LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 05-20-2009, 01:34 AM   #1
pcardout
Member
 
Registered: Jun 2003
Location: Socorro, New Mexico
Distribution: Debian ("lenny", "squeeze"), Ubuntu ("karmic", "oneiric")
Posts: 214

Rep: Reputation: 24
ssh Connection reset by peer -- Suggestions for getting debug messages?


Hello LQers. I hope I have some good karma -- because this one is weird.
[Just spent an hour helping a noob with a graphics card problem ... karma].

We all understand this message:
Code:
Read from remote host xxx: Connection reset by peer
Connection to xxx closed.
but I am getting it frequently and have eliminated all the obvious
possibilities.

Things you should know:
  1. This problem seems to only occur with my home computer yyy secure shelling to my office computer xxx.
  2. yyy has been logging into xxx for 5 years with a rock-solid ssh connection.
  3. When yyy shells into OTHER boxes, the connection is STILL rock solid.
  4. When yyy shells into zzz, and then from there shells into xxx, the connection is STILL rock solid. This suggests some software/configuration thing,
    not some fundamental link problem.
  5. The problem seems to have started when I replaced xxx with a brand new machine.
  6. When I upgraded the hardware on xxx (office machine), I also changed from Debian "etch" (stable) to "lenny" (stable). yyy (home machine) is
    still running "etch".
  7. Suspecting an unstable network card driver on the new xxx,
    I changed to a much older stable network card, and got the same behavior.
    This eliminates the network card and drivers. They were also eliminated
    by the fact that other connections to this machine are solid.
  8. I added ServerKeepAlive 60 and ClientKeepAlive 300 to my local .ssh directory on the client machine. No help.
  9. When I run ssh, it takes more than 10 seconds to get
    prompted for the password. This is new behavior, and does not occur
    with other machines.
  10. The first time I try to ssh, I get a connection reset the instant
    I enter my password. Then I try again and can get in, but get booted
    in 3 to 20 minutes.

At this point I am just looking for intelligent questions to ask.
How can I diagnose this?


I did not see any messages with dmesg,
or /var/log/syslog. I saw some posts about enabling verbose logging
with sshd on the server -- but could not make that work. So maybe
that is a place to start.
 
Old 05-20-2009, 04:44 AM   #2
chitambira
Member
 
Registered: Oct 2008
Location: Fife
Distribution: RHEL, Centos
Posts: 373
Blog Entries: 1

Rep: Reputation: 49
what is it that you tried? # ssh -vvvv users@server
 
Old 05-20-2009, 10:07 AM   #3
pcardout
Member
 
Registered: Jun 2003
Location: Socorro, New Mexico
Distribution: Debian ("lenny", "squeeze"), Ubuntu ("karmic", "oneiric")
Posts: 214

Original Poster
Rep: Reputation: 24
Dear Mr. Chitambira -- Thanks for helping me think about this differently.

I had been looking for debug messages on the server side. Evidently
you can start sshd with debug flags as well. I had not had luck
making this work, however.

On the client side, I have two problems. One is that the first
logon almost always ends in failure, the other is that the second
logon does not last. The only thing I can see that differentiates
the two is that the second logon happens shortly after the first
attempt. It as if the first attempt changes some state on the server.
It all seems like magic at the moment.

Thinking perhaps that something is horked up on the client side,
I did an
Code:
ssh-keygen
. That didn't improve the problem.

Anyway -- I will post an excerpt from a failed logon attempt.
If anything strikes you as odd -- I will pursue it further.

Code:
richard@XXXXX's password:

debug3: packet_send2: adding 48 (len 67 padlen 13 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 0
debug3: tty_make_modes: ospeed 38400
debug3: tty_make_modes: ispeed 38400
debug3: tty_make_modes: 1 3
debug3: tty_make_modes: 55 1
#DELETED ABOUT 30 SIMILAR LINES
debug3: tty_make_modes: 91 1
debug3: tty_make_modes: 92 0
debug3: tty_make_modes: 93 0
debug1: Sending environment.
debug3: Ignored env SSH_AGENT_PID
debug3: Ignored env TERM
debug3: Ignored env DESKTOP_STARTUP_ID
#DELETED 10 SIMILAR LINES
debug3: Ignored env DESKTOP_SESSION
debug3: Ignored env PATH
debug3: Ignored env GDM_XSERVER_LOCATION
debug3: Ignored env PWD
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env GDMSESSION
debug3: Ignored env HISTCONTROL
debug3: Ignored env HOME
debug3: Ignored env SHLVL
#DELETED 5 SIMILAR LINES
debug3: Ignored env GNOME_DESKTOP_SESSION_ID
debug3: Ignored env COLORTERM
debug3: Ignored env XAUTHORITY
debug3: Ignored env _
debug2: channel 0: request shell confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i0/0 o0/0 fd 4/5 cfd -1)

  debug3: channel 0: close_fds r 4 w 5 e 6 c -1
  Read from remote host XXXXX: Connection reset by peer
  Connection to XXXXX closed.
  debug1: Transferred: stdin 0, stdout 0, stderr 88 bytes in 0.2 seconds
  debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 391.2
  debug1: Exit status -1
 
Old 05-21-2009, 04:07 AM   #4
chitambira
Member
 
Registered: Oct 2008
Location: Fife
Distribution: RHEL, Centos
Posts: 373
Blog Entries: 1

Rep: Reputation: 49
hmmm... seems like you are trying to run X over ssh (X forwading) need logs from server /var/log/secure, /var/log/Xorg.0.log if available, then also need full client session debug for both fisrt and second ssh connection attempts, then lastly your /etc/ssh/ssh_config from client side

Last edited by chitambira; 05-21-2009 at 04:08 AM.
 
Old 05-21-2009, 09:01 AM   #5
pcardout
Member
 
Registered: Jun 2003
Location: Socorro, New Mexico
Distribution: Debian ("lenny", "squeeze"), Ubuntu ("karmic", "oneiric")
Posts: 214

Original Poster
Rep: Reputation: 24
Client side config

As far as X forwarding goes -- that is a very helpful feature -- but I was
not using it. I there something in the log that suggests I was?

(I just checked my aliases -- ssh is not aliased to ssh -X)

As far as client side ssh_config -- I had not previously had one
for my userID, but I created one as follows:

Code:
richard@elrond:~/.ssh$ ls -a
.  ..  authorized_keys  id_rsa  id_rsa.pub  known_hosts  ssh_config
I added the following line based on posts at LQ -- no help.

Code:
richard@elrond:~/.ssh$ more ssh_config
ClientAliveInterval 120
However, you probably really want this:

Code:
richard@elrond:~$ cat /etc/ssh/ssh_config

# This is the ssh client system-wide configuration file.  ...

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

Host *
#   ForwardAgent no
#   ForwardX11 no
#   ForwardX11Trusted yes
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
    SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes
    GSSAPIDelegateCredentials no
I can send more session logs later -- Is there no way to make the server log more info?

THanks for staying involved.
 
Old 07-06-2012, 02:51 AM   #6
flydream
LQ Newbie
 
Registered: Jul 2012
Posts: 1

Rep: Reputation: Disabled
How about this issue? already fixed?
Now I also met same problem, and I am finding the solution...

Quote:
Originally Posted by pcardout View Post
As far as X forwarding goes -- that is a very helpful feature -- but I was
not using it. I there something in the log that suggests I was?

(I just checked my aliases -- ssh is not aliased to ssh -X)

As far as client side ssh_config -- I had not previously had one
for my userID, but I created one as follows:

Code:
richard@elrond:~/.ssh$ ls -a
.  ..  authorized_keys  id_rsa  id_rsa.pub  known_hosts  ssh_config
I added the following line based on posts at LQ -- no help.

Code:
richard@elrond:~/.ssh$ more ssh_config
ClientAliveInterval 120
However, you probably really want this:

Code:
richard@elrond:~$ cat /etc/ssh/ssh_config

# This is the ssh client system-wide configuration file.  ...

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

Host *
#   ForwardAgent no
#   ForwardX11 no
#   ForwardX11Trusted yes
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
    SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes
    GSSAPIDelegateCredentials no
I can send more session logs later -- Is there no way to make the server log more info?

THanks for staying involved.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh - connection reset by peer laucian Linux - Newbie 4 05-10-2008 02:41 AM
ssh: Connection reset by peer Lotharster Linux - Security 6 01-29-2007 04:54 PM
SSH fatal: Read from socket failed: Connection reset by peer humbletech99 Linux - Networking 3 01-03-2007 06:41 PM
ssh connection reset by peer Brain Drop Linux - Software 4 07-30-2004 09:18 PM
ssh connection reset by peer bubsgt95 Linux - General 6 06-27-2003 10:24 PM


All times are GMT -5. The time now is 07:49 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration