All Products
Search
Document Center

The error while loading shared libraries error occurs when you start the SSH service.

Last Updated: Sep 21, 2020

Disclaimer: This article may contain information about third-party products. Such information is for reference only. Alibaba Cloud does not make any guarantee, express or implied, with respect to the performance and reliability of third-party products, as well as potential impacts of operations on the products.

 

Problem description

This article describes the error messages similar to the following in command line or secure log files when the SSH service is started on a Linux ECS instance.

  • Error while loading shared libraries: libcrypto. so.10: cannot open shared object file: No such file or directory.
  • PAM unable to dlopen (/usr/lib64/security/pam_tally.so):/usr/lib64/security/pam_tally.so: cannot open shared object file: No such file or directory.

 

Causes

The operation of SSH service depends on the relevant system library files. This problem is usually caused by exceptions in related library files, such as file loss or permission configuration exceptions.

 

Solution

This article uses the libcrypto. so.10 library file exception as an example to describe how to handle other library files in a similar way.

 

View information about related library files

  1. Log on to a normal server and run the following command to view the libcrypto. so.10 file.
    Ll/usr/lib64/libcrypto. so.10
    A similar output is displayed, indicating that the libcrypto. so.10 library file is a soft link of the libcrypto. so.1.0.1e library file.
    lrwxrwxrwx. 1 root root 19 Jan 8 12:40 /usr/lib64/libcrypto.so.10 -> libcrypto.so.1.0.1e
  2. Run the following command to view the libcrypto. so.1.0.1e file.
    ll /usr/lib64/libcrypto.so.1.0.1e
    A similar output is displayed.
    -rwxr-xr-x. 1 root root 1965856 Jan 8 03:22 /usr/lib64/libcrypto.so.1.0.1e
  3. Record the path, permissions, group, and other information of normal library files, and then try to handle it by referring to the following method.

 

Search for and replace files

You can perform the following steps to check whether there are other valid library files in the system.

  1. Log on to an ECS instance. For more information about how to log on to an ECS instance, seeConnect to a Linux instance by using a management Terminal.
  2. Run the following command to find the libcrypto. so.1.0.1e file.
    Find/-name libcrypto. so.1.0.1e
  3. Run the following command to copy the files found to a normal Directory.
    cp [$File] /usr/lib64/libcrypto.so.1.0.1e
    Note: [$ File] is the absolute path of the libcrypto. so.1.0.1e library File found in the previous step.
  4. Run the following commands in sequence to modify file permissions, owner, and group.
    chmod 755 /usr/lib64/libcrypto.so.1.0.1e
    chown root:root /usr/lib64/libcrypto.so.1.0.1e
  5. Run the following command to create a soft link:
    ln -s /usr/lib64/libcrypto.so.1.0.1e /usr/lib64/libcrypto.so.10
  6. Run the following command to start FTP:
    service sshd start

 

External file Upload

If you have not found a valid libcrypto. so.1.0.1e library file by following the preceding steps. However, the FTP service in the system runs normally, you can upload the normal libcrypto. so.1.0.1e file to the server by following these steps and try to restore the service.

  1. Use FTP to upload the libcrypto. so.1.0.1e library files from other normal servers to/TmpDirectory.
    Tips: Upload to the Directory of the target server based on the actual environment./TmpDirectory as an example.
  2. Run the following command to copy the file to a normal Directory.
    cp /tmp/libcrypto.so.1.0.1e /usr/lib64/libcrypto.so.1.0.1e
  3. Run the following commands in sequence to modify file permissions, owner, and group.
    chmod 755 /usr/lib64/libcrypto.so.1.0.1e
    chown root:root /usr/lib64/libcrypto.so.1.0.1e
  4. Run the following command to create a soft link:
    ln -s /usr/lib64/libcrypto.so.1.0.1e /usr/lib64/libcrypto.so.10
  5. Run the following command to start FTP:
    service sshd start

 

Restore a disk by rolling back the disk

If none of the preceding methods are successful, you must roll back the historical snapshots of the system disk. For more information about how to roll back a disk, seeRoll back a disk.

Note:

  • Snapshot rollback will cause data loss after Rollback. Please confirm before performing this operation.
  • We recommend that you roll back the snapshots one by one from near to far until the SSH service runs properly. If the SSH service cannot run normally after the rollback, it indicates that the system has encountered an exception at the corresponding time point.

 

References

If you have any questions, seeGuidelines for troubleshooting failed remote logon through SSH in Elastic Compute Service LinuxFurther troubleshooting and analysis.

 

Application scope

  • ECS