after a successful sudo
command, but on server3, the connection is kept open.
Note that for these tests the sudo
user had the NOPASSWD flag so no prompt is asked. As far as I know, all configurations on these servers are the same (they were cloned).
I tested using this:
ssh -vvv user@server1 << EOF
sudo ls -l /home/
ls -l /home/
pwd
EOF
If I run this on server1 I get a single file listing.
debug3: Wrote 32 bytes for a total of 1621
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
Running without the sudo
command on the same server I get my two file listing and the pwd
result
ssh -vvv user@server1 << EOF
ls -l /home/
ls -l /home/
pwd
EOF
Result:
debug3: Wrote 32 bytes for a total of 1605
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
/home/user
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
However, running the script with the sudo
command on server3 I get the result of all 3 commands like the previous test. I compared the output of the ssh -vvv
logs from both servers (1 and 3) and everything seems the same except for a debug line in a different order when the connection is closed (see client_input...
line).
server1 (same with or without sudo
)
[command results]
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
server3
[command results]
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd close
I would like to know how to fix server1 so that the connection isn't automatically closed so that my script can execute completely when including sudo
commands.
ssh rhel sudo
I have two servers running the same version of RedHat 6.4, however one of them behaves differently when I run remote sudo
commands through SSH on it. On server1, the connection is automatically closed after a successful sudo
command, but on server3, the connection is kept open.
Note that for these tests the sudo
user had the NOPASSWD flag so no prompt is asked. As far as I know, all configurations on these servers are the same (they were cloned).
I tested using this:
ssh -vvv user@server1 << EOF
sudo ls -l /home/
ls -l /home/
pwd
EOF
If I run this on server1 I get a single file listing.
debug3: Wrote 32 bytes for a total of 1621
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
Running without the sudo
command on the same server I get my two file listing and the pwd
result
ssh -vvv user@server1 << EOF
ls -l /home/
ls -l /home/
pwd
EOF
Result:
debug3: Wrote 32 bytes for a total of 1605
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
total 40
drwxr-xr-x. 5 user user 4096 Apr 26 2013 user
/home/user
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
However, running the script with the sudo
command on server3 I get the result of all 3 commands like the previous test. I compared the output of the ssh -vvv
logs from both servers (1 and 3) and everything seems the same except for a debug line in a different order when the connection is closed (see client_input...
line).
server1 (same with or without sudo
)
[command results]
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
server3
[command results]
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd close
I would like to know how to fix server1 so that the connection isn't automatically closed so that my script can execute completely when including sudo
commands.
ssh rhel sudo
ssh rhel sudo
edited Dec 18 at 15:45
Rui F Ribeiro
39k1479129
39k1479129
asked Dec 18 at 15:35
Bibz
1209
1209
I wonder if errexit is being set?
– Jeff Schaller
Dec 18 at 15:41
1
also, compare the/etc/sudoers
files (including/etc/sudoers.d/*
), keeping an eye out for anyrequiretty
or!requiretty
differences. Perhaps server3 has been configured to allow sudo without requiring atty
, and server1 has not. One way to test would be to modify the server 1 command fromssh -vvv user@server1 ...
tossh -t -vvv user@server1...
. The-t
option will force the allocation of a tty. If sudo works doing that, then it's a tty requirement stuffing you up.
– Tim Kennedy
Dec 18 at 15:44
errexit is off (command is successful anyway).requiretty
is commented out in the sudoers file andsudoers.d
directory is empty.
– Bibz
Dec 18 at 15:53
I tried adding thessh -t ...
and I have the same issue.
– Bibz
Dec 20 at 14:13
add a comment |
I wonder if errexit is being set?
– Jeff Schaller
Dec 18 at 15:41
1
also, compare the/etc/sudoers
files (including/etc/sudoers.d/*
), keeping an eye out for anyrequiretty
or!requiretty
differences. Perhaps server3 has been configured to allow sudo without requiring atty
, and server1 has not. One way to test would be to modify the server 1 command fromssh -vvv user@server1 ...
tossh -t -vvv user@server1...
. The-t
option will force the allocation of a tty. If sudo works doing that, then it's a tty requirement stuffing you up.
– Tim Kennedy
Dec 18 at 15:44
errexit is off (command is successful anyway).requiretty
is commented out in the sudoers file andsudoers.d
directory is empty.
– Bibz
Dec 18 at 15:53
I tried adding thessh -t ...
and I have the same issue.
– Bibz
Dec 20 at 14:13
I wonder if errexit is being set?
– Jeff Schaller
Dec 18 at 15:41
I wonder if errexit is being set?
– Jeff Schaller
Dec 18 at 15:41
1
1
also, compare the
/etc/sudoers
files (including /etc/sudoers.d/*
), keeping an eye out for any requiretty
or !requiretty
differences. Perhaps server3 has been configured to allow sudo without requiring a tty
, and server1 has not. One way to test would be to modify the server 1 command from ssh -vvv user@server1 ...
to ssh -t -vvv user@server1...
. The -t
option will force the allocation of a tty. If sudo works doing that, then it's a tty requirement stuffing you up.– Tim Kennedy
Dec 18 at 15:44
also, compare the
/etc/sudoers
files (including /etc/sudoers.d/*
), keeping an eye out for any requiretty
or !requiretty
differences. Perhaps server3 has been configured to allow sudo without requiring a tty
, and server1 has not. One way to test would be to modify the server 1 command from ssh -vvv user@server1 ...
to ssh -t -vvv user@server1...
. The -t
option will force the allocation of a tty. If sudo works doing that, then it's a tty requirement stuffing you up.– Tim Kennedy
Dec 18 at 15:44
errexit is off (command is successful anyway).
requiretty
is commented out in the sudoers file and sudoers.d
directory is empty.– Bibz
Dec 18 at 15:53
errexit is off (command is successful anyway).
requiretty
is commented out in the sudoers file and sudoers.d
directory is empty.– Bibz
Dec 18 at 15:53
I tried adding the
ssh -t ...
and I have the same issue.– Bibz
Dec 20 at 14:13
I tried adding the
ssh -t ...
and I have the same issue.– Bibz
Dec 20 at 14:13
add a comment |
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f489711%2fssh-connection-getting-closed-automatically-after-a-sudo-command%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f489711%2fssh-connection-getting-closed-automatically-after-a-sudo-command%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I wonder if errexit is being set?
– Jeff Schaller
Dec 18 at 15:41
1
also, compare the
/etc/sudoers
files (including/etc/sudoers.d/*
), keeping an eye out for anyrequiretty
or!requiretty
differences. Perhaps server3 has been configured to allow sudo without requiring atty
, and server1 has not. One way to test would be to modify the server 1 command fromssh -vvv user@server1 ...
tossh -t -vvv user@server1...
. The-t
option will force the allocation of a tty. If sudo works doing that, then it's a tty requirement stuffing you up.– Tim Kennedy
Dec 18 at 15:44
errexit is off (command is successful anyway).
requiretty
is commented out in the sudoers file andsudoers.d
directory is empty.– Bibz
Dec 18 at 15:53
I tried adding the
ssh -t ...
and I have the same issue.– Bibz
Dec 20 at 14:13