ssh issues
The thing is, I can log in fine using lish and a screen. But ssh ain't working. sshd seems to launch fine, and
ps aux | grep sshd
gives me
root 2440 0.0 1.1 3292 1416 ? Ss 02:47 0:00 sshd
But when I go to log in, I am denied access, with the same username/password combo (for root) which works on my screen session.
I tried once using sshd -d and here is the transcript:
> root@li9-121 /var/log [537] sshd -d
debug1: sshd version OpenSSH_3.8.1p1 Debian 1:3.8.1p1-11ubuntu3.1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
debug1: Server will not fork when running in debugging mode.
Connection from ::ffff:[[$myipaddy ]] port 1979
debug1: Client protocol version 2.0; client software version PuTTY
debug1: no match: PuTTY
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian 1:3.8.1p1-11ubuntu3.1
debug1: permanentlysetuid: 102/65534
debug1: listhostkeytypes: ssh-rsa,ssh-dss
debug1: SSH2MSGKEXINIT sent
debug1: SSH2MSGKEXINIT received
debug1: kex: client->server 3des-cbc hmac-sha1 none
debug1: kex: server->client 3des-cbc hmac-sha1 none
debug1: expecting SSH2MSGKEXDH_INIT
debug1: SSH2MSGNEWKEYS sent
debug1: expecting SSH2MSGNEWKEYS
debug1: SSH2MSGNEWKEYS received
debug1: KEX done
debug1: userauth-request for user root service ssh-connection method password
debug1: attempt 0 failures 0
Failed password for root from ::ffff:[[ $myipaddy ]] port 1979 ssh2
debug1: PAM: initializing for "root"
debug1: PAM: setting PAMRHOST to "[[ $myFQDN ]]"
debug1: PAM: setting PAM_TTY to "ssh"
Read from socket failed: Connection reset by peer
debug1: do_cleanup
debug1: PAM: cleanup
debug1: do_cleanup
debug1: PAM: cleanup
root@li9-121 /var/log [538]
What's even weirder is what happens when I try and ssh in from my old university account:
> apocalypse ~ [159] ssh li9-121.members.linode.com
Local: Bad packet length 1349676916.
apocalypse ~ [160]
Here is the linode side of that connection attempt:
> root@li9-121 /var/log [538] sshd -d
debug1: sshd version OpenSSH_3.8.1p1 Debian 1:3.8.1p1-11ubuntu3.1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
debug1: Server will not fork when running in debugging mode.
Connection from ::ffff:192.58.221.245 port 48314
debug1: Client protocol version 1.0; client software version 1.2.33
debug1: no match: 1.2.33
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian 1:3.8.1p1-11ubuntu3.1
Protocol major versions differ for ::ffff:192.58.221.245: SSH-2.0-OpenSSH_3.8.1p1 Debian 1:3.8.1p1-11ubuntu3.1 vs. SSH-1.0-1.2.33
root@li9-121 /var/log [539]
In the second case it looks like the machine my account is on needs a newer ssh client, or something. But I don't get the first case. My machine is on a new network but even setting MTU to 576 on both my linode and home router does not solve the problem. Also I can ssh just fine into lish and other hosts.
Any clues?
Thanks for any help …
PS I saw the May 30 thread RE sshd and tried the same mojo on /dev/null to no avail …
5 Replies
@ryantate:
What's even weirder is what happens when I try and ssh in from my old university account:
> apocalypse ~ [159] ssh li9-121.members.linode.comLocal: Bad packet length 1349676916.
apocalypse ~ [160]
Pretty sure this one is caused by ssh version mismatch. Enable ssh protocol version 1 in your sshd config, or update your ssh client to a version that supports ssh2… As for the other problem, no ideas yet.
-Chris
-d Debug mode. The server sends verbose debug output to the system
log, and does not put itself in the background. The server also
will not fork and will only process one connection. This option
is only intended for debugging for the server. Multiple -d
options increase the debugging level. Maximum is 3.
Give "sshd -d -d -d" a shot…
-Chris
Is it possible I've never logged in from home machine to linode? Perhaps. Maybe I just need to update my client here. Developing …
FWIW, PuTTy 0.50 supported ssh2 but not public key authentication (I'm just guessing on whether public key auth is significant but the -d transcript looked like there was some attempted key swapping going on.) So maybe it was negotiating an ssh2 connection it actually couldn't handle.
Hey, suddenly Putty works from my computer now. Gee, thanks!
James