Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ssh fails from one server only with expecting SSH2_MSG_KEXDH_REPLY message
Top Forums Shell Programming and Scripting ssh fails from one server only with expecting SSH2_MSG_KEXDH_REPLY message Post 303042869 by RudiC on Thursday 9th of January 2020 03:31:54 AM
Old 01-09-2020
Quote:
Originally Posted by mohtashims
. . .
The openssl version on both linux source 12.7.44.18 and 12.7.45.18 is the same.
.
.
.
Sure the setup / configuration is identical on the two linux machines? The authentication processes don't indicate they are:


Code:
$ diff -by file[12] | grep "[<>|]"
                                                              > debug3: kex names ok: [curve25519-sha256,curve25519-sha256@li
debug3: record_hostkey: found key type ECDSA in file /home/lo <
debug3: load_hostkeys: loaded 1 keys from 12.7.33.18          <
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nis <
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@l | debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@l
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@ope | debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@ope
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ct | debug2: ciphers ctos: aes128-cbc,aes192-cbc,aes256-cbc,aes128
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ct | debug2: ciphers stoc: aes128-cbc,aes192-cbc,aes256-cbc,aes128
debug1: kex: algorithm: ecdh-sha2-nistp256                    | debug1: kex: algorithm: diffie-hellman-group14-sha1
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@o | debug1: kex: server->client cipher: aes128-cbc MAC: umac-64@o
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@o | debug1: kex: client->server cipher: aes128-cbc MAC: umac-64@o
debug1: kex: ecdh-sha2-nistp256 need=16 dh_need=16            | debug1: kex: diffie-hellman-group14-sha1 need=16 dh_need=16
debug1: kex: ecdh-sha2-nistp256 need=16 dh_need=16            | debug1: kex: diffie-hellman-group14-sha1 need=16 dh_need=16
                                                              > debug1: sending SSH2_MSG_KEXDH_INIT
                                                              > debug2: bits set: 1032/2048
debug1: sending SSH2_MSG_KEX_ECDH_INIT                        | debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY                     | Connection closed by 12.7.33.18 port 22
debug3: receive packet: type 31                               <
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:wxeB4GcDm <
 debug3: hostkeys_foreach: reading file "/home/localuser/.ssh/ <


Compare and report back.
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

unzip command fails in ssh

I'm trying to run a set of commands on a remote machine using ssh in a shell script. One of the commands is unzip. But when the execution reaches this command, the script fails with an error that unzip is not found. Below is the code and the error snippet. sourceDir=$1 ; filename=$3 ; destDir=$2... (4 Replies)
Discussion started by: farahzaiba
4 Replies

2. Shell Programming and Scripting

How to capture actual error message when a command fails to execute

I want to capture actual error message in case the commands I use in my shell script fails. For eg: ls -l abc.txt 2>>errorlog.txt In this case I understand the error message is written to the errorlog.txt and I assume its bacause the return code from the command ls -l abc might return 2 if... (3 Replies)
Discussion started by: prathima
3 Replies

3. Shell Programming and Scripting

Need Help with expect when ssh fails

I'm trying to write a script using expect. I'd like the script to execute several commands when the ssh succeeds and i want it to exit if the ssh fails. Does this require to define a time out for the ssh command so that if the prompt is back before this defined time the next commands are executed??... (2 Replies)
Discussion started by: Hossam_Nox
2 Replies

4. Ubuntu

Passwordless ssh authentication fails

Unable to set ssh passwordless authentication I am unable to ssh with passwordless authentication from Windows client onto UBuntu server. The ssh version on UBuntu is OpenSSH_5.8p1 Debian-7ubuntu1, OpenSSL 1.0.0e , while SSH on Windows Client is OpenSSH_5.1p1, OpenSSL 0.9.8k. I turned on ssh... (5 Replies)
Discussion started by: tkota
5 Replies

5. Solaris

Usbcopy fails with the error message sol-11_1-live-x86.usb is not a multiple of 512

I am trying to create a live image of solaris 11.1. I have used #pkg image-update to upgrade from 11 to 11.1 already. (since only 11.1 can make images of 11.1 due to using new grub) then from within 11.1 I used pkg install install distribution-constructor to get latest usbcopy that should be... (1 Reply)
Discussion started by: taltamir
1 Replies

6. Shell Programming and Scripting

While loop not reading all files if ssh fails

The below while loop is in ksh on a SunOs server: SPARC-Enterprise 5.10 The ksh version is: Version M-11/16/88i The intention of the below while loop is to read through a list of file names in files.txt and delete each file from a server, one at a time. The delete works, the problem is that if... (6 Replies)
Discussion started by: LES2013
6 Replies

7. Shell Programming and Scripting

Windows exe file fails when triggered from ssh

Hi, I am triggering a windows exe file using the below command. ssh user@remoteserver command.exe -option1:xx /option2:yy This command is working fine from windows command prompt. When I am triggering the same command from ssh I get the error message cant load Any ideas to deal with... (2 Replies)
Discussion started by: ahmedwaseem2000
2 Replies

8. IP Networking

Insmod custom module fails with message : disagrees about version of symbol ...

Hello : I want to make a netfilter conntrack module for myself. So I copy all the source code about netfilter conntrack from kernel source tree to my external directory. It can be insmod after compiled. Then I add some members to the struct nf_conn, and it 's compiled successfully. However, it... (1 Reply)
Discussion started by: 915086731
1 Replies

9. Shell Programming and Scripting

Ssh fails due to argument position.

I have a constraint to follow organization policy. So i do not have much liberty. ssh -i /opt/nonprod user1@hostone -t bash works while ssh -i /opt/nonprod -t bash user1@hostone fails How can I get this to work when I am enforced to put -t bash before the user@hostname ? Will share debug... (3 Replies)
Discussion started by: mohtashims
3 Replies

10. Shell Programming and Scripting

Ssh fails for one of two users on the same server.

I have two users on dest_host server viz wlsadm & wasadm. From src_host server with root user I m able to passwordless login to wlsadm@dest_host however, the same fails for wasadm@dest_host Below is the debug for both first the working ssh and then the non-working ssh. Works: ... (6 Replies)
Discussion started by: mohtashims
6 Replies

LEARN ABOUT PHP

ssh2_connect

SSH2_CONNECT(3) 							 1							   SSH2_CONNECT(3)

ssh2_connect - Connect to an SSH server

SYNOPSIS

       resource ssh2_connect (string  $host, [int  $port = 22], [array	$methods], [array  $callbacks])

DESCRIPTION

	Establish a connection to a remote SSH server.

	Once connected, the client should verify the server's hostkey using ssh2_fingerprint(3), then authenticate using either password or public
       key.

PARAMETERS

	      o $host
		-

	      o $port
		-

	      o $methods
		-$methods may be an associative array with up to four parameters as described below.

	      $methods may be an associative array with any or all of the following parameters.

	       * - Supported Values are dependent on methods supported by underlying library. See libssh2 documentation  for  additional  informa-
	      tion.

	      $client_to_server and $server_to_client may be an associative array with any or all of the following parameters.

	      +------+--------------------------------------+---+
	      |Index |					    |	|
	      |      |					    |	|
	      |      |		     Meaning		    |	|
	      |      |					    |	|
	      |      |		Supported Values*	    |	|
	      |      |					    |	|
	      +------+--------------------------------------+---+
	      |crypt |					    |	|
	      |      |					    |	|
	      |      | List of crypto methods to advertise, |	|
	      |      | comma separated in order of  prefer- |	|
	      |      | ence.				    |	|
	      |      |					    |	|
	      |      |					    |	|
	      |      | rijndael-cbc@lysator.liu.se,	    |	|
	      |      | aes256-cbc, aes192-cbc,	aes128-cbc, |	|
	      |      | 3des-cbc, blowfish-cbc, cast128-cbc, |	|
	      |      | arcfour, and none**		    |	|
	      |      |					    |	|
	      |comp  |					    |	|
	      |      |					    |	|
	      |      | List  of  compression   methods	 to |	|
	      |      | advertise,  comma separated in order |	|
	      |      | of preference.			    |	|
	      |      |					    |	|
	      |      |					    |	|
	      |      |		  zlib and none 	    |	|
	      |      |					    |	|
	      | mac  |					    |	|
	      |      |					    |	|
	      |      | List of MAC  methods  to  advertise, |	|
	      |      | comma  separated in order of prefer- |	|
	      |      | ence.				    |	|
	      |      |					    |	|
	      |      |					    |	|
	      |      | hmac-sha1,    hmac-sha1-96,    hmac- |	|
	      |      | ripemd160,		      hmac- |	|
	      |      | ripemd160@openssh.com, and none**    |	|
	      |      |					    |	|
	      +------+--------------------------------------+---+
	      Note

		     Crypt and MAC method " none"

		      For security reasons, none is disabled by the underlying libssh2 library unless explicitly  enabled  during  build  time	by
		     using the appropriate ./configure options. See documentation for the underlying library for more information.

	      o $callbacks
		-$callbacks may be an associative array with any or all of the following parameters.

	       Callbacks parameters

	      +-----------+--------------------------------------+---+
	      |  Index	  |					 |   |
	      | 	  |					 |   |
	      | 	  |		  Meaning		 |   |
	      | 	  |					 |   |
	      | 	  |		 Prototype		 |   |
	      | 	  |					 |   |
	      +-----------+--------------------------------------+---+
	      |  ignore   |					 |   |
	      | 	  |					 |   |
	      | 	  |  Name  of  function  to call when an |   |
	      | 	  | SSH2_MSG_IGNORE packet is received	 |   |
	      | 	  |					 |   |
	      | 	  |	  void ignore_cb($message)	 |   |
	      | 	  |					 |   |
	      |  debug	  |					 |   |
	      | 	  |					 |   |
	      | 	  |  Name of function to  call	when  an |   |
	      | 	  | SSH2_MSG_DEBUG packet is received	 |   |
	      | 	  |					 |   |
	      | 	  | void  debug_cb($message,  $language, |   |
	      | 	  | $always_display)			 |   |
	      | 	  |					 |   |
	      | macerror  |					 |   |
	      | 	  |					 |   |
	      | 	  |  Name of function  to  call  when  a |   |
	      | 	  | packet  is	received but the message |   |
	      | 	  | authentication code failed.  If  the |   |
	      | 	  | callback  returns TRUE, the mismatch |   |
	      | 	  | will be ignored, otherwise the  con- |   |
	      | 	  | nection will be terminated. 	 |   |
	      | 	  |					 |   |
	      | 	  |	 bool macerror_cb($packet)	 |   |
	      | 	  |					 |   |
	      |disconnect |					 |   |
	      | 	  |					 |   |
	      | 	  |  Name  of  function  to call when an |   |
	      | 	  | SSH2_MSG_DISCONNECT    packet     is |   |
	      | 	  | received				 |   |
	      | 	  |					 |   |
	      | 	  | void   disconnect_cb($reason,  $mes- |   |
	      | 	  | sage, $language)			 |   |
	      | 	  |					 |   |
	      +-----------+--------------------------------------+---+
RETURN VALUES

	Returns a resource on success, or FALSE on error.

EXAMPLES

       Example #1

	      ssh2_connect(3) example

	       Open a connection forcing 3des-cbc when sending packets, any strength aes cipher when receiving packets, no compression	in  either
	      direction, and Group1 key exchange.

	      <?php
	      /* Notify the user if the server terminates the connection */
	      function my_ssh_disconnect($reason, $message, $language) {
		printf("Server disconnected with reason code [%d] and message: %s
",
		       $reason, $message);
	      }

	      $methods = array(
		'kex' => 'diffie-hellman-group1-sha1',
		'client_to_server' => array(
		  'crypt' => '3des-cbc',
		  'comp' => 'none'),
		'server_to_client' => array(
		  'crypt' => 'aes256-cbc,aes192-cbc,aes128-cbc',
		  'comp' => 'none'));

	      $callbacks = array('disconnect' => 'my_ssh_disconnect');

	      $connection = ssh2_connect('shell.example.com', 22, $methods, $callbacks);
	      if (!$connection) die('Connection failed');
	      ?>

SEE ALSO

       ssh2_fingerprint(3), ssh2_auth_none(3), ssh2_auth_password(3), ssh2_auth_pubkey_file(3).

PHP Documentation Group 													   SSH2_CONNECT(3)
All times are GMT -4. The time now is 09:30 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy