I am trying to connect two servers with SSHFS.
As root, when launching the command sshfs myuser#ip_adress:/some/dir /other/dir -o idmap=user,identityfile=/home/myuser/.ssh/id_rsa, everything works.
However, when I set this SSHFS configuration in /etc/fstab and running mount -a, it hangs. The line in /etc/fstab is:
myuser#ip_adress:/some/dir /other/dir fuse.sshfs defaults,_netdev,IdentityFile=/home/myuser/.ssh/id_rsa 0 0
I have tried a lot of options but so far, nothing works.
By adding ssh_command=ssh\040-vv,sshfs_debug,debug in the /etc/fstab options and running mount -av, I have the following output:
executing <ssh> <-vvv> <-x> <-a> <-oClearAllForwardings=yes> <-oidentityfile=/home/myuser/.ssh/id_rsa> <-2> <myuser#ip_adress> <-s> <sftp>
OpenSSH_8.4p1 Debian-5, OpenSSL 1.1.1k 25 Mar 2021
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname ip_address is address
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/root/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/root/.ssh/known_hosts2'
debug2: ssh_connect_direct
debug1: Connecting to ip_address [ip_address] port 22.
debug1: Connection established.
I don't see why the SSH connection is hanging at this point.
Do you know what is the issue?
Thank you
So I found the issue: I was trying to mount the .ssh folder (which has the key to connect to the remote server).
I don't know exactly why it was working on the command line and not through fstab (may be something with the SSH agent) but mounting the folder used to connect to SSHFS caused the issue. I moved the SSH keys to another directory and then it worked like a charm.
Related
My centOS target machine has two network cards. nic0 is connected to a modem: I can ssh from Raspberry Pi4 to the centOS target using the external address of the modem (with the help of port forwarding on the modem.)
nic1 is connected to my local network. But when I try to ssh using the local address I get a timeout, like this:
OpenSSH_7.9p1 Raspbian-10+deb10u2+rpt1, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 192.168.8.2 [192.168.8.2] port 22.
debug1: Connection established.
debug1: identity file /home/pi/.ssh/id_rsa type 0
debug1: identity file /home/pi/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2+rpt1
ssh_exchange_identification: read: Connection timed out
ssh to local address has been working fine for many months - just suddenly stopped working. I looked the /var/log/secure and did not see any activity when tring to ssh to the local address. I am not aware of any recent system changes to the target machine.
Any ideas?
I have created a Virtual Machine with multipass, I am trying to connect to this instance over ssh, with the command:
ssh -vvv -i back_key ubuntu#10.136.38.199
At first, I tried to connect to my instance from a Github Action, but I got a timeout error, I thought that it may have been a Github issue.
But with a second computer, I couldn't connect to the VM either.
The error I got:
ubuntu#laptop-number2:~$ ssh -vvv -i back_key ubuntu#10.136.38.199
OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname 10.136.38.199 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.136.38.199 [10.136.38.199] port 22.
debug1: connect to address 10.136.38.199 port 22: Resource temporarily unavailable
ssh: connect to host 10.136.38.199 port 22: Resource temporarily unavailable
Wheither it's from Github Action or from a second computer, I can't connect to the multipass instance over ssh.
But, I can connect to instance with the host computer.
I thought it may be a Firewall issue, so I disabled it with:
sudo systemctl stop ufw
I did this in the VM and the host machine, then I restarted ssh inside the instance.
The reason: I got those issues was the network I was working on. The ssh port for the server couldn't be reached.
I knew that by using nmap:
nmap -Pn -p 22 <IP_OF_SERVER>
The result was: The port is filtered.
Working with a mobile network didn't solve it either, since my ISP block this port. The solution was using the network from my house for the ssh server.
I've set up a local instance of gitlab with the following configuration:
version: "3"
services:
gitlab:
image: gitlab/gitlab-ce:latest
container_name: gitlab
hostname: 'gitlab.local.com'
restart: always
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://gitlab.local.com:4005'
gitlab_rails['gitlab_shell_ssh_port'] = 3005
ports:
- '4005:4005'
- '3005:3005'
volumes:
- '/srv/gitlab/config:/etc/gitlab'
- '/srv/gitlab/logs:/var/log/gitlab'
- '/srv/gitlab/data:/var/opt/gitlab'
Then I've added SSH keys according to the gitlab documentation.
Finally when connecting to the instance via SSH or cloning a repo I get the following error:
ssh -Tvv git#gitlab.local.com -p 3005
OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "gitlab.local.com" port 3005
debug2: ssh_connect_direct
debug1: Connecting to gitlab.local.com [0.0.0.0] port 3005.
debug1: Connection established.
debug1: identity file /home/rafael/.ssh/id_rsa type 0
debug1: identity file /home/rafael/.ssh/id_rsa-cert type -1
debug1: identity file /home/rafael/.ssh/id_dsa type -1
debug1: identity file /home/rafael/.ssh/id_dsa-cert type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/rafael/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/rafael/.ssh/id_ed25519 type 3
debug1: identity file /home/rafael/.ssh/id_ed25519-cert type -1
debug1: identity file /home/rafael/.ssh/id_ed25519_sk type -1
debug1: identity file /home/rafael/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/rafael/.ssh/id_xmss type -1
debug1: identity file /home/rafael/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
kex_exchange_identification: Connection closed by remote host
I've disable ufw, I've reset the known_hosts, I've tried everything I can think of and found nothing on the internet that helped me.
Why is this error appearing? It's the only "server" I have problems acessing via ssh...
Check first the ssh daemon, in your GitLab Docker container, does listen to port 3005 (a custom port).
See for instance gitlab-org/omnibus-gitlab issue 1767:
I had to say that this issue gave me very hard time trying to figure things out.
It is really counter-intuitive that gitlab_rails['gitlab_shell_ssh_port'] = 30022 only works to change the URI displayed in the web page instead of also changing the port sshd serves in guest machine.
Besides subjective feelings above, there are also two facts in the way it currently works:
There is no way to change the ssh port gitlab shell uses on the docker container.
When using the docker's ip address to access the gitlab server, port would always have to be 22 instead of what is used in the URI.
I would argue that the way original document described is a better way how things should work around the issue.
gitlab_rails['gitlab_shell_ssh_port'] should also change the port gitlab-shell is served on guest side.
And:
You have to customize the port inside the file /assets/sshd_config by your Dockerfile.
That was mentioned here.
Since I see "Connection established.", it is possible, since those bug reports, that sshd_config is now correctly modified (automatically)
If that is the case, double-check what public key you have registered to your GitLab profile: it should be /home/rafael/.ssh/id_rsa.pub.
I am trying to ssh login to my remote server. But whenever i try to login through terminal using ssh command:
ssh root#{ip_address}
I get error:
Connection closed by {ip_address}
I checked hosts deny and hosts allow, there is nothing in the file. I am not getting why it happening?
It happened when i changed my workstation and key got changed. When i tried ssh login, it asked to add key and i entered yes and then it closed the connection.
Is there any way to get connected with ssh again?
Your help is appreciated.
Thank you.
Edit:
Output of ssh -v -v -v -v root#{ip_address} is
OpenSSH_5.9p1 Debian-5ubuntu1.1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to {ip_address} [{ip_address}] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/mona/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/mona/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/mona/.ssh/id_rsa-cert type -1
debug1: identity file /home/mona/.ssh/id_dsa type -1
debug1: identity file /home/mona/.ssh/id_dsa-cert type -1
debug1: identity file /home/mona/.ssh/id_ecdsa type -1
debug1: identity file /home/mona/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.1
debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "{ip_address}" from file "/home/mona/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: SSH2_MSG_KEXINIT sent
Connection closed by 151.236.220.15
Had the same issue but a simple remote server reboot helped.
Are you sure your server is permitting root logins via SSH?
If not, I suggest using a different account with sudo privileges instead of enabling root login - especially if the server's SSH port is accessible from the whole inernet.
try sudo ssh root#{ip_address}, it works for me.
I tried to connect with a user, which had :/bin/false in /etc/passwd. After changing it to :/bin/bash the connection was not closed anymore.
I had a similar issue that was resolved by lowering the MTU on the client side with the following command:
ip li set mtu 1400 dev eth0
I found this solution from a separate thread on serverfault.
I was getting the same "Connection closed by {ip_address}" error on one of my SSH connections. I tried all the usual solutions and nothing worked. Finally I found that the ~/.ssh/authorized_keys file on the host was corrupted. Someone had tried to append a key to the file, but they copied and pasted it with embedded line feeds where each line wrapped at the end. So what should have been one continuous string spanning three lines was actually three separate strings -- one per line. Since the embedded line feed was exactly at the end of the line, it was not apparent from looking at it.
I deleted the offending key and added my own. Then everything worked as expected.
I temporarily disabled my antivirus firewall and this maybe helped a bit.
Now it suddenly says Shell access is not enabled on yr account! Connection closed.
So I logged into my WHM server.domain_name:2087 and clicked on Modify domain and enabled Shell Access for the website.
(Or ask your host provider to enable SSh for you if you do not have a WHM server)
Login success, it now says:
Last login: 03:37 from . [user#whm_domain_name ~]$
I myself had same problems while working with cloud9 editor. Mine was cause from high CPU usage. It would get fine after stopping apache connection.
Check the name being used to connect to the ftp site, its either wrong or multiple names are being sent for uthentication.
This is what I tried to do ten times today without success:
make a key with ssh-keygen.
open ~/.ssh/id_rsa.pub with Gedit or Notepad++ and copy the contents.
Go to account settings on github.com
Go to SSH Keys
Click on the Add Key button.
give the key a title
paste the key into the key box.
Save the key (enter my github password to verify).
Then, I run '$ ssh -vT git#github.com' in cygwin, but it always hang on there. Here is the output:
$ ssh -vT git#github.com
OpenSSH_6.0p1, OpenSSL 1.0.1c 10 May 2012
debug1: Reading configuration data /home/eason.wu/.ssh/config
debug1: /home/eason.wu/.ssh/config line 1: Applying options for github.com
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to github.com [207.97.227.239] port 22.
debug1: Connection established.
debug1: identity file /home/eason.wu/.ssh/id_rsa type 1
debug1: identity file /home/eason.wu/.ssh/id_rsa-cert type -1
Does any one meet this problem, any solution will be appreciated
Make sure you did copy the public key as one line, because a copy from an editor can sometime buffer the content of that key as several lines.
If you still have an issue, check other SSH debug tips at "Unable to Git-push master to Github".
A ssh -vvvT git#github.com can display more debug information.
The OP Eason Wu comments:
I found the real reason of this problem, it is caused by my network.
Some websites are prohibited by my company, I would think it also affects GitHub service.
After I turn on an VPN connection, and retest again with ssh -vvvT git#github.com, it passed successfully
For anyone coming here recently looking for a solution, this was happening to me too, however in the debug (as per above instruction) the connection to GitHub never established.
My output looked like:
OpenSSH_7.9p1 Ubuntu-10, OpenSSL 1.1.1b 26 Feb 2019
debug1: Reading configuration data /home/preston/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "github.com" port 22
debug2: ssh_connect_direct
debug1: Connecting to github.com [2607:7700:0:1a:0:1:c01e:ff70] port 22.
I noticed the IPv6 address in the last line and thought that might be the issue. So I sourced an article on changing it to use an IPv4 address in the global ssh settings.
Changing to IPv4 worked.
Source: https://stackoverflow.com/a/35113901/3818056
For me, the issue was the router I was connected to was using WPA, not WPA2/3. Once I changed to a network that didn't have this issue my repo was instantly cloned with ssh.
I solved this by adding GitHub "github.com" in the whitelist of my router. You can also overcome this by VPN however it will require another set of steps to find a VPN and setup.