14.04 host can not ssh to a Cisco router
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssh (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
I can not connect from a freshly installed 14.04 box to a Cisco CSR1000V. 12.04 connects with no issues.
Debugging this, the symptoms are identical to this bug report: https:/
see the logs below (hostnames, addresses, and usernames below are edited).
Failing attempt (the default settings):
$ ssh -vvv <email address hidden>
OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to router.example [2001:db8::1] port 22.
debug1: Connection established.
debug1: SELinux support disabled
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-
debug2: kex_parse_kexinit: aes128-
debug2: kex_parse_kexinit: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: kex_parse_kexinit: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: kex_parse_kexinit: none,<email address hidden>,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: aes128-
debug2: kex_parse_kexinit: aes128-
debug2: kex_parse_kexinit: hmac-sha1,
debug2: kex_parse_kexinit: hmac-sha1,
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: setup hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: setup hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_
debug1: expecting SSH2_MSG_
Connection closed by 2001:db8::1
Working attempt:
$ ssh -vvv -o KexAlgorithms=
OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to router.example [2001:db8::1] port 22.
debug1: Connection established.
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: identity file /home/ubuntu/
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-
debug1: Remote protocol version 1.99, remote software version Cisco-1.25
debug1: no match: Cisco-1.25
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "router.example" from file "/home/
debug3: load_hostkeys: found key type RSA in file /home/ubuntu/
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: <email address hidden>,<email address hidden>,ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-
debug2: kex_parse_kexinit: <email address hidden>,<email address hidden>
debug2: kex_parse_kexinit: aes128-
debug2: kex_parse_kexinit: aes128-
debug2: kex_parse_kexinit: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: kex_parse_kexinit: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: kex_parse_kexinit: none,<email address hidden>,zlib
debug2: kex_parse_kexinit: none,<email address hidden>,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: aes128-
debug2: kex_parse_kexinit: aes128-
debug2: kex_parse_kexinit: hmac-sha1,
debug2: kex_parse_kexinit: hmac-sha1,
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_
debug2: key: /home/ubuntu/
debug2: key: /home/ubuntu/
debug2: key: /home/ubuntu/
debug2: key: /home/ubuntu/
debug1: Authentications that can continue: publickey,
debug3: start over, passed a different list publickey,
debug3: preferred gssapi-
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-
debug3: authmethod_
debug1: Next authentication method: publickey
debug1: Trying private key: /home/ubuntu/
debug3: no such identity: /home/ubuntu/
debug1: Trying private key: /home/ubuntu/
debug3: no such identity: /home/ubuntu/
debug1: Trying private key: /home/ubuntu/
debug3: no such identity: /home/ubuntu/
debug1: Trying private key: /home/ubuntu/
debug3: no such identity: /home/ubuntu/
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-
debug3: remaining preferred: password
debug3: authmethod_
debug1: Next authentication method: keyboard-
debug2: userauth_kbdint
debug2: we sent a keyboard-
debug2: input_userauth_
debug2: input_userauth_
Password:
debug3: packet_send2: adding 32 (len 24 padlen 8 extra_pad 64)
debug1: Authentication succeeded (keyboard-
Authenticated to router.example ([2001:db8::1]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IPV6_TCLASS 0x10
debug2: client_
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug3: Ignored env XDG_VTNR
debug3: Ignored env LESS_TERMCAP_mb
debug3: Ignored env XDG_SESSION_ID
debug3: Ignored env LESS_TERMCAP_md
debug3: Ignored env LESS_TERMCAP_me
debug3: Ignored env SHELL
debug3: Ignored env TERM
debug3: Ignored env BYOBU_CONFIG_DIR
debug3: Ignored env HUSHLOGIN
debug3: Ignored env LESS_TERMCAP_ue
debug3: Ignored env BYOBU_TTY
debug3: Ignored env BYOBU_READLINK
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env GREP_COLORS
debug3: Ignored env BYOBU_RUN_DIR
debug3: Ignored env BYOBU_DISTRO
debug3: Ignored env BYOBU_DATE
debug3: Ignored env TMUX
debug3: Ignored env LESS_TERMCAP_us
debug3: Ignored env BYOBU_BACKEND
debug3: Ignored env BYOBU_SED
debug3: Ignored env PATH
debug3: Ignored env MAIL
debug3: Ignored env BYOBU_DARK
debug3: Ignored env PWD
debug3: Ignored env BYOBU_ULIMIT
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env TMUX_PANE
debug3: Ignored env BYOBU_PYTHON
debug3: Ignored env BYOBU_CHARMAP
debug3: Ignored env BYOBU_WINDOW_NAME
debug3: Ignored env HOME
debug3: Ignored env SHLVL
debug3: Ignored env XDG_SEAT
debug3: Ignored env LANGUAGE
debug3: Ignored env BYOBU_LIGHT
debug3: Ignored env LOGNAME
debug3: Ignored env LESS_TERMCAP_so
debug3: Ignored env BYOBU_PAGER
debug3: Ignored env BYOBU_ACCENT
debug3: Ignored env LESSOPEN
debug3: Ignored env BYOBU_PREFIX
debug3: Ignored env XDG_RUNTIME_DIR
debug3: Ignored env BYOBU_HIGHLIGHT
debug3: Ignored env LESSCLOSE
debug3: Ignored env LESS_TERMCAP_se
debug3: Ignored env BYOBU_TIME
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 8192 rmax 4096
debug2: channel_
debug2: PTY allocation request accepted on channel 0
debug2: channel_
debug2: shell request accepted on channel 0
router#
version information:
$ lsb_release -rd
Description: Ubuntu 14.04 LTS
Release: 14.04
$ apt-cache policy openssh-client
openssh-client:
Installed: 1:6.6p1-2ubuntu1
Candidate: 1:6.6p1-2ubuntu1
Version table:
*** 1:6.6p1-2ubuntu1 0
500 http://
100 /var/lib/
CSR1000V version:
router#sh ver
Cisco IOS XE Software, Version 03.12.00.S - Standard Support Release
Cisco IOS Software, CSR1000V Software (X86_64_
Technical Support: http://
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Wed 26-Mar-14 21:09 by mcpre
Status changed to 'Confirmed' because the bug affects multiple users.