# ssh problem [solved]

## cronopio

My ssh conexion failedLast edited by cronopio on Sun Sep 04, 2005 10:42 am; edited 2 times in total

----------

## adaptr

The problem is one of the following:

- the remote host does not match or offer the ssh protocol version you use on the client, or

- the remote host refuses any hosts that are not already known to it.

Hard to tell exactly without more info.

----------

## rex123

 *adaptr wrote:*   

> Hard to tell exactly without more info.

 

... and one way to get more information is to use ssh -vvv (or just ssh -v might be enough)

----------

## cronopio

The output of ssh -vvv "my_machine" is:

OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004

debug1: Reading configuration data /etc/ssh/ssh_config

debug3: cipher ok: aes128-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]

debug3: cipher ok: 3des-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]

debug3: cipher ok: blowfish-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]

debug3: cipher ok: cast128-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]

debug3: cipher ok: arcfour [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]

debug3: cipher ok: aes192-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]

debug3: cipher ok: aes256-cbc [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]

debug3: ciphers ok: [aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]

debug2: ssh_connect: needpriv 0

debug1: Connecting to cronogentoo.is-a-geek.com [82.159.43.58] port 22.

debug1: Connection established.

debug1: identity file /home/lupas/.ssh/identity type -1

debug3: Not a RSA1 key file /home/lupas/.ssh/id_rsa.

debug2: key_type_from_name: unknown key type '-----BEGIN'

debug3: key_read: missing keytype

debug2: key_type_from_name: unknown key type 'Proc-Type:'

debug3: key_read: missing keytype

debug2: key_type_from_name: unknown key type 'DEK-Info:'

debug3: key_read: missing keytype

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug2: key_type_from_name: unknown key type '-----END'

debug3: key_read: missing keytype

debug1: identity file /home/lupas/.ssh/id_rsa type 1

debug3: Not a RSA1 key file /home/lupas/.ssh/id_dsa.

debug2: key_type_from_name: unknown key type '-----BEGIN'

debug3: key_read: missing keytype

debug2: key_type_from_name: unknown key type 'Proc-Type:'

debug3: key_read: missing keytype

debug2: key_type_from_name: unknown key type 'DEK-Info:'

debug3: key_read: missing keytype

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug3: key_read: missing whitespace

debug2: key_type_from_name: unknown key type '-----END'

debug3: key_read: missing keytype

debug1: identity file /home/lupas/.ssh/id_dsa type 2

ssh_exchange_identification: Connection closed by remote host

----------

## robdd

Hey ! You shouldn't post stuff that includes your IP address or other SSH stuff without overwriting the sensitive stuff with xxxxx's.  If someone knows your ssh server address and username they can start attacking your server - maybe a bit paranoid, but better safe than sorry  :Smile: 

I'm not an ssh expert, bit I did get my ssh server working - I've posted a recipe in this thread:

https://forums.gentoo.org/viewtopic-t-361244.html

From looking at your log I'd say (and like I said I'm no expert) that perhaps you have the private and public keys swapped around ??   If you're using private key authentication then you need your public key (id_rsa.pub) on the ssh server, and in home/.ssh/authorized_keys2, and you need your private key (id_rsa) on your client. Make sure your keys are set up correctly and the right way round, and come back with what you see.  If you have access to /var/log/messages on the ssh server there may be some clues in there (but again be careful when posting stuff, because the log can show your key information).

----------

## Jerem

Edit /etc/ssh/sshd_config and /etc/ssh/ssh_config so they use the same protocol and port.

Port 22

Protocol 2

You may also not be able to login as root, since pam does not allow that in most cases. Connect as another user and then use su from there to gain root rights.

You must also generate a key pair on one of the computers, so it can share it with the other.

ssh-keygen -t rsa

ssh-keygen -t dsa

If you have a .authorized_keys in a .ssh or /etc/ssh, edit it accordingly or delete it.

----------

## cronopio

I try with it, but the problem continues:

OpenSSH_3.9p1, OpenSSL 0.9.7d 17 Mar 2004

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Connecting to cronogentoo.is-a-geek.com [82.159.43.58] port 22.

debug1: Connection established.

debug1: identity file /home/lupas/.ssh/identity type -1

debug1: identity file /home/lupas/.ssh/id_rsa type 1

debug1: identity file /home/lupas/.ssh/id_dsa type 2

ssh_exchange_identification: Connection closed by remote host

----------

## cronopio

#Only enable version 2

Protocol 2

#Disable root login. Users have to su to root

PermitRootLogin no

#Turn on Public key authentication

#PubkeyAuthentication yes

#AuthorizedKeysFile      .ssh/authorized_keys

#Disable .rhost and normal password authentication

#RhostsAuthentication no

PasswordAuthentication yes

PermitEmptyPasswords no

#Only allow userin the wheel or admin group to login

AllowGroups wheel admin

#In those groups only allow the following users

#The @<domainname> is optional but replaces the

#older AllowHosts directive

#AllowUsers lupas@cronogentoo.is-a-geek.com

#Logging

SyslogFacility AUTH

LogLevel INFO

#ListenAddress 127.0.0.1

Can anyone tell me something about my problem? buah! I feel lonely...

----------

## Sparrow_CA

Can you ssh to any other machines?

Can any other machines ssh to the target box?

Are you trying to use password or publickey authentication?

It looks like you'r problem is server-side; I hope you have terminal access to the box.

Turn up your logging in /etc/ssh/sshd_config by setting INFO to DEBUG. Then restart sshd and look in /var/log/auth when you try to login.

----------

## rex123

Try putting 

```
UsePAM yes
```

 into your sshd_config file. I reckon your public-key authentication isn't working, so you need to be able to use a password. Or put the correct public key entry into the appropriate .ssh/authorized_keys2 file on the server.

----------

## cronopio

I try with 

UsePAM yes

and whit 

LogLevel DEBUG

for more information and that is the messages:

# more /var/log/sshd/current

                - Last output repeated twice -

Jul 27 20:10:49 [sshd] debug1: Bind to port 22 on 0.0.0.0.

Jul 27 20:10:49 [sshd] socket: Address family not supported by protocol

Jul 27 20:10:49 [sshd] fatal: Cannot bind any address.

Jul 27 20:15:27 [sshd] debug1: Bind to port 22 on 82.159.43.58.

Jul 27 20:15:27 [sshd] error: Bind to port 22 on 82.159.43.58 failed: Address already in use.

Jul 27 20:15:27 [sshd] fatal: Cannot bind any address.

Jul 27 20:17:04 [sshd] debug1: Bind to port 22 on 127.0.0.1.

Jul 27 20:17:04 [sshd] error: Bind to port 22 on 127.0.0.1 failed: Address already in use.

Jul 27 20:17:04 [sshd] fatal: Cannot bind any address.

Jul 27 20:17:58 [sshd] debug1: Bind to port 22 on 0.0.0.0.

Jul 27 20:17:58 [sshd] socket: Address family not supported by protocol

Jul 27 20:17:58 [sshd] fatal: Cannot bind any address.

Jul 27 20:20:25 [sshd] debug1: Bind to port 22 on 127.0.0.1.

Jul 27 20:20:25 [sshd] error: Bind to port 22 on 127.0.0.1 failed: Address already in use.

Jul 27 20:20:25 [sshd] fatal: Cannot bind any address.

#

I try with various IPs for ListenAdress, and i try comment this line.

Nothing about UsePAM.

And now, my friends?

----------

## Sparrow_CA

How are you running sshd? It looks like you'r trying to start two instances of it.

run 

```
killall sshd; /etc/init.d/sshd zap; /etc/init.d/sshd start
```

 then post the log.

and maybe for good measure post the output of 

```
netstat -tl
```

----------

## cronopio

This is the output:

# killall sshd

sshd: no process killed

#                                                                              ((?????))

#/etc/init.d/sshd zap

 * Manually resetting sshd to stopped state.

#

#/etc/init.d/sshd start

 * Starting sshd ...                                                      [ ok ]

#

# netstat -tl

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State

tcp        0      0 *:netbios-ssn           *:*                     LISTEN

tcp        0      0 *:sunrpc                *:*                     LISTEN

tcp        0      0 localhost:819           *:*                     LISTEN

tcp        0      0 *:domain                *:*                     LISTEN

tcp        0      0 *:4662                  *:*                     LISTEN

tcp        0      0 *:ssh                   *:*                     LISTEN

tcp        0      0 localhost:5335          *:*                     LISTEN

tcp        0      0 *:ssh                   *:*                     LISTEN

tcp        0      0 localhost:5335          *:*                     LISTEN

tcp        0      0 *:ipp                   *:*                     LISTEN

tcp        0      0 *:microsoft-ds          *:*                     LISTEN

#

#ps -ef | grep ssh

root     27080     1  0 Jul26 ?        00:00:00 ssh-agent

root     27237     1  0 Jul26 ?        00:00:00 ssh-agent

root     29910 28576  0 08:03 pts/0    00:00:00 grep ssh

#

----------

## Sparrow_CA

Well that's strange. Somehow you have two processes listening on your ssh port, which I thought was impossable...unless, try:

```
netstat -tln --program
```

that should show us exactly wich process is listening on wich port number. Then we need to get rid of whatever is listening on port 22 (the ssh port). Sorry, I should have had you do that the first time...

----------

## cronopio

This is the output:

# killall sshd

sshd: no process killed

#                                                                              ((?????))

#/etc/init.d/sshd zap

 * Manually resetting sshd to stopped state.

#

#/etc/init.d/sshd start

 * Starting sshd ...                                                      [ ok ]

#

# netstat -tl

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State

tcp        0      0 *:netbios-ssn           *:*                     LISTEN

tcp        0      0 *:sunrpc                *:*                     LISTEN

tcp        0      0 localhost:819           *:*                     LISTEN

tcp        0      0 *:domain                *:*                     LISTEN

tcp        0      0 *:4662                  *:*                     LISTEN

tcp        0      0 *:ssh                   *:*                     LISTEN

tcp        0      0 localhost:5335          *:*                     LISTEN

tcp        0      0 *:ssh                   *:*                     LISTEN

tcp        0      0 localhost:5335          *:*                     LISTEN

tcp        0      0 *:ipp                   *:*                     LISTEN

tcp        0      0 *:microsoft-ds          *:*                     LISTEN

#

#ps -ef | grep ssh

root     27080     1  0 Jul26 ?        00:00:00 ssh-agent

root     27237     1  0 Jul26 ?        00:00:00 ssh-agent

root     29910 28576  0 08:03 pts/0    00:00:00 grep ssh

#

----------

## Sparrow_CA

double post? try again!   :Mr. Green: 

----------

