Using Debug Mode to Troubleshoot Reflection for Secure IT Windows Server

  • 7022016
  • 01-Feb-2008
  • 02-Mar-2018

Environment

Reflection for Secure IT Windows Server version 8.0 or higher

Situation

This technical note describes how to run the Reflection for Secure IT Windows Server in debug mode to gather details for troubleshooting problems.

Resolution

Running in Debug Mode—Best Practices

The following tips will help you create a debug log with information you can use to troubleshoot issues.

  • You must have administrative privileges to turn on debug mode on the server side.
  • To get the best results, run both the server and client in debug mode simultaneously. This way you can compare the debug output for both of them and better pinpoint your problem. This is especially helpful when troubleshooting authentication issues.

Attachmate technical support may require a debug log in order to troubleshoot your problem.

Starting Debug Mode

Use the method appropriate for the application you are running:

Reflection SSH Windows Server Version 7.x or Higher

For both SSH and SFTP, debug information can be collected in a text file, the Windows Event Viewer, or both. The data captured in each location is configured independently, allowing different logging levels to be used simultaneously.

Enable Logging to a Text File

Logging to a text file is disabled by default. To make changes:

  1. Windows Server 2012: Go to Apps > Attachmate Reflection > Reflection SSH Server Configuration.

Windows Server 2008: Click Start > All Programs > Attachmate Reflection > Reflection SSH Server Configuration.

Windows Server 2003: Click Start > Programs > Attachmate Reflection > Reflection SSH Server Configuration.

  1. Click the Configuration tab in the Reflection for Secure IT Server window.
  2. In the left pane, click Debug Logging.
  3. Check option “Enable debug logging to log file”.
  4. Select the preferred options. Each category provides increasing detail. The default configuration of Errors, Warnings, and Information will record file transfer events or login events. For troubleshooting, Protocol details log level is recommended. For full control of which events are recorded, click the Custom button.
  5. Use the Log file information options to configure log file rollover by file size or by time.
  6. Click File > Save Settings to retain the new settings for new connections. Existing connections will not be affected.

Logging to the Windows Event Viewer

Logging to the Windows Event Viewer is enabled by default to log events, errors and warnings. To make changes:

  1. Windows Server 2012: Go to Apps > Attachmate Reflection > Reflection SSH Server Configuration.

Windows Server 2008: Click Start > All Programs > Attachmate Reflection > Reflection SSH Server Configuration.

Windows Server 2003: Click Start > Programs > Attachmate Reflection > Reflection SSH Server Configuration.

  1. Click the Configuration tab in the Reflection for Secure IT Server window.
  2. In the left pane, click Event Logging.
  3. Select the preferred options. Each category provides increasing detail. For example, selecting Errors and Warnings will not record file transfer events or login events to the Windows Event Viewer. For troubleshooting, Protocol details level is recommended. For full control of which events are recorded, click the Custom button.
  4. Click File > Save Settings to retain the new settings for new connections. Existing connections will not be affected.

Running Debug from the Command Line

To run debug from the command line, follow these steps:

  1. At the server console, or as a remote administrator, log in to the server.
  2. Change to the "<Drive>:\Program Files\Attachmate\RSecureServer" directory.
  3. Stop the server:
rsshd -stop
  1. Start the debug receiver and the ssh service:
rsshd –start –d4

-d4 (level 4) is equivalent to enable Protocol details log level in Debug Logging pane.

Debug data will be saved to the following folder, depending on your server:

Windows Server 2012: <Drive>:\ProgramData\Attachmate\RSecureServer\Logs
Windows Server 2008: <Drive>:\ProgramData\Attachmate\RSecureServer\Logs
Windows Server 2003: <Drive>:\Documents and Settings\All Users\Application Data\Attachmate\RSecureServer\Logs
  1. Connect to the server using an ssh client to capture debug output to the terminal window or debug log file.
  2. Stop the server:
rsshd -stop
  1. Restart the server:
rsshd –start

More information regarding debug logging can be found in online help under Troubleshooting.

Reflection SSH Windows Server Version 6.1

The Application Event Viewer utility logs events on the Reflection SSH Windows Server. Follow the steps below to use and configure the Application Event Viewer.

If the event viewer does not provide the information you need to troubleshoot a problem, try Running Debug from the Command Line, described below.

Using the Application Event Viewer

To use the event viewer, follow these steps:

  1. Click Start > Programs > WRQ Reflection > SSH Server Configuration.
  2. In the right pane of the Server settings screen, click the View Event Log button.
  3. In the left pane under Event Viewer, click Application. In the right pane, click the Source column heading to sort by source.
  4. Scroll to the WRQ Reflection for Secure IT Server or WRQ Reflection for Secure IT SFTP Server entries. There will be Information, Warning, and Error messages.
  5. Double-click an entry to open the Event Properties dialog box and view specific information about the event.

Configuring the Application Event Viewer

You can configure which events are logged in the Reflection SSH Windows Server Configuration dialog box.

  1. Click Start > Programs > WRQ Reflection > SSH Server Configuration.
  2. In the left pane under Server Settings, click General.
  3. In the right pane in the Event log filter section, select the check boxes for the events you want logged: Errors, Warnings, and Information. By default, just errors and warnings are selected.
Selecting only Errors logs Errors, Warnings, and Information events.
Selecting only Warnings logs Warnings, and Information events.
Selecting only Information logs Information events.
  1. Click OK.

Running Debug from the Command Line

To run debug from the command line, follow these steps:

  1. At the server console, or as a remote administrator, log in to the server.
  2. Change to the "<Drive>:\Program Files\F-Secure\ssh server" directory.
  3. Stop the server:
fsshd2 -stop
  1. Start the debug receiver and the ssh service:
fsshd2 -d6

You can run debug at several levels. Level 1 (example: fsshd2 –d1) gives you very simple debug output, while level 9 provides very detailed debug output. Typically, level 6 is sufficient for troubleshooting most issues.

Note: The –p <port> option can be used to start the server in debug mode on a non-default port.

Output will be logged to the terminal window. To write the debug information to a file, issue the following command:

fsshd2 –d6 >debug-log.txt 2>&1

Output debug-log.txt is saved to the "<Drive>:\Program Files\F-Secure\ssh server" folder if no specific path is given.

  1. Connect to the server using an ssh client to capture debug output to the terminal window or debug log file.
  2. Use the keystroke Ctrl+c to exit debug.
  3. Restart the server:
fsshd2 -start

SFTP Server Version 6.1

You can view SFTP server events in the Application Event Viewer. Follow these steps to configure which sftp events are logged in the Reflection SSH Server Configuration dialog box.

  1. Click Start > Programs > WRQ Reflection > SSH Server Configuration.
  2. In the left pane under Server Settings, click SFTP Server.
  3. In the right pane in the Event log categories section, select the check boxes for the events you want logged: User login/logout, Uploads, Downloads, Directory listings, or Modifications. Both scp and sftp file transfers are logged.
  4. Click OK.

Additional Information

Legacy KB ID

This document was originally published as Attachmate Technical Note 2291.