SSH fails with connection timed out - in VPN and hangs here "expecting SSH2_MSG_KEX_ECDH_REPLY" + Ubuntu 16.04.6 LTS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
openconnect (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Xenial |
Won't Fix
|
Wishlist
|
Unassigned | ||
openssh (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Hello Team,
SSH timeout issue, once connect to VPN.
Environment
======
Dell XPS 9570
Ubuntu 16.04.6 Xenial Xerus)
kernel - 4.15.0-55-generic
$dpkg -l | grep -i openssh
ii openssh-client 1:7.2p2-4ubuntu2.8 -->
ii openssh-server 1:7.2p2-4ubuntu2.8
ii openssh-sftp-server 1:7.2p2-4ubuntu2.8
VPN tunnel info
====
vpn0 Link encap:UNSPEC HWaddr 00-00-00-
inet addr:IP P-t-P:xx Mask:255.255.252.0
inet6 addr: fe80::b8e2:
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1406 Metric:1
RX packets:962 errors:0 dropped:0 overruns:0 frame:0
TX packets:1029 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:87839 (87.8 KB) TX bytes:238740 (238.7 KB)
Issue
====
Unable to connect to any host via ssh or sftp after VPN connection
Tried
=====
Reinstalled the openssh-client package and still no luck. May I know why the default cipher is not taking/hanging? Please let me know . There were no recent changes.
Workaround
===
Able to connect to ssh / sftp $ssh -c aes128-ctr user@IP
Below is the debug ssh client logs ===
======
$ssh -vvv user@ip
OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "IP" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to IP [IP] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to IP:22 as 'user'
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: <email address hidden>
debug2: host key algorithms: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: ciphers ctos: <email address hidden>
debug2: ciphers stoc: <email address hidden>
debug2: MACs ctos: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: MACs stoc: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: compression ctos: none,<email address hidden>,zlib
debug2: compression stoc: none,<email address hidden>,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-
debug2: host key algorithms: ssh-rsa,
debug2: ciphers ctos: <email address hidden>
debug2: ciphers stoc: <email address hidden>
debug2: MACs ctos: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: MACs stoc: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: compression ctos: none,<email address hidden>
debug2: compression stoc: none,<email address hidden>
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: <email address hidden>
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: <email address hidden> MAC: <implicit> compression: none
debug1: kex: client->server cipher: <email address hidden> MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_
<< Hangs here >>
Please shed some views
Thanks
Jay
Changed in linux (Ubuntu): | |
status: | Incomplete → New |
Changed in linux (Ubuntu): | |
status: | New → Incomplete |
Changed in linux (Ubuntu): | |
status: | Confirmed → Incomplete |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
Changed in openssh (Ubuntu): | |
status: | Incomplete → Confirmed |
Changed in openvpn (Ubuntu): | |
status: | Incomplete → Confirmed |
affects: | openvpn (Ubuntu) → openconnect (Ubuntu) |
Tried with putty no issues.