On Wed, Mar 9, 2011 at 11:35 AM, Mirko Vukovic wrote: > I had a problem with ssh 5.6 or 5.8 connecting across a VPN. I solved > it by going back to ssh 5.5. > > But I don't understand the reason why 5.8 or 5.6 do not work. Here's the > story: > > Actors: > - laptop with cygwin 1.7 and openssh 5.8p1 on windows XP > - desktop with redhat EL linux 5 with openssh 4.3p2 > > When the machines are on the LAN, I can ssh from one to the other. > > Not so when the laptop is connecting to the company network via a VPN. > - I can connect from the desktop to the laptop > - I cannot connect from the laptop to the desktop > > Here is the trace when connecting from laptop to dekstop: > OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011 > debug1: Reading configuration data /home/.ssh/config > debug1: Reading configuration data /etc/ssh_config > debug1: Connecting to a.b.c.d [a.b.c.d] port 22. > debug1: Connection established. > debug1: identity file /home/.ssh/id_rsa type 1 > debug1: identity file /home/.ssh/id_rsa-cert type -1 > debug1: identity file /home/.ssh/id_dsa type 2 > debug1: identity file /home/.ssh/id_dsa-cert type -1 > debug1: identity file /home/.ssh/id_ecdsa type -1 > debug1: identity file /home/.ssh/id_ecdsa-cert type -1 > debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 > debug1: match: OpenSSH_4.3 pat OpenSSH_4* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_5.8 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client aes128-ctr hmac-md5 none > debug1: kex: client->server aes128-ctr hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > > On the desktop (/var/log/secure), seconds after trying to establish > the connection > from the laptop I see: > "fatal: Read from socket fails. Connection reset by peer" > > Luckily I found the 5.5 tar.bz2 file in my dist directories. Once I > installed it using > setup, I was able to connect using ssh (and unison) > > I did not see anything in the /usr/share/doc/Cygwin or > /usr/share/doc/openssh/ that > would point to a difference between 5.5 and 5.6, 5.8. > > Any thoughts on what could be causing the problem? > > Thanks, > > Mirko >
It turns out I solved another problem by moving to the older version of ssh. This involves a part I glossed over in the prior message: My third computer is a desktop running windows XP and I use unison to synchronize files between the three computers. This desktop is the center node of my unison universe: both the XP laptop and the Linux desktop synchronize to it. Some time ago the unison synchronization between the XP desktop (ssh 5.8) and Linux desktop (ssh 4.3) stopped working. Unison was trying to write a file DANGER.readme to the /home directory. Puzzlingly, the location is determined by the HOME variable, which points to /home/mirko Once I switched the ssh version on the central node to 5.5, this error disappeared. I wonder if the new ssh versions instead of having a new bug or feature, have uncovered a problem in my cygwin setup. On both my laptop and desktop I keep my personal files (what is usually under /home/mirko on Linux) under a plain /home. When I get a chance, I may try to change that to /home/mirko on the Windows machines as well, and then check out the behavior of ssh 5.8. Mirko -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
