[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
Gary Salisbury
708493 at bugs.launchpad.net
Fri Dec 21 14:05:40 UTC 2012
Use dropbear ....
On 21 December 2012 15:27, Nicolas Michel <nicolas.michel at lemail.be>
wrote:
> I have the same problem here. Only on one remote host:
>
> sylock at sylock-vmware:~$ ssh -vvv XXXXXX
> OpenSSH_6.0p1 Debian-3ubuntu1, OpenSSL 1.0.1c 10 May 2012
> debug1: Reading configuration data /home/sylock/.ssh/config
> debug1: /home/sylock/.ssh/config line 1: Applying options for *
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to XXXXXX[172.24.6.18] port 22.
> debug1: Connection established.
> debug1: identity file /home/sylock/.ssh/id_rsa type -1
> debug1: identity file /home/sylock/.ssh/id_rsa-cert type -1
> debug1: identity file /home/sylock/.ssh/id_dsa type -1
> debug1: identity file /home/sylock/.ssh/id_dsa-cert type -1
> debug1: identity file /home/sylock/.ssh/id_ecdsa type -1
> debug1: identity file /home/sylock/.ssh/id_ecdsa-cert type -1
> debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
> debug1: match: OpenSSH_5.1 pat OpenSSH_5*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_6.0p1 Debian-3ubuntu1
> debug2: fd 3 setting O_NONBLOCK
> debug3: load_hostkeys: loading entries for host "fsmal989" from file
> "/home/sylock/.ssh/known_hosts"
> debug3: load_hostkeys: found key type RSA in file
> /home/sylock/.ssh/known_hosts:269
> debug3: load_hostkeys: loaded 1 keys
> debug3: order_hostkeyalgs: prefer hostkeyalgs:
> ssh-rsa-cert-v01 at openssh.com,ssh-rsa-cert-v00 at openssh.com,ssh-rsa
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit:
> ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa-cert-v01 at openssh.com,
> ssh-rsa-cert-v00 at openssh.com,ssh-rsa,
> ecdsa-sha2-nistp256-cert-v01 at openssh.com,
> ecdsa-sha2-nistp384-cert-v01 at openssh.com,
> ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,
> ssh-dss-cert-v00 at openssh.com
> ,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,
> rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,
> rijndael-cbc at lysator.liu.se
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 at openssh.com
> ,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,
> hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 at openssh.com
> ,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,
> hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
> rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
> rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 at openssh.com
> ,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64 at openssh.com
> ,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_setup: found hmac-md5
> debug1: kex: server->client aes128-ctr hmac-md5 none
> debug2: mac_setup: found hmac-md5
> debug1: kex: client->server aes128-ctr hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> Write failed: Connection reset by peer
>
>
> sylock at sylock-vmware:~$ ssh -V
> OpenSSH_6.0p1 Debian-3ubuntu1, OpenSSL 1.0.1c 10 May 2012
>
> sylock at sylock-vmware:~$ cat /etc/*release
> DISTRIB_ID=Ubuntu
> DISTRIB_RELEASE=12.10
> DISTRIB_CODENAME=quantal
> DISTRIB_DESCRIPTION="Ubuntu 12.10"
> NAME="Ubuntu"
> VERSION="12.10, Quantal Quetzal"
> ID=ubuntu
> ID_LIKE=debian
> PRETTY_NAME="Ubuntu quantal (12.10)"
> VERSION_ID="12.10"
>
> sylock at sylock-vmware:~$ ldd /usr/bin/ssh
> linux-vdso.so.1 => (0x00007ffff11c0000)
> libselinux.so.1 => /lib/x86_64-linux-gnu/libselinux.so.1
> (0x00007f14ce3e2000)
> libcrypto.so.1.0.0 => /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
> (0x00007f14ce01b000)
> libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f14cde16000)
> libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f14cdbff000)
> libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2
> (0x00007f14cd9e3000)
> libgssapi_krb5.so.2 =>
> /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2 (0x00007f14cd7a4000)
> libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f14cd3e5000)
> /lib64/ld-linux-x86-64.so.2 (0x00007f14ce881000)
> libkrb5.so.3 => /usr/lib/x86_64-linux-gnu/libkrb5.so.3
> (0x00007f14cd117000)
> libk5crypto.so.3 => /usr/lib/x86_64-linux-gnu/libk5crypto.so.3
> (0x00007f14cceed000)
> libcom_err.so.2 => /lib/x86_64-linux-gnu/libcom_err.so.2
> (0x00007f14ccce9000)
> libkrb5support.so.0 =>
> /usr/lib/x86_64-linux-gnu/libkrb5support.so.0 (0x00007f14ccae1000)
> libkeyutils.so.1 => /lib/x86_64-linux-gnu/libkeyutils.so.1
> (0x00007f14cc8dc000)
> libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0
> (0x00007f14cc6bf000)
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/708493
>
> Title:
> Can't login anymore: Read from socket failed: Connection reset by peer
>
> Status in “openssh” package in Ubuntu:
> Confirmed
> Status in “openssh” package in Debian:
> New
>
> Bug description:
> After todays update to
> 1:5.7p1-1ubuntu1
> I cannot login to SOME (!) of my servers. Example of a server failing:
>
> ~$ ssh -v root at mail
> OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
> debug1: Reading configuration data /home/hildeb/.ssh/config
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to mail [141.42.202.200] port 22.
> debug1: Connection established.
> debug1: identity file /home/hildeb/.ssh/id_rsa type -1
> debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
> debug1: identity file /home/hildeb/.ssh/id_dsa type 2
> debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
> debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
> debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
> debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
> debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
> debug1: Remote protocol version 1.99, remote software version
> OpenSSH_5.5p1 Debian-6
> debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-ctr hmac-md5 none
> debug1: kex: client->server aes128-ctr hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> Read from socket failed: Connection reset by peer
>
> There is NOTHING in daemon.log, auth.log or syslog on the server I'm
> trying to connect to.
>
> Example of a server NOT failing:
>
> $ ssh -v root at netsight
> OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
> debug1: Reading configuration data /home/hildeb/.ssh/config
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to netsight [10.47.2.222] port 22.
> debug1: Connection established.
> debug1: identity file /home/hildeb/.ssh/id_rsa type -1
> debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
> debug1: identity file /home/hildeb/.ssh/id_dsa type 2
> debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
> debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
> debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
> debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
> debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_5.5p1 Debian-6
> debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-ctr hmac-md5 none
> debug1: kex: client->server aes128-ctr hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Server host key: RSA
> 18:ce:76:c7:7c:f4:98:94:28:8f:62:4a:31:e8:5b:c9
> debug1: Host 'netsight' is known and matches the RSA host key.
> debug1: Found key in /home/hildeb/.ssh/known_hosts:56
> debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: Roaming not allowed by server
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey,keyboard-interactive
> debug1: Next authentication method: publickey
> debug1: Offering DSA public key: /home/hildeb/.ssh/id_dsa
> debug1: Server accepts key: pkalg ssh-dss blen 433
> debug1: Authentication succeeded (publickey).
> Authenticated to netsight ([10.47.2.222]:22).
> debug1: channel 0: new [client-session]
> debug1: Requesting no-more-sessions at openssh.com
> debug1: Entering interactive session.
> debug1: Sending environment.
> debug1: Sending env LC_MESSAGES = en_US.utf8
> debug1: Sending env LANG = de_DE.UTF-8
>
> ProblemType: Bug
> DistroRelease: Ubuntu 11.04
> Package: openssh-client 1:5.7p1-1ubuntu1
> ProcVersionSignature: Ubuntu 2.6.37-12.26-generic 2.6.37
> Uname: Linux 2.6.37-12-generic x86_64
> Architecture: amd64
> Date: Thu Jan 27 09:13:15 2011
> ProcEnviron:
> LANGUAGE=en_US:en
> LANG=de_DE.UTF-8
> LC_MESSAGES=en_US.utf8
> SHELL=/bin/bash
> RelatedPackageVersions:
> ssh-askpass N/A
> libpam-ssh N/A
> keychain N/A
> ssh-askpass-gnome 1:5.7p1-1ubuntu1
> SSHClientVersion: OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun
> 2010
> SourcePackage: openssh
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions
>
--
Regards
Gary
Cell 083-391-4914
Fax 086-655-3146
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/708493
Title:
Can't login anymore: Read from socket failed: Connection reset by peer
Status in “openssh” package in Ubuntu:
Confirmed
Status in “openssh” package in Debian:
New
Bug description:
After todays update to
1:5.7p1-1ubuntu1
I cannot login to SOME (!) of my servers. Example of a server failing:
~$ ssh -v root at mail
OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/hildeb/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to mail [141.42.202.200] port 22.
debug1: Connection established.
debug1: identity file /home/hildeb/.ssh/id_rsa type -1
debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
debug1: identity file /home/hildeb/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_5.5p1 Debian-6
debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Connection reset by peer
There is NOTHING in daemon.log, auth.log or syslog on the server I'm
trying to connect to.
Example of a server NOT failing:
$ ssh -v root at netsight
OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/hildeb/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to netsight [10.47.2.222] port 22.
debug1: Connection established.
debug1: identity file /home/hildeb/.ssh/id_rsa type -1
debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
debug1: identity file /home/hildeb/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6
debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 18:ce:76:c7:7c:f4:98:94:28:8f:62:4a:31:e8:5b:c9
debug1: Host 'netsight' is known and matches the RSA host key.
debug1: Found key in /home/hildeb/.ssh/known_hosts:56
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering DSA public key: /home/hildeb/.ssh/id_dsa
debug1: Server accepts key: pkalg ssh-dss blen 433
debug1: Authentication succeeded (publickey).
Authenticated to netsight ([10.47.2.222]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions at openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LC_MESSAGES = en_US.utf8
debug1: Sending env LANG = de_DE.UTF-8
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: openssh-client 1:5.7p1-1ubuntu1
ProcVersionSignature: Ubuntu 2.6.37-12.26-generic 2.6.37
Uname: Linux 2.6.37-12-generic x86_64
Architecture: amd64
Date: Thu Jan 27 09:13:15 2011
ProcEnviron:
LANGUAGE=en_US:en
LANG=de_DE.UTF-8
LC_MESSAGES=en_US.utf8
SHELL=/bin/bash
RelatedPackageVersions:
ssh-askpass N/A
libpam-ssh N/A
keychain N/A
ssh-askpass-gnome 1:5.7p1-1ubuntu1
SSHClientVersion: OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
SourcePackage: openssh
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions
More information about the foundations-bugs
mailing list