Tag Archives: ssh

Citrix, NetScaler

NetScaler SSH or SFTP Management Access Not Working – SSH Daemon Not Running

Sometimes, especially when NetScaler appliance has been upgraded from previous much older version, could happen that ssh daemon won’t start anymore. This leads to the issue, that you can’t connect to NetScaler management console via SSH or SFTP anymore. Troublehooting this, log in to the NetScaler virtual appliance console from hypervisor or if physical appliance using console port and go to NetScaler Shell. Let’s see if sshd is running or not;

Run: root@NSVPX01# ps ax | grep sshd

If daemon is running, you’ll see ( my example):

5889 ?? Is 0:00.01 /usr/sbin/sshd -f /etc/sshd_config
5910 ?? Ss 0:00.10 sshd: nsroot@pts/0 (sshd)
5931 ?? Ss 0:20.92 sshd: nsroot@notty (sshd)

But, if you can’t see it running, let’s start to troubleshoot it…

Let’s try to start sshd:

Run: root@NSVPX01# /usr/sbin/sshd –f /etc/sshd_config

In my case I got an error (yours might be different, but sshd config file still could be faulty):

/etc/ssh/sshd_config line 10: Deprecated option UsePrivilegeSeparation

So, I need to edit ssh daemon configuration file in etc/sshd_config, because of NetScaler and not normal Linux OS, we have to use lovely VI editor 🙂

Run: root@NSVPX01# cd /etc/
Run: root@NSVPX01# vi sshd_config

In my case I commented out line: “UsePrivilegeSeparation no” to “#UsePrivilegeSeparation” because The UsePrivilegeSeparation is no longer supported (recent SSHD always runs
with previlege separation), so I removed this option from the default config and saved configuration file.

Then let’s try to start ssh daemon again:

Run: root@NSVPX01# /usr/sbin/sshd –f /etc/sshd_config

And sshd started succesfully!

This was just quick tour to quide troubleshooting SSH Daemon errors 🙂

Btw, if you are looking for those ultimate nasty VI Editor commands, take a look this link: https://www.guru99.com/the-vi-editor.html

Views: 208

Read More