Re: ssh login stuck at "expecting SSH2_MSG_KEX_ECDH_REPLY"
I am trying to force a core dump of dropbear for gdb analysis. But I am unable to get dropbear to dump core. I tried kill [-QUIT | -ABRT | -BUS ]. None of those signals work. Relevant config related to core on my system is: root@wsbmc013:~# cat /proc/sys/kernel/core_pattern /tmp/core_%e.%p root@wsbmc013:~# ulimit -c unlimited dropbear is run with the following options: root@wsbmc013:~# ps -aef | grep dropbear | grep -v grep 1518 root 0:00 /usr/sbin/dropbear -i -r /var/lib/dropbear/dropbear_rsa_host_key -B regards, Hari ! Hariharasubramanian Ramasubramanian/India/IBM wrote on 10/23/2017 04:42:11 PM: > From: Hariharasubramanian Ramasubramanian/India/IBM > To: dropbear@ucc.asn.au > Cc: Matt Johnston <m...@ucc.asn.au> > Date: 10/23/2017 04:42 PM > Subject: ssh login stuck at "expecting SSH2_MSG_KEX_ECDH_REPLY" > > ssh login gets stuck at "expecting SSH2_MSG_KEX_ECDH_REPLY" at random. > > However forcing ssh to use 3des cipher suite makes the login go through. > > What causes the login to succeed when cipher suite is forced but > fail otherwise ? > > Here are the debug for 3 different use cases: > 1) successful login attempt > 2) failed login attempt > 3) forced 3des cipher suite > > == > 1) Successful login attempt > == > -bash-4.1$ ssh -vvv root@wsbmc011 > OpenSSH_5.8p2, OpenSSL 1.0.0g 18 Jan 2012 > debug1: Reading configuration data /gsa/ausgsa/projects/i/ > indiateam04/hramasub/.ssh/config > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug2: ssh_connect: needpriv 0 > debug1: Connecting to wsbmc011 [9.3.21.42] port 22. > debug1: Connection established. > debug3: Incorrect RSA1 identifier > debug3: Could not load "/gsa/ausgsa/projects/i/indiateam04/ > hramasub/.ssh/id_rsa" as a RSA1 public key > debug2: key_type_from_name: unknown key type '-BEGIN' > debug3: key_read: missing keytype > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug2: key_type_from_name: unknown key type '-END' > debug3: key_read: missing keytype > debug1: identity file /gsa/ausgsa/projects/i/indiateam04/ > hramasub/.ssh/id_rsa type 1 > debug1: identity file /gsa/ausgsa/projects/i/indiateam04/ > hramasub/.ssh/id_rsa-cert type -1 > debug1: identity file /gsa/ausgsa/projects/i/indiateam04/ > hramasub/.ssh/id_dsa type -1 > debug1: identity file /gsa/ausgsa/projects/i/indiateam04/ > hramasub/.ssh/id_dsa-cert type -1 > debug1: identity file /gsa/ausgsa/projects/i/indiateam04/ > hramasub/.ssh/id_ecdsa type -1 > debug1: identity file /gsa/ausgsa/projects/i/indiateam04/ > hramasub/.ssh/id_ecdsa-cert type -1 > debug1: Remote protocol version 2.0, remote software ver
Re: ssh login stuck at "expecting SSH2_MSG_KEX_ECDH_REPLY"
Hi Hari, Can you get a backtrace of the stuck dropbear process in 2) ? That might suggest what's going wrong. Cheers, Matt > On Mon 23/10/2017, at 7:12 pm, Hariharasubramanian Ramasubramanian > <hrama...@in.ibm.com> wrote: > > ssh login gets stuck at "expecting SSH2_MSG_KEX_ECDH_REPLY" at random. > > However forcing ssh to use 3des cipher suite makes the login go through. > > What causes the login to succeed when cipher suite is forced but fail > otherwise ? > > Here are the debug for 3 different use cases: > 1) successful login attempt > 2) failed login attempt > 3) forced 3des cipher suite > > == > 1) Successful login attempt > == > -bash-4.1$ ssh -vvv root@wsbmc011 > OpenSSH_5.8p2, OpenSSL 1.0.0g 18 Jan 2012 > debug1: Reading configuration data > /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/config > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug2: ssh_connect: needpriv 0 > debug1: Connecting to wsbmc011 [9.3.21.42] port 22. > debug1: Connection established. > debug3: Incorrect RSA1 identifier > debug3: Could not load > "/gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_rsa" as a RSA1 public key > debug2: key_type_from_name: unknown key type '-BEGIN' > debug3: key_read: missing keytype > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug2: key_type_from_name: unknown key type '-END' > debug3: key_read: missing keytype > debug1: identity file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_rsa > type 1 > debug1: identity file > /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_rsa-cert type -1 > debug1: identity file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_dsa > type -1 > debug1: identity file > /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_dsa-cert type -1 > debug1: identity file > /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_ecdsa type -1 > debug1: identity file > /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_ecdsa-cert type -1 > debug1: Remote protocol version 2.0, remote software version dropbear_2016.74 > debug1: no match: dropbear_2016.74 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_5.8 > debug2: fd 3 setting O_NONBLOCK > debug3: load_hostkeys: loading entries for host "wsbmc011" from file > "/gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/known_hosts" > debug3: load_hostkeys: found key type RSA in file > /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/known_hosts:23 > debug3: load_hostkeys: loaded 1 keys > debug3: order_hostkeyalgs: prefer hostkeyalgs: > ssh-rsa-cert-...@openssh.co
Re: ssh login stuck at "expecting SSH2_MSG_KEX_ECDH_REPLY"
Hello Hari, nothing special just a hint when sending logs just replace real IPs with something like 192.168.1.* otherwise you may reveal information you do not want to reveal. Just remember that searchengines will find you post now and in 10 years. re, wh Am 23.10.2017 13:12, schrieb Hariharasubramanian Ramasubramanian: > > ssh login gets stuck at "expecting SSH2_MSG_KEX_ECDH_REPLY" at random. > > However forcing ssh to use 3des cipher suite makes the login go through. > > What causes the login to succeed when cipher suite is forced but fail > otherwise ? > > Here are the debug for 3 different use cases: > 1) successful login attempt > 2) failed login attempt > 3) forced 3des cipher suite > > == > 1) Successful login attempt > == > -bash-4.1$ ssh -vvv root@wsbmc011 > OpenSSH_5.8p2, OpenSSL 1.0.0g 18 Jan 2012 > debug1: Reading configuration > data /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/config > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug2: ssh_connect: needpriv 0 > debug1: Connecting to wsbmc011 [9.3.21.42] port 22. > debug1: Connection established. > debug3: Incorrect RSA1 identifier > debug3: Could not load > "/gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_rsa" as a RSA1 public > key > debug2: key_type_from_name: unknown key type '-BEGIN' > debug3: key_read: missing keytype > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug2: key_type_from_name: unknown key type '-END' > debug3: key_read: missing keytype > debug1: identity > file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_rsa type 1 > debug1: identity > file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_rsa-cert type -1 > debug1: identity > file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_dsa type -1 > debug1: identity > file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_dsa-cert type -1 > debug1: identity > file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_ecdsa type -1 > debug1: identity > file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_ecdsa-cert type -1 > debug1: Remote protocol version 2.0, remote software version > dropbear_2016.74 > debug1: no match: dropbear_2016.74 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_5.8 > debug2: fd 3 setting O_NONBLOCK > debug3: load_hostkeys: loading entries for host "wsbmc011" from file > "/gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/known_hosts" > debug3: load_hostkeys: found key type RSA in > file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/known_hosts:23 > debug3: load_hostkeys: loaded 1 k
ssh login stuck at "expecting SSH2_MSG_KEX_ECDH_REPLY"
ssh login gets stuck at "expecting SSH2_MSG_KEX_ECDH_REPLY" at random. However forcing ssh to use 3des cipher suite makes the login go through. What causes the login to succeed when cipher suite is forced but fail otherwise ? Here are the debug for 3 different use cases: 1) successful login attempt 2) failed login attempt 3) forced 3des cipher suite == 1) Successful login attempt == -bash-4.1$ ssh -vvv root@wsbmc011 OpenSSH_5.8p2, OpenSSL 1.0.0g 18 Jan 2012 debug1: Reading configuration data /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to wsbmc011 [9.3.21.42] port 22. debug1: Connection established. debug3: Incorrect RSA1 identifier debug3: Could not load "/gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_rsa" as a RSA1 public key debug2: key_type_from_name: unknown key type '-BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-END' debug3: key_read: missing keytype debug1: identity file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_rsa type 1 debug1: identity file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_rsa-cert type -1 debug1: identity file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_dsa type -1 debug1: identity file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_dsa-cert type -1 debug1: identity file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_ecdsa type -1 debug1: identity file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version dropbear_2016.74 debug1: no match: dropbear_2016.74 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "wsbmc011" from file "/gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /gsa/ausgsa/projects/i/indiateam04/hramasub/.ssh/known_hosts:23 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-rsa debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-rsa,ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ssh-dss-cert-v01@openssh .com,ssh-dss-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa- sha2-nistp521,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,a