[SOLVED] Cannot connect through ssh

splintercdo · 01-26-2012, 12:32 AM

Everything seems to be configured correctly, but when trying to connect, using:
ssh -v localhost
I get

Code:

OpenSSH_5.8p1 Debian-7ubuntu1, OpenSSL 1.0.0e 6 Sep 2011
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/janis/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-4096
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-4096
debug1: identity file /home/janis/.ssh/id_rsa-cert type -1
debug1: identity file /home/janis/.ssh/id_dsa type -1
debug1: identity file /home/janis/.ssh/id_dsa-cert type -1
debug1: identity file /home/janis/.ssh/id_ecdsa type -1
debug1: identity file /home/janis/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-7ubuntu1
debug1: match: OpenSSH_5.8p1 Debian-7ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-7ubuntu1
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer

Key is identified, everything seems to be OK.

Tested if ssh server is working with
ps -A | grep sshd
got

Code:

681 ?        00:00:00 sshd

All is cool.

Tested if sshd is listening on port 22 with
sudo ss -lnp | grep sshd
got

Code:

0      128                           :::22                           :::*      users:(("sshd",681,4))
0      128                            *:22                            *:*      users:(("sshd",681,3))

All is cool.

Tested to connect using actual IP too, the same result!

Why is Peer(Server) resetting the connection?

evo2 · 01-26-2012, 01:26 AM

Hi,

at first glance it looks like a ssh protocol 1 vs protocol 2 problem.

Have you tried reading the log file for messages from sshd?
eg

Code:

grep sshd /var/log/auth.log

Evo2.

splintercdo · 01-26-2012, 01:52 AM

Thanks for the answer!

Yes I did notice too that it is going into compatibility mode for version 2 protocol and it looked suspicious! Thanks for pointing out and reminding me of that and where to look further.

splintercdo · 01-26-2012, 08:33 PM

Finally I solved it! Took me long enough. Was sitting, correcting my own mistakes and understanding how does Linux and ssh work for 4 hours

1. It wasn't protocol v.1 vs v.2 problem.

2. What I did to make peer reset connection was I did not understood that the keys which are generated in path of ssh itself(keys are for registration of accepted hosts) does not have any relation to authentication keys. Silly thing what I did was I removed those keys from /etc/ssh. (gladly I was smart enough to put them in sub folder for insurance and it paid off, was able to play with them later on.) And logically, that was the reason why peer was resetting connection, because host did not had allowance to connect to the server!

3. After that I had to solve the puzzle why is sshd rejecting my private key and again my mistake, when setting up for some reason I made folder named authorized_keys in my ~/.ssh and paste there the public authentication key. The correct way to set up public key information was instead of making folder - make file with the same name authorized_keys, open public key file, copy content of it and paste it into authorized_keys!

I hope that at least some experienced Linux admins have a good laugh at this!