How can I find out what happened to my Debian box?

I have an old PC lying around which I’ve installed Debian 6.0 on. Last night I was trying to SSH in and it wouldn’t respond so I pressed the reset button. How can I find out what happened to it? It seems fine now.

Here is Solutions:

We have many solutions to this problem, But we recommend you to use the first solution because it is tested & true solution that will 100% work for you.

Solution 1

Assuming your computer is usually stable, check for hardware problems, especially with the RAM (i.e. install memtest86+ and choose memtest at the boot prompt), but also with disks (disk errors sometimes crash the filesystem code; install smartmontools and run smartctl -a /dev/sda). If the problem was gradual, you may find something in the kernel logs (/var/log/kern.log), but often the crash happens too brutally for anything to be written to the logs.

Solution 2

Reading the .1 logs is always a good place to start.

Use iptraf to see if your machine makes any suspisious connections (if someone got/has unauthorized access).

Run a rkhunter scan:
aptitude install rkhunter
rkhunter --update
rkhunter --check

And should it ever happen again, attach a monitor and see what the console says 🙂

Solution 3

By this –

How can I find out what happened to it?

I presume you want to know what happened during your failed attempt at SSH!

One place to look into will be /var/log. Something like grep -ir ssh /var/log/* should give you the SSH related log entries.

Note: Use and implement solution 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply