You are not logged in.
Done a bit of googling with this, haven't found a solution. I've been trying to connect to a server for a bit now to get to a few backups, and none of the normal tools are working. I've added sshd to hosts.allow, sshd is running, and scp/ssh programs (putty and winscp) are working fine under Windows. Yet I can't connect in Arch. Relevant info:
ssh -v output
OpenSSH_5.7p1, OpenSSL 1.0.0c 2 Dec 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to foo.host.com [85.17.5.145] port 22.
debug1: Connection established.
debug1: identity file /home/foo/.ssh/id_rsa type -1
debug1: identity file /home/foo/.ssh/id_rsa-cert type -1
debug1: identity file /home/foo/.ssh/id_dsa type -1
debug1: identity file /home/foo/.ssh/id_dsa-cert type -1
debug1: identity file /home/foo/.ssh/id_ecdsa type -1
debug1: identity file /home/foo/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5
debug1: match: OpenSSH_5.1p1 Debian-5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.7
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Connection reset by peer
Offline
Check the logs on the server.
Offline
Check the logs on the server.
I can only access it by ssh...
Offline
Please help, I need to access a backup sometime soon. I'm not sure what other logs I need to provide, and I can't get anything from the server.
Offline
Hello, I've been attempting to fix this without luck for the last week. With the help of #openssh, I've determined that I cannot connect to any hosts with ssh. However, telnet connects and I have no firewall running. I would be most appreciative of any suggestions.
Offline
There's not much to SSH. The only thing that i can think of is your /etc/ssh/ssh_config, did you doublecheck that?
hosts.allow/deny is not needed or of influence here, that would only apply to other machines connecting to your machine.
Have you tried with/without keyfile, as user/root etc?
ᶘ ᵒᴥᵒᶅ
Offline
I've tried moving /etc/ssh/ssh_config to ssh_config.old to generate a new config, no change. Before this, I never touched ssh_config and everything worked. I've tried as root, my user, and a newly made user with no files in its home dir. The only thing I haven't tried is keyfiles, but I need to be able to access the server to set those up.
Last edited by soupcan (2011-02-11 21:02:22)
Offline
I've tried moving /etc/ssh/ssh_config to ssh_config.old to generate a new config, no change. Before this, I never touched ssh_config and everything worked. I've tried as root, my user, and a newly made user with no files in its home dir. The only thing I haven't tried is keyfiles, but I need to be able to access the server to set those up.
You said that you couldn't connect to any host, so maybe you could try connecting to a different host wihout keyfile?
Edit: my bad, you weren't using a keyfile in the first place.
Last edited by litemotiv (2011-02-11 21:08:28)
ᶘ ᵒᴥᵒᶅ
Offline
soupcan wrote:I've tried moving /etc/ssh/ssh_config to ssh_config.old to generate a new config, no change. Before this, I never touched ssh_config and everything worked. I've tried as root, my user, and a newly made user with no files in its home dir. The only thing I haven't tried is keyfiles, but I need to be able to access the server to set those up.
You said that you couldn't connect to any host, so maybe you could try connecting to a different host wihout keyfile?
Edit: my bad, you weren't using a keyfile in the first place.
I never even get the option to enter a password anyway, so I feel like keyfiles wouldn't have fixed anything. Not really a loss.
Last edited by soupcan (2011-02-11 21:32:29)
Offline
Try disabling tcp checksum offloading with ethtool.
/usr/bin/drinking
Offline
Hi guys,
I'm really thinking it is an Arch Linux bug.
I have a router (WiFi AP) and three devices connected: one computer with bleeding edge arch (1), one with almost one year old arch (2) and a android cellphone (3). So, everything is using the same external IP.
When I try to connect to a server using SSH, (1) has the same problem described by soupcan, (2) and (3) connects perfectly. (1) does not have network problem, since I can connect to the server by VNC, for example. I also tried SSH at the same port of VNC to exclude firewall problems, but the problem remains.
Offline
In case you feel like helping solve this issue: http://bugs.archlinux.org/task/22897
Offline
Issue reproduced here, but against Ronis_BR's server only - my own is working fine, with 5.8 client connecting to 5.6 server.
Have either of you run your server in debug mode while these connections are attempted? A comparison of the outputs for 5.6->5.6 and 5.8->5.6 might be useful.
Offline
Hi,
I have a problem connecting to HP iLO with current version: openssh 5.8p1.
I have compiled 5.6p1 5.7p1 and 5.8p1 with no any options passed to ./configure but prefix. Here is the result:
[13:04][xxxxxx@zzzzzz opt]$ ./openssh-5.8p1/bin/ssh -v yyyyyy
OpenSSH_5.8p1, OpenSSL 1.0.0d 8 Feb 2011
debug1: Reading configuration data /opt/openssh-5.8p1/etc/ssh_config
debug1: Connecting to yyyyyy [1.2.3.4] port 22.
debug1: Connection established.
debug1: identity file /home/xxxxxx/.ssh/id_rsa type -1
debug1: identity file /home/xxxxxx/.ssh/id_rsa-cert type -1
debug1: identity file /home/xxxxxx/.ssh/id_dsa type 2
debug1: identity file /home/xxxxxx/.ssh/id_dsa-cert type -1
debug1: identity file /home/xxxxxx/.ssh/id_ecdsa type -1
debug1: identity file /home/xxxxxx/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version mpSSH_0.1.0
debug1: no match: mpSSH_0.1.0
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
Received disconnect from 1.2.3.4: 2: Client Disconnect
[13:05][xxxxxx@zzzzzz opt]$
[13:05][xxxxxx@zzzzzz opt]$
[13:05][xxxxxx@zzzzzz opt]$
[13:05][xxxxxx@zzzzzz opt]$
[13:05][xxxxxx@zzzzzz opt]$ ./openssh-5.7p1/bin/ssh -v yyyyyy
OpenSSH_5.7p1, OpenSSL 1.0.0d 8 Feb 2011
debug1: Reading configuration data /opt/openssh-5.7p1/etc/ssh_config
debug1: Connecting to yyyyyy [1.2.3.4] port 22.
debug1: Connection established.
debug1: identity file /home/xxxxxx/.ssh/id_rsa type -1
debug1: identity file /home/xxxxxx/.ssh/id_rsa-cert type -1
debug1: identity file /home/xxxxxx/.ssh/id_dsa type 2
debug1: identity file /home/xxxxxx/.ssh/id_dsa-cert type -1
debug1: identity file /home/xxxxxx/.ssh/id_ecdsa type -1
debug1: identity file /home/xxxxxx/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version mpSSH_0.1.0
debug1: no match: mpSSH_0.1.0
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.7
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
Received disconnect from 1.2.3.4: 2: Client Disconnect
[13:05][xxxxxx@zzzzzz opt]$
[13:05][xxxxxx@zzzzzz opt]$
[13:05][xxxxxx@zzzzzz opt]$ ./openssh-5.6p1/bin/ssh -v yyyyyy
OpenSSH_5.6p1, OpenSSL 1.0.0d 8 Feb 2011
debug1: Reading configuration data /opt/openssh-5.6p1/etc/ssh_config
debug1: Connecting to yyyyyy [1.2.3.4] port 22.
debug1: Connection established.
debug1: identity file /home/xxxxxx/.ssh/id_rsa type -1
debug1: identity file /home/xxxxxx/.ssh/id_rsa-cert type -1
debug1: identity file /home/xxxxxx/.ssh/id_dsa type 2
debug1: identity file /home/xxxxxx/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version mpSSH_0.1.0
debug1: no match: mpSSH_0.1.0
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host 'yyyyyy' is known and matches the RSA host key.
debug1: Found key in /home/xxxxxx/.ssh/known_hosts:68
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: password,publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/xxxxxx/.ssh/id_rsa
debug1: Offering DSA public key: /home/xxxxxx/.ssh/id_dsa
debug1: Authentications that can continue: password,publickey
debug1: Next authentication method: password
xxxxxx@yyyyyy's password:
As you can view - I have success only with openssh 5.6p1
Is there any configuration option that I can try to solve the issue?
Offline
I'm no longer having this issue, it seems to have been resolved by a recent update. I'm going to try and determine which one it was.
Offline
I still have the problem, so if you know what solved it post it, please.
Offline
I was also affected by this issue. This fixed it: https://bugs.archlinux.org/task/22897#comment72694
My logs:
client: http://pastebin.com/T1tYGbDL
server: http://pastebin.com/nUXDJfSj
Offline
A better way of fixing this seems to be https://bugs.archlinux.org/task/22897#comment73361
Offline
Allthough the I started to had the problem when the update of openssh, it seems my problem was other. I had to enable clamp mss to the mtu in shorewall. I had several tcpdumps running, and in my case I had a lot of incorrect checkums. This was likely the source of my problem. The curious thing is that I never had to enable this before.
Offline
Someone affected by this issue, have you tried a complete reinstall of openssh? I mean remove the pkg, /etc/ssh, ~/.ssh; and then install openssh again, regenerating the keys. I am asking, because I am still failing to reproduce this problem (x86_64 arch laptop w/ ssh 5.8 -> x86 arch desktop w/ ssh 5.8; RHEL 4 -> same arch desktop). My /etc/ssh_config's are default and ~/.ssh/config is:
Compression yes
LogLevel DEBUG1
Arch Linux is more than just GNU/Linux -- it's an adventure
pkill -9 systemd
Offline