[Bug 1279999] Re: ssh login no longer works over vpn

Jerry Quinn jlquinn at optonline.net
Sun Feb 16 16:50:53 UTC 2014 

Well the story is now more confusing for me.  I disabled the Ciphers and
MACs fields in /etc/ssh/ssh_config and connected again. This time, I'm
able to get into my work machines without problem.

However, at the time, enabling the fields was the difference between
success and failure.

I know the VPN solution is a large-scale thing, so this connection may
be different from the previous connection.

Given that, it doesn't necessarily seem like an ssh bug.  I would like
to suggest that the config file and man pages indicate that it's useful
to muck with those fields when connection reset or hangs occur.
Otherwise we spend time scouring the web for possible solutions and
guesswork.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1279999

Title:
  ssh login no longer works over vpn

Status in “openssh” package in Ubuntu:
  Incomplete

Bug description:
  jlquinn at wyvern:~$ lsb_release -rd
  Description:	Ubuntu 13.10
  Release:	13.10

  
  I log into work over an AT&T vpn.  When I upgraded my client to Ubuntu 13.10, I was unable to ssh into my work machines.  The ssh version upgrade was

  2014-02-06 12:45:05 upgrade openssh-client:amd64 1:6.1p1-4
  1:6.2p2-6ubuntu0.1

    The ssh server machines are running CentOS 6.4.  I alternatively
  get:

  Read from socket failed: Connection reset by peer

  or a hang.  Enabling debugging shows:

  debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.1
  debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
  debug1: match: OpenSSH_5.3 pat OpenSSH_5*
  debug1: SSH2_MSG_KEXINIT sent
  Read from socket failed: Connection reset by peer

  or

  debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Ubuntu-6ubuntu0.1
  debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
  debug1: match: OpenSSH_5.3 pat OpenSSH_5*
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-ctr hmac-md5 none
  debug1: kex: client->server aes128-ctr hmac-md5 none
  debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

  
  After wandering the net, I found a suggestion to uncomment Ciphers and MACs in /etc/ssh/ssh_config.  Making this change lets me log in again.

  The default settings in ssh_config break a working system.

  ProblemType: Bug
  DistroRelease: Ubuntu 13.10
  Package: ssh 1:6.2p2-6ubuntu0.1
  ProcVersionSignature: Ubuntu 3.11.0-15.25-generic 3.11.10
  Uname: Linux 3.11.0-15-generic x86_64
  ApportVersion: 2.12.5-0ubuntu2.2
  Architecture: amd64
  Date: Thu Feb 13 15:50:41 2014
  InstallationDate: Installed on 2010-04-30 (1385 days ago)
  InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100429)
  MarkForUpload: True
  PackageArchitecture: all
  SourcePackage: openssh
  UpgradeStatus: Upgraded to saucy on 2014-02-06 (7 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1279999/+subscriptions

More information about the foundations-bugs mailing list