Re: ssh woes
On Sun, 2011-12-06 at 01:09 -0400, William Hopkins wrote: Yes. Try #ssh -o PreferredAuthentications=password and paste the output PreferredAuthentications doesn't seem to be a correct option. Nor does it show up in /etc/ssh/ssh_config or /etc/ssh/sshd_config. Perhaps this is because I used the empty string when creating keys? b. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1307858648.2438.43.ca...@zefram.soho.lan
Re: ssh woes
On 06/11/11 at 11:04pm, Bill wrote: On Sun, 2011-12-06 at 01:09 -0400, William Hopkins wrote: Yes. Try #ssh -o PreferredAuthentications=password and paste the output PreferredAuthentications doesn't seem to be a correct option. Nor does it show up in /etc/ssh/ssh_config or /etc/ssh/sshd_config. Perhaps this is because I used the empty string when creating keys? #man 5 ssh_config PreferredAuthentications Specifies the order in which the client should try protocol 2 authentication methods. This allows a client to prefer one method (e.g. keyboard-interactive) over another method (e.g. password) The default for this option is: “gssapi-with-mic,hostbased,publickey, keyboard-interactive,password”. It not being in your /etc/ssh/ssh_config means you're not overriding the default, that's all. -- Liam signature.asc Description: Digital signature
Re: ssh woes
On Sun, 2011-12-06 at 03:10 -0400, William Hopkins wrote: It not being in your /etc/ssh/ssh_config means you're not overriding the default, that's all. Ok. Thanks. I was curious. b. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1307862890.2438.47.ca...@zefram.soho.lan
Re: ssh woes
On 06/11/11 at 09:55pm, Bill wrote: Hi folks, I've Googled myself blind over this one, but all I can find are hundreds of people with the same problem and no real solutions. I suspect the answer is staring me in the face but I just don't see it. While I can ssh from my desktop to my laptop, I cannot ssh from my laptop to my desktop. However, I can ping the desktop from the laptop no problem. Likewise I can scp files to/from the laptop as long as I am working on the desktop. When I try and ssh from the laptop to the desktop I get the error message: Read from socket failed: Connection reset by peer Here's some additional output: me@laptop:~$ ssh -vvv desktop OpenSSH_5.5p1 Debian-6, OpenSSL 0.9.8o 01 Jun 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to desktop [192.168.1.10] port 22. debug1: Connection established. debug3: Not a RSA1 key file /home/me/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-END' debug3: key_read: missing keytype debug1: identity file /home/me/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/me/.ssh/id_rsa-cert type -1 debug1: identity file /home/me/.ssh/id_dsa type -1 debug1: identity file /home/me/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 Debian-9 debug1: match: OpenSSH_4.3p2 Debian-9 pat OpenSSH_4* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-6 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent Read from socket failed: Connection reset by peer And from the desktop side in /var/log/auth.log Jun 11 20:30:26 desktop sshd[2575]: error: Could not load host key: /etc/ssh/ssh_host_rsa_key Jun 11 20:30:26 desktop sshd[2575]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key Any suggestions here? Yes. Try #ssh -o PreferredAuthentications=password and paste the output -- Liam signature.asc Description: Digital signature
Re: ssh woes [solved] [Read from socket failed: Connection reset by peer]
On Sat, 2011-11-06 at 21:55 -0700, Bill wrote: Hi folks, I've Googled myself blind over this one, but all I can find are hundreds of people with the same problem and no real solutions. I suspect the answer is staring me in the face but I just don't see it. While I can ssh from my desktop to my laptop, I cannot ssh from my laptop to my desktop. However, I can ping the desktop from the laptop no problem. Likewise I can scp files to/from the laptop as long as I am working on the desktop. When I try and ssh from the laptop to the desktop I get the error message: Read from socket failed: Connection reset by peer Here's some additional output: me@laptop:~$ ssh -vvv desktop OpenSSH_5.5p1 Debian-6, OpenSSL 0.9.8o 01 Jun 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to desktop [192.168.1.10] port 22. debug1: Connection established. debug3: Not a RSA1 key file /home/me/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-END' debug3: key_read: missing keytype debug1: identity file /home/me/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/me/.ssh/id_rsa-cert type -1 debug1: identity file /home/me/.ssh/id_dsa type -1 debug1: identity file /home/me/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 Debian-9 debug1: match: OpenSSH_4.3p2 Debian-9 pat OpenSSH_4* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-6 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent Read from socket failed: Connection reset by peer And from the desktop side in /var/log/auth.log Jun 11 20:30:26 desktop sshd[2575]: error: Could not load host key: /etc/ssh/ssh_host_rsa_key Jun 11 20:30:26 desktop sshd[2575]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key Any suggestions here? Well I was right. I was looking in the wrong place. In writing the original email message I provided information about error messages on both the desktop and the laptop. On a hunch, I compared the /etc/ssh/ directories on both. The laptop had keys in it whereas the desktop did not for some reason. I'd spent most of my time looking on the laptop not the desktop and in ~/.ssh not in /etc/ssh. And so: root@desktop:/etc/ssh# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key generated the necessary keys and I was able to ssh from the laptop. Simple really. Just looking in the wrong place. As usual. But alls well that ends well. Hope this helps someone else. b. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1307855568.2438.37.ca...@zefram.soho.lan
Re: ssh woes!?...
Philipp Schulte wrote: root is not able to login from a remote host by default. You can change this in /etc/pam.d/login thanks Phil, I don't think I made myself clear, I perform scp [EMAIL PROTECTED]:/dir/file . when logged in as root, and it fails. When I'm logged in as a plain ol user it works. I'm ssh'ing as a user not root. -Cheers Max. -- Max Lock, Linux Systems Administrator, TELE2 uk. http://3558031516 Linux like wigwam. No windows, no gates, Apache inside.
Re: ssh woes!?...
On Tuesday 12 December 2000 04:27, Max Lock wrote: Philipp Schulte wrote: root is not able to login from a remote host by default. You can change this in /etc/pam.d/login thanks Phil, I don't think I made myself clear, I perform scp [EMAIL PROTECTED]:/dir/file . when logged in as root, and it fails. When I'm logged in as a plain ol user it works. I'm ssh'ing as a user not root. Check the setting of PermitRootLogin in sshd_config on the target host? -- Bud Rogers [EMAIL PROTECTED] http://www.sirinet.net/~budr/zamm.html All things in moderation. And not too much moderation either.
Re: ssh woes!?...
On Mon, Dec 11, 2000 at 04:49:56PM +, Max Lock wrote: Hi folks, I've got a weird ssh problem. I'm running 2.2r0 and when I ssh as root to another 2.2r0 system, I get as far as debug: Allocated local port 607 with the -v option, and it then hangs and timesout? But the kicker is if I ssh as a non-root user, it works!? I've copied the known_hosts file etc and set it's perms, but with no luck. Anyone got any ideas or hit this one before? no answers on Deja. does it use a privileged port? try the -P switch of ssh, and the UsePrivilegedPort option in ssh_config possibly some firewall blocks 1024 stuff, it's imho usually better not to use privileged ports if not required. -- ,---. Name: Alson van der Meulen Personal: [EMAIL PROTECTED] School: [EMAIL PROTECTED] `---' dd if=/dev/null of=/vmunix -
Re: ssh woes!?...
On Mon, Dec 11, 2000 at 04:49:56PM +, Max Lock wrote: I've got a weird ssh problem. I'm running 2.2r0 and when I ssh as root to another 2.2r0 system, I get as far as debug: Allocated local port 607 with the -v option, and it then hangs and timesout? But the kicker is if I ssh as a non-root user, it works!? I've copied the known_hosts file etc and set it's perms, but with no luck. root is not able to login from a remote host by default. You can change this in /etc/pam.d/login Phil
Re: ssh woes!?...
Philipp Schulte [EMAIL PROTECTED] wrote: On Mon, Dec 11, 2000 at 04:49:56PM +, Max Lock wrote: I've got a weird ssh problem. I'm running 2.2r0 and when I ssh as root to another 2.2r0 system, I get as far as debug: Allocated local port 607 with the -v option, and it then hangs and timesout? But the kicker is if I ssh as a non-root user, it works!? I've copied the known_hosts file etc and set it's perms, but with no luck. root is not able to login from a remote host by default. You can change this in /etc/pam.d/login /etc/pam.d/ssh lets root login remotely by ssh, which is fair enough. You (Max) don't have some kind of DNS problem, do you? Can the remote host do a reverse lookup on your local host's IP address? -- Colin Watson [EMAIL PROTECTED]
Re: ssh woes!?...
On Mon, Dec 11, 2000 at 04:49:56PM +, Max Lock wrote: I've got a weird ssh problem. I'm running 2.2r0 and when I ssh as root to another 2.2r0 system, I get as far as debug: Allocated local port 607 with the -v option, and it then hangs and timesout? Anyone got any ideas or hit this one before? Hello, It's happened to me too. Here is the relevant snip from /usr/share/doc/ssh/README.Debian PermitRootLogin: The default for this setting has been changed from Yes to No, for security reasons. Simply switch it back on in /etc/ssh/sshd_config if you need to log in as root, although I would recommend that you use real usernames for remote logins, and then use su, or perhaps preferably sudo, to become root. This allows you to determine which of the sysadmins it is that is logged in as root, if needed, and encourages sysadmins not to be root at all times Regards, Raghavendra. -- N. Raghavendra [EMAIL PROTECTED] | Harish-Chandra Research Institute | When the cup is full, GnuPG public key at:| carry it level. http://riemann.mri.ernet.in/~raghu/ |