I've reinstalled the QNX RTOS 6.5.0 on virtualbox of which I was able to ssh into using the following command: ssh root#127.0.0.1 -p 3022. The network settings inside my VirtualBox environment is set to NAT, and port forwarding set to:
When attempting to connect with -vvv flags:
$ ssh -vvv root#127.0.0.1 -p 3022
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /home/main/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "127.0.0.1" port 3022
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 3022.
debug1: Connection established.
debug1: identity file /home/main/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/main/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/main/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/main/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/main/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/main/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/main/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/main/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
ssh_exchange_identification: Connection closed by remote host
On QNX I have the following options modified in /etc/ssh/sshd_config:
PermitRootLogin yes
PermitEmptyPasswords yes
Subsystem sftpd /usr/libexec/sftp-server
I am also able to ssh into my laptop via the vm, however not the other way around. I also tried ssh'ing into my laptop which works, then ssh'ing back into the vm in the same vm session and am presented with the same error.
Solved. The solution was to generate new rsa and dsa keys with:
random -t
ssh-keygen -t rsa -f /etc/ssh/ssh_host_key -b 1024
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
and then add sshd to the /etc/group list: sshd:x:6:root
then re-run sshd: /usr/sbin/sshd
source: How do you install an ssh server on qnx?
To extend on the above sourced solution, I found that on reboot I was no longer able to ssh into the VM. This was solved by going into /etc/rc.d/ and adding the line /usr/sbin/sshd to the rc.local file.
Related
I'm trying to connect to an AWS server with SSH. But for some reason I can't. When I run below:
ssh -i <keypair.pem> ec2-user#<ip> -vvv
I get:
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "<ip>" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to <ip> [<ip>] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file <keypair.pem> type -1
debug1: key_load_public: No such file or directory
debug1: identity file <keypair.pem>-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4
I'm guessing this is a router ip ban configuration problem? What can I do?
Check the permissions and contents of your remote .ssh directory. Do have your public key in the authorized_keys file? See the following links
https://en.wikibooks.org/wiki/OpenSSH/Logging_and_Troubleshooting
http://www.oracle.com/technetwork/systems/unix/ssh-auth-keys-jsp-135687.html
https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server
Until recently I was able to SSH into my Vagrant machine without any problems. Now however:
$ ssh -vvv vagrant#127.0.0.1 -p 2222
OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "127.0.0.1" port 2222
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 2222.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
ssh_exchange_identification: read: Connection reset by peer
I checked /etc/hosts.allow and /etc/hosts.deny in the guest. Nothing there. I'm almost sure this has something to do with someone rewriting the contents of /etc/resolv.conf. The contents are now:
nameserver 8.8.8.8
nameserver 8.8.4.4
The network seems to be fine on the host where I can ping google.com, but not on the guest, where I can't. But SSH to the Vagrant machine is no longer working. Any ideas?
The answer is not at all what I expected. In VirtualBox Settings > Network > Adapter 1 the Cable Connected option was disabled. After enabling it everything went back to normal.
Asking for help. I install a virtualbox in my macbook, but can not connect to my ubuntu in virtualbox by ssh.
System is MacOS Sierra,ubuntu in virtualbox is ubuntu16.04. I use port-forwarding to make port 2233 in mac mapping port 22 in ubuntu.
The log is below.
zhouyajingdeMacBook-Pro:~ yarkeezhou$ ssh -v -p 2233 -i ~/.ssh/id_rsa yarkee#127.0.0.1
OpenSSH_7.3p1, LibreSSL 2.4.1
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 2233.
debug1: Connection established.
debug1: identity file /Users/yarkeezhou/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/yarkeezhou/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 127.0.0.1:2233 as 'yarkee'
debug1: SSH2_MSG_KEXINIT sent
Connection closed by 127.0.0.1 port 2233
I figure out it. Ubuntu missed the ssh key. fix then by
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
I am trying to login to my server through a bastion host and my configuration file is like this:
Host 10.10.10.1
User ec2-user
ProxyCommand ssh -W %h:%p xxx.xxx.xxx.xxx
IdentityFile key.pem
Host xxx.xxx.xxx.xxx
User ec2-user
IdentityFile key.pem
ForwardAgent yes
It works fine if I save this configuration in to ~/.ssh with name "config",which is the default configuration file of ssh. I can login with "ssh -v 10.10.10.1" and the debuglog is like:
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data ~/.ssh/config
debug1: /Users/twer/.ssh/config line 2: Applying options for 10.10.10.1
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Executing proxy command: exec ssh -W 10.10.10.1:22 xxx.xxx.xxx.xxx
debug1: permanently_drop_suid: 501
debug1: key_load_public: No such file or directory
debug1: identity file key.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file key.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to 10.10.10.1:22 as 'ec2-user'
...
But if I save the configuration somewhere else(delete the config in ~/.ssh) and login with "ssh -v -F ~/mysshconfig 10.10.10.1", It failed. the debug log is :
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data ansible-ssh.conf
debug1: ansible-ssh.conf line 1: Applying options for 10.10.10.1
debug1: Executing proxy command: exec ssh -W 10.10.10.1:22 xxx.xxx.xxx.xxx
debug1: permanently_drop_suid: 501
debug1: key_load_public: No such file or directory
debug1: identity file key.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file key.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
Permission denied (publickey).
Since I want to use ansible, I need to specify a sshconfig with this "-F" option.
Finally I figured out that I should also specify the configuration file in the ProxyCommand since it is not a default one. The configuration should be like this:
Host 10.10.10.1
User ec2-user
ProxyCommand ssh ssh -F mysshconfig -W %h:%p xxx.xxx.xxx.xxx
IdentityFile key.pem
Host xxx.xxx.xxx.xxx
User ec2-user
IdentityFile key.pem
ForwardAgent yes
Since your config file is in a different location, the relative path to the key file no longer points to the same place, so you're getting "no such file" errors when ssh tries to read your key file.
Use an absolute path instead: change key.pem to ~/.ssh/key.pem.
My goal is to copy files programatically from remote server to local computer. Both running Windows with Cygwin (server) and computer Cygwin 64.
Before I create rsa or dsa keys I can copy files by entering Password
But after creation of these files, I have "connection closed by remote host. lost connection" error
I gave following rights: "chmod 600 .ssh/id_rsa" (on local computer) and chmod 600 ".ssh/authorized_keys2". What is the problem who can answer to me?
$ ssh login#hiddenhost
Connection to hiddenhost closed by remote host.
Connection to hiddenhost closed.
PC003370+procserver#ATMPROCSERVER ~
$ ssh -v login#hiddenhost
OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to hiddenhost [hiddenhost] port 22.
debug1: Connection established.
debug1: identity file /home/procserver/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/procserver/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.1
debug1: match: OpenSSH_7.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to hiddenhost:22 as 'login'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256#libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit
> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit
> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:TS6tXfpxXyW/KeIWFnvxCsmEhHy8
8NyoBA3DdOHzjFw
debug1: Host 'hiddenhost' is known and matches the ECDSA host key.
debug1: Found key in /home/procserver/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interacti
ve
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/procserver/.ssh/id_rsa
debug1: Authentication succeeded (publickey).
Authenticated to hiddenhost ([hiddenhost]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: channel 0: free: client-session, nchannels 1
Connection to hiddenhost closed by remote host.
Connection to hiddenhost closed.
Transferred: sent 1944, received 1312 bytes, in 0.0 seconds
Bytes per second: sent 647995.5, received 437330.3
debug1: Exit status -1
PC003370+procserver#ATMPROCSERVER ~
$
HURRAY!!!!
We found a solution.
All the reason was in owning /var/empty/ folder. We tried to start server in debuggin mode... and then found this article:
"
If you are debugging a SSH connection, you may need to run sshd by hand (instead of as a service) and enable debugging output. Doing so allows you to track exactly why a connection is failing to establish. However, if you try to run sshd by hand, you may get the following message.
% cygrunsrv.exe --stop sshd
% /usr/sbin/sshd.exe -D
Could not load host key: /etc/ssh_host_ecdsa_key
/var/empty must be owned by root and not group or world-writable.
To fix this, make the user starting the sshd service the owner of /var/empty.
% ls -ld /var/empty
drwxr-xr-x+ 1 cyg_server root 0 May 7 2010 empty
% chown /var/empty
Now, start sshd again.
% /usr/sbin/sshd.exe -D
When you are done debugging and are ready to run sshd again as a service, change the owner of /var/empty to cyg_server.
% chown cyg_server /var/empty
% cygrunsrv.exe --start sshd
Note: you must have administrator privileges to run
"
I've got the same problem. The root cause is directory /var/empty is not the correct owner, so i've done this:
chown $uid.$gid /var/empty
The problem is fixed.
Here's what fixed the issue for me.
Run sshd in debug mode using below command
/usr/sbin/sshd.exe -D -dd
This gave me the below warnings
> $ /usr/sbin/sshd.exe -D -dd debug2: load_server_config: filename
> /etc/sshd_config debug2: load_server_config: done config len = 285
> debug2: parse_server_config: config /etc/sshd_config len 285 debug1:
> sshd version OpenSSH_7.5, OpenSSL 1.0.2k 26 Jan 2017
> ########################################################### #
> WARNING: UNPROTECTED PRIVATE KEY FILE! #
> ###########################################################
> Permissions 0770 for '/etc/ssh_host_rsa_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_rsa_key
> ########################################################### #
> WARNING: UNPROTECTED PRIVATE KEY FILE! #
> ###########################################################
> Permissions 0770 for '/etc/ssh_host_dsa_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_dsa_key
> ########################################################### #
> WARNING: UNPROTECTED PRIVATE KEY FILE! #
> ###########################################################
> Permissions 0770 for '/etc/ssh_host_ecdsa_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_ecdsa_key
> ########################################################### #
> WARNING: UNPROTECTED PRIVATE KEY FILE! #
> ###########################################################
> Permissions 0770 for '/etc/ssh_host_ed25519_key' are too open. It is
> required that your private key files are NOT accessible by others.
> This private key will be ignored. key_load_private: bad permissions
> Could not load host key: /etc/ssh_host_ed25519_key sshd: no hostkeys
> available -- exiting.
So I changed the permissions of the above files to 600
$ chmod 0600 /etc/ssh_host*
Then the debug command again.
SHA256:4yqAb/GiMfMJPmIXfKz+Zw4fWOCVN7E6vUDHEtokdHk
/var/empty must be owned by root and not group or world-writable.
Then change the permission of this folder to 600.
$ chmod 600 /var/empty
This fixed the issue.