[Bug 1279999] Re: ssh login no longer works over vpn
Jerry Quinn
jlquinn at optonline.net
Sun Feb 16 16:50:53 UTC 2014
Well the story is now more confusing for me. I disabled the Ciphers and
MACs fields in /etc/ssh/ssh_config and connected again. This time, I'm
able to get into my work machines without problem.
However, at the time, enabling the fields was the difference between
success and failure.
I know the VPN solution is a large-scale thing, so this connection may
be different from the previous connection.
Given that, it doesn't necessarily seem like an ssh bug. I would like
to suggest that the config file and man pages indicate that it's useful
to muck with those fields when connection reset or hangs occur.
Otherwise we spend time scouring the web for possible solutions and
guesswork.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1279999
Title:
ssh login no longer works over vpn
Status in “openssh” package in Ubuntu:
Incomplete
Bug description:
jlquinn at wyvern:~$ lsb_release -rd
Description: Ubuntu 13.10
Release: 13.10
I log into work over an AT&T vpn. When I upgraded my client to Ubuntu 13.10, I was unable to ssh into my work machines. The ssh version upgrade was
2014-02-06 12:45:05 upgrade openssh-client:amd64 1:6.1p1-4
1:6.2p2-6ubuntu0.1
The ssh server machines are running CentOS 6.4. I alternatively
get:
Read from socket failed: Connection reset by peer
or a hang. Enabling debugging shows:
debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer
or
debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
After wandering the net, I found a suggestion to uncomment Ciphers and MACs in /etc/ssh/ssh_config. Making this change lets me log in again.
The default settings in ssh_config break a working system.
ProblemType: Bug
DistroRelease: Ubuntu 13.10
Package: ssh 1:6.2p2-6ubuntu0.1
ProcVersionSignature: Ubuntu 3.11.0-15.25-generic 3.11.10
Uname: Linux 3.11.0-15-generic x86_64
ApportVersion: 2.12.5-0ubuntu2.2
Architecture: amd64
Date: Thu Feb 13 15:50:41 2014
InstallationDate: Installed on 2010-04-30 (1385 days ago)
InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100429)
MarkForUpload: True
PackageArchitecture: all
SourcePackage: openssh
UpgradeStatus: Upgraded to saucy on 2014-02-06 (7 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1279999/+subscriptions
More information about the foundations-bugs
mailing list