When your Linux server abruptly terminates connections right after successful SSH authentication, this typically indicates either a shell configuration issue or a forced termination by system scripts. Let's analyze the specific symptoms from the error log:
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: Exit status 254
First, verify if the user's shell is properly configured. Try forcing a different shell during SSH login:
ssh user@server -t /bin/sh
If this works, examine the user's default shell in /etc/passwd:
grep ^username /etc/passwd
username:x:1000:1000::/home/username:/bin/bash
Several system files could force immediate logout:
- /etc/profile
- ~/.bash_profile
- ~/.bash_logout
- /etc/bash.bash_logout
Inspect these files for any exit commands or abnormal configurations. Temporarily rename them to test:
mv ~/.bash_logout ~/.bash_logout.bak
The Pluggable Authentication Modules (PAM) configuration might be causing premature termination. Check these files:
/etc/pam.d/sshd
/etc/pam.d/login
Look for unusual modules or exit conditions. A common culprit is the pam_limits.so module with restrictive settings.
Create a test user with minimal configuration:
useradd testuser -m -s /bin/bash
passwd testuser
Attempt SSH login as this user. If successful, compare environment variables between users:
env | sort > /tmp/testuser_env
Examine the SSH daemon configuration in /etc/ssh/sshd_config for these directives:
UsePAM yes
ForceCommand
AcceptEnv
Subsystem
Temporarily set LogLevel DEBUG3 in sshd_config for more verbose logging.
When all else fails, attach strace to the SSH process:
strace -f -p $(pgrep sshd) -o /tmp/sshd_strace.log
Look for abnormal process termination or permission errors in the output.
If console access is available, reboot into single-user mode:
init 1
Then check for corrupted filesystems or missing libraries:
fsck -y /dev/sda1
ldd /bin/bash
Based on the exit status 254, this typically indicates a shell initialization error. Try these corrective actions:
chsh -s /bin/bash username
rm -f ~/.bashrc ~/.profile
cp /etc/skel/.bashrc ~/
Then verify with:
ssh -v user@server "env; echo Test successful"
When your SSH session terminates immediately after authentication with exit status 254, this typically indicates a forced logout triggered by system configuration. Let's examine the key diagnostic indicators from your debug output:
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: Exit status 254
First check these essential configuration files that control shell behavior:
/etc/passwd
/etc/profile
/etc/bash.bashrc
~/.bashrc
~/.bash_profile
~/.profile
/etc/ssh/sshd_config
To test if shell initialization is causing the disconnect, try forcing a non-interactive shell:
ssh user@server /bin/true
If this works, the issue lies in your interactive shell configuration. Temporarily rename your personal initialization files:
mv ~/.bashrc ~/.bashrc.bak
mv ~/.profile ~/.profile.bak
The Pluggable Authentication Modules system might be enforcing restrictions. Check these key files:
/etc/pam.d/sshd
/etc/pam.d/common-auth
/etc/pam.d/common-session
Look for lines containing:
pam_limits.so
pam_env.so
pam_motd.so
Verify your SSH server configuration for forced command execution:
grep -i "ForceCommand" /etc/ssh/sshd_config
grep -i "AcceptEnv" /etc/ssh/sshd_config
Incorrect environment variables can cause immediate termination. Check with:
ssh user@server env
Compare this output with a working local session.
Ensure the user's shell exists and is executable:
grep ^username /etc/passwd
ls -la $(which bash)
As an emergency access method, you can force a specific shell:
ssh -t user@server /bin/bash --norc
Or for root access if permitted:
ssh -t root@server /bin/bash --noprofile
Once you regain access, thoroughly audit these areas:
- User's home directory permissions (should be 755)
- Shell initialization file syntax
- PAM module dependencies
- SSH authorized_keys command restrictions
Example fix for common permission issues:
chmod 755 ~
chmod 644 ~/.bashrc
chmod 600 ~/.ssh/authorized_keys