Comment 63 for bug 708493

Revision history for this message
Gary Salisbury (gary-r-salisbury) wrote : Re: [Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer

Did this used to work .... ?

This bug is due to a ssh version change ...

Sounds like you may have a firewall issue, if you are trying to connect via
a nated connection for the 1st time.

Use tcpdump on your server ... and analyze the traffic on port 22

Compare the traffic, when you connect locally and then via the nated
connection.

Use the verbose settings of ssh to get more information .... before posting
again ..

On 20 February 2015 at 20:25, Mike <email address hidden> wrote:

> Thanks, but a specific client is not an option. I need to connect with any
> client from different systems. The flow I described is for problem
> isolation only. Putty cannot connect either.
>
> On Fri Feb 20 2015 at 18:31:15 Gary Salisbury <email address hidden>
> wrote:
>
> > Use dbclient ...
> >
> > On 20 February 2015 at 19:07, Mike <email address hidden> wrote:
> >
> > > Hello,
> > > Not sure it is the same problem here, but I cannot connect to my
> machine
> > > if go through NAT.
> > ...
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/708493
>
> Title:
> Can't login anymore: Read from socket failed: Connection reset by peer
>
> Status in openssh package in Ubuntu:
> Confirmed
> Status in openssh package in Debian:
> New
>
> Bug description:
> After todays update to
> 1:5.7p1-1ubuntu1
> I cannot login to SOME (!) of my servers. Example of a server failing:
>
> ~$ ssh -v root@mail
> OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
> debug1: Reading configuration data /home/hildeb/.ssh/config
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to mail [141.42.202.200] port 22.
> debug1: Connection established.
> debug1: identity file /home/hildeb/.ssh/id_rsa type -1
> debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
> debug1: identity file /home/hildeb/.ssh/id_dsa type 2
> debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
> debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
> debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
> debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
> debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
> debug1: Remote protocol version 1.99, remote software version
> OpenSSH_5.5p1 Debian-6
> debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-ctr hmac-md5 none
> debug1: kex: client->server aes128-ctr hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> Read from socket failed: Connection reset by peer
>
> There is NOTHING in daemon.log, auth.log or syslog on the server I'm
> trying to connect to.
>
> Example of a server NOT failing:
>
> $ ssh -v root@netsight
> OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
> debug1: Reading configuration data /home/hildeb/.ssh/config
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Connecting to netsight [10.47.2.222] port 22.
> debug1: Connection established.
> debug1: identity file /home/hildeb/.ssh/id_rsa type -1
> debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
> debug1: identity file /home/hildeb/.ssh/id_dsa type 2
> debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
> debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
> debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
> debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
> debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_5.5p1 Debian-6
> debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-ctr hmac-md5 none
> debug1: kex: client->server aes128-ctr hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Server host key: RSA
> 18:ce:76:c7:7c:f4:98:94:28:8f:62:4a:31:e8:5b:c9
> debug1: Host 'netsight' is known and matches the RSA host key.
> debug1: Found key in /home/hildeb/.ssh/known_hosts:56
> debug1: ssh_rsa_verify: signature correct
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: Roaming not allowed by server
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey,keyboard-interactive
> debug1: Next authentication method: publickey
> debug1: Offering DSA public key: /home/hildeb/.ssh/id_dsa
> debug1: Server accepts key: pkalg ssh-dss blen 433
> debug1: Authentication succeeded (publickey).
> Authenticated to netsight ([10.47.2.222]:22).
> debug1: channel 0: new [client-session]
> debug1: Requesting <email address hidden>
> debug1: Entering interactive session.
> debug1: Sending environment.
> debug1: Sending env LC_MESSAGES = en_US.utf8
> debug1: Sending env LANG = de_DE.UTF-8
>
> ProblemType: Bug
> DistroRelease: Ubuntu 11.04
> Package: openssh-client 1:5.7p1-1ubuntu1
> ProcVersionSignature: Ubuntu 2.6.37-12.26-generic 2.6.37
> Uname: Linux 2.6.37-12-generic x86_64
> Architecture: amd64
> Date: Thu Jan 27 09:13:15 2011
> ProcEnviron:
> LANGUAGE=en_US:en
> LANG=de_DE.UTF-8
> LC_MESSAGES=en_US.utf8
> SHELL=/bin/bash
> RelatedPackageVersions:
> ssh-askpass N/A
> libpam-ssh N/A
> keychain N/A
> ssh-askpass-gnome 1:5.7p1-1ubuntu1
> SSHClientVersion: OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun
> 2010
> SourcePackage: openssh
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions
>