I tried to connect to a debian server from my school wifi which is blocking the default port 22 so I switched to 443, but even then I get an error when trying to connect.
Here is the debug:
$ ssh -v user#host -p 443
OpenSSH_7.1p2, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to host [host] port 443.
debug1: Connection established.
debug1: identity file /c/Users/user/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/user/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/user/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/user/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/user/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/user/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/user/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/user/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
ssh_exchange_identification: read: Connection reset by peer
Related
When trying to use reverse ssh to ssh into a non-port forwarded pc by using
ssh -R 2222:localhost:22 root#209.145.57.231 on the target,
and then doing the command
ssh localhost -p 2222 on the server, it gives me the error kex_exchange_identification: Connection closed by remote host no matter what I try
SSH Logs from -vvv:
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "localhost" port 2222
debug2: ssh_connect_direct
debug1: Connecting to localhost [127.0.0.1] port 2222.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type 0
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
kex_exchange_identification: Connection closed by remote host```
output on target's side when trying to connect with -v
```debug1: client_input_channel_open: ctype forwarded-tcpip rchan 2 win 2097152 max 32768
debug1: client_request_forwarded_tcpip: listen localhost port 2222, originator 127.0.0.1 port 38136
debug1: getsockopt TCP_NODELAY: Invalid argument
debug1: connect_next: host localhost ([::1]:22) in progress, fd=7
debug1: channel 1: new [127.0.0.1]
debug1: confirm forwarded-tcpip
debug1: channel 1: connected to localhost port 22
debug1: channel 1: free: 127.0.0.1, nchannels 2```
After searching the error message "getsockopt TCP_NODELAY: Invalid argument" I found out that there wasn't an ssh handler or server running on the target (or client, the one that was doing the original ssh tunneling). After running on a simple golang ssh server, the error disappeared.
I can't connect to a lxc container via ssh, when running on the verbose mode it gives the following debug messages :
moelf#moelf:/$ ssh -v root#10.0.3.13
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.0.3.13 [10.0.3.13] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/moelf/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/moelf/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/moelf/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/moelf/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/moelf/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/moelf/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/moelf/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/moelf/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5
debug1: match: OpenSSH_6.7p1 Debian-5 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.3.13:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
Connection reset by 10.0.3.13 port 22
I looked all over the internet but all the solution seems not working for me.
PS : I can connect to other LXC Containers on the same machine.
When I want to log in as "root" in my terminal to my SSH server (ssh root#akeneo.lxc), I can not, this message appears:
Connection reset by 10.0.3.13 port 22
I am not an expert in System, could someone help me?
My version ubuntu: 16.04
After ssh -v root#akeneo.lxc :
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016 debug1:
Reading configuration data /etc/ssh/ssh_config debug1:
/etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting
to akeneo.lxc [10.0.3.13] port 22. debug1: Connection established.
debug1: identity file /home/pav/.ssh/id_rsa type 1 debug1:
key_load_public: No such file or directory debug1: identity file
/home/pav/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such
file or directory debug1: identity file /home/pav/.ssh/id_dsa type
-1 debug1: key_load_public: No such file or directory debug1: identity file
/home/pav/.ssh/id_dsa-cert type -1 debug1: key_load_public: No
such file or directory debug1: identity file /home/pav/.ssh/id_ecdsa
type -1 debug1: key_load_public: No such file or directory debug1:
identity file /home/pav/.ssh/id_ecdsa-cert type -1 debug1:
key_load_public: No such file or directory debug1: identity file
/home/pav/.ssh/id_ed25519 type -1 debug1: key_load_public: No such
file or directory debug1: identity file
/home/pav/.ssh/id_ed25519-cert type -1 debug1: Enabling
compatibility mode for protocol 2.0 debug1: Local version string
SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 debug1: Remote protocol
version 2.0, remote software version OpenSSH_7.4p1 Debian-10+deb9u3
debug1: match: OpenSSH_7.4p1 Debian-10+deb9u3 pat OpenSSH* compat
0x04000000 debug1: Authenticating to akeneo.lxc:22 as 'root' debug1:
SSH2_MSG_KEXINIT sent Connection reset by 10.0.3.13 port 22
Until recently I was able to SSH into my Vagrant machine without any problems. Now however:
$ ssh -vvv vagrant#127.0.0.1 -p 2222
OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "127.0.0.1" port 2222
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 2222.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user1/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
ssh_exchange_identification: read: Connection reset by peer
I checked /etc/hosts.allow and /etc/hosts.deny in the guest. Nothing there. I'm almost sure this has something to do with someone rewriting the contents of /etc/resolv.conf. The contents are now:
nameserver 8.8.8.8
nameserver 8.8.4.4
The network seems to be fine on the host where I can ping google.com, but not on the guest, where I can't. But SSH to the Vagrant machine is no longer working. Any ideas?
The answer is not at all what I expected. In VirtualBox Settings > Network > Adapter 1 the Cable Connected option was disabled. After enabling it everything went back to normal.
I can connect to vpn via networkmanager and openconnect plugin.
But when I connect to company's server,I got logs below:
[root#XSign ssh]# ssh username#xxx -v
OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to xxx [x.x.x.x] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to xxx:22 as 'username'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr umac-64#openssh.com none
debug1: kex: client->server aes128-ctr umac-64#openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
Then it is stucked on last line.
I can connect to xxx server when I am in company.
I can connect this xxx server with my previous laptop via same network at home.
Difference between these 2 laptops are the softwares version.
Anybody knows y I got a stuck ?
MACs hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160
undocument above line in /etc/ssh/ssh_config,solved the problem.
it appears that your target server does not support modern HMACs and only allows older (possibly insecure) HMACs. The default SSH client settings on your source machine is therefore preventing the connection.
You can override this on a case-by-case basis, eg:
ssh -m umac-64#openssh.com targetserver
ssh -m hmac-sha1 targetserver
ssh -m hmac-md5 targetserver
.
Or, as suggested by #hacksign above, you can permanently allow the use of (possibly) insecure HMACs, by un-commenting the following line in /etc/ssh/ssh_config :
MACs hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160
Try to adapt the MTU size.
I had the same problem (with another tunnel) and setting the MTU size to something smaller fixed the problem for me.