[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
Srdjan Grubor
sgnn7 at sgnn7.org
Tue Jun 10 20:25:56 UTC 2014
My cases of this bug (though it seems like there are different ones with
similar symptoms) happen each time I reset a 14.04 VM to an older state
from a hard shutdown. Localhost ssh connections fail as well with same
output.
Workaround for me is regenerating the host keys (sudo rm /etc/ssh/host_*
&& sudo ssh-keygen -A) each time I revert the VM. Changing the
cipher/kex does not seem to change the outcome.
I wonder if some junk gets written to the keys in bad shutdowns. I'll
see If I can debug the output of the sshd.
Client log below:
$ ssh root at redacted -vvvv
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.56.101 [192.168.56.101] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/sg/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/sg/.ssh/id_rsa type 1
debug1: identity file /home/sg/.ssh/id_rsa-cert type -1
debug1: identity file /home/sg/.ssh/id_dsa type -1
debug1: identity file /home/sg/.ssh/id_dsa-cert type -1
debug1: identity file /home/sg/.ssh/id_ecdsa type -1
debug1: identity file /home/sg/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/sg/.ssh/id_ed25519 type -1
debug1: identity file /home/sg/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p1 Ubuntu-2ubuntu1
debug1: match: OpenSSH_6.6p1 Ubuntu-2ubuntu1 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "192.168.56.101" from file "/home/sg/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/sg/.ssh/known_hosts:87
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: Compat: skipping algorithm "curve25519-sha256 at libssh.org"
debug2: compat_kex_proposal: compat KEX proposal: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/708493
Title:
Can't login anymore: Read from socket failed: Connection reset by peer
Status in “openssh” package in Ubuntu:
Confirmed
Status in “openssh” package in Debian:
New
Bug description:
After todays update to
1:5.7p1-1ubuntu1
I cannot login to SOME (!) of my servers. Example of a server failing:
~$ ssh -v root at mail
OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/hildeb/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to mail [141.42.202.200] port 22.
debug1: Connection established.
debug1: identity file /home/hildeb/.ssh/id_rsa type -1
debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
debug1: identity file /home/hildeb/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_5.5p1 Debian-6
debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Connection reset by peer
There is NOTHING in daemon.log, auth.log or syslog on the server I'm
trying to connect to.
Example of a server NOT failing:
$ ssh -v root at netsight
OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/hildeb/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to netsight [10.47.2.222] port 22.
debug1: Connection established.
debug1: identity file /home/hildeb/.ssh/id_rsa type -1
debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
debug1: identity file /home/hildeb/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6
debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 18:ce:76:c7:7c:f4:98:94:28:8f:62:4a:31:e8:5b:c9
debug1: Host 'netsight' is known and matches the RSA host key.
debug1: Found key in /home/hildeb/.ssh/known_hosts:56
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering DSA public key: /home/hildeb/.ssh/id_dsa
debug1: Server accepts key: pkalg ssh-dss blen 433
debug1: Authentication succeeded (publickey).
Authenticated to netsight ([10.47.2.222]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions at openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LC_MESSAGES = en_US.utf8
debug1: Sending env LANG = de_DE.UTF-8
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: openssh-client 1:5.7p1-1ubuntu1
ProcVersionSignature: Ubuntu 2.6.37-12.26-generic 2.6.37
Uname: Linux 2.6.37-12-generic x86_64
Architecture: amd64
Date: Thu Jan 27 09:13:15 2011
ProcEnviron:
LANGUAGE=en_US:en
LANG=de_DE.UTF-8
LC_MESSAGES=en_US.utf8
SHELL=/bin/bash
RelatedPackageVersions:
ssh-askpass N/A
libpam-ssh N/A
keychain N/A
ssh-askpass-gnome 1:5.7p1-1ubuntu1
SSHClientVersion: OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
SourcePackage: openssh
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions
More information about the foundations-bugs
mailing list