Cant ssh, but ping works


Login or Register to Reply

 
Thread Tools Search this Thread
# 8  
Quote:
Originally Posted by gull04
Hi tomislav,

You could also run ssh in verbose mode like;

Code:
ssh -v user@host # This is quite Verbose.

or;

Code:
ssh -v -v -v user@host # This is extremely verbose.

I'd bet though that if you are getting nothing back and can ping the IP Address of the server or the Hostname of the server that ssh may not be properly set up.

Regards
Gull04
this is output
Code:
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 10.10.50.6 [10.10.50.6] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p1 Ubunt                                                                                                                                                             u-2ubuntu1
debug1: match: OpenSSH_6.6p1 Ubuntu-2ubuntu1 pat OpenSSH_6.5*,OpenSSH_6.6* compa                                                                                                                                                             t 0x14000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "10.10.50.6" from file "/root/.s                                                                                                                                                             sh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256@libssh.org                                                                                                                                                             ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-e                                                                                                                                                             xchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,di                                                                                                                                                             ffie-hellman-group1-sha1
debug2: Compat: skipping algorithm "curve25519-sha256@libssh.org"
debug2: compat_kex_proposal: compat KEX proposal: ecdh-sha2-nistp256,ecdh-sha2-n                                                                                                                                                             istp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-g                                                                                                                                                             roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug1: SSH2_MSG_KEXINIT sent

# 9  
Hi,

So where are you running the telnet command from, presumably a command window?

What application are you using for ssh?

Is ssh connection allowed as root on the remote server? (Although that would normally give an access denied message.)

Also there seems to be no key in the known hosts file or no known hosts file.

Oh and one more thing, can you send the output of cat /etc/ssh/ssh_config from the target system.

Regards

Gull04

Last edited by gull04; 11-07-2018 at 10:07 AM.. Reason: More Info
# 10  
Quote:
Originally Posted by gull04
Hi tomislav,

You could also run ssh in verbose mode like;

Code:
ssh -v user@host # This is quite Verbose.

or;

Code:
ssh -v -v -v user@host # This is extremely verbose.

I'd bet though that if you are getting nothing back and can ping the IP Address of the server or the Hostname of the server that ssh may not be properly set up.

Regards
Gull04
Quote:
Originally Posted by gull04
Hi,

So where are you running the telnet command from, presumably a command window?

What application are you using for ssh?

Is ssh connection allowed as root on the remote server? (Although that would normally give an access denied message.)

Also there seems to be no key in the known hosts file or no known hosts file.

Oh and one more thing, can you send the output of cat /etc/ssh/ssh_config from the target system.

Regards

Gull04
Code:
cat /etc/ssh/ssh_config
# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

Host *
#   ForwardAgent no
#   ForwardX11 no
#   ForwardX11Trusted yes
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   GSSAPIKeyExchange no
#   GSSAPITrustDNS no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h
    SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes
    GSSAPIDelegateCredentials no

# 11  
Hi Tomislav,

Just a quick question on this, can anybody connect to the target system using ssh or is it just a single system that can't connect?

Regards

Gull04
# 13  
The verbose execution shows that ssh is running and an authentication process seems to be starting up. But it seems strange, that it stops at the given output.
  1. Is this really all of the output you get? Please try again, wait up to a minute and if different post the output again.
  2. If possible take a tail -f /var/log/auth.log of the target server(via system console) and watch the messages, while trying to log in via ssh. Post those messages here.
# 14  
Best to debug from server side, the side you wish to connect to, if everything else seems ok.

You can do it by command line starting the ssh server with multiple (up to 3) -d switches, and observe the output on screen.
Or uncomment / change the LogLevel in sshd_config to DEBUG3, restart and look at system logs.

Much more verbose output will follow.
I used this to succesfully debug one switch network brand which was unable to connect to SSH server due to server and client unable to find a common cipher to agree on.
Once i got it to debug mode, a server wrote a nice message, and when a chosen Cipher was added to server everything worked.

After you have identified the problem, turn it off since it will produce a lot of logs and possibly invade peoples privacy.

Hope that helps
Regards
Peasant.
Login or Register to Reply

|
Thread Tools Search this Thread
Search this Thread:
Advanced Search

More UNIX and Linux Forum Topics You Might Find Helpful
PING to AIX works but TELNET FTP SSH doesn't work
filosophizer
root@PRD /> rsh DR KFAFH_DR: protocol failure due to unexpected closure from server end root@PRD /> telnet DR Trying... Connected to DR. Escape character is '^]'. Connection closed. root@PRD /> ftp DR Connected to KFAFH_DR. 421 Service not available, remote server has closed connection...... AIX
2
AIX
Passwordless SSH works, scp does not
corrado33
I know the "how to setup passwordless SSH" question is asked probably 5 times a week. I know how to setup passwordless SSH, it's not tough, however after reinstalling linux on my server, I found a problem. I could SSH into my server just fine, no password required, however SCP still required a...... UNIX for Dummies Questions & Answers
4
UNIX for Dummies Questions & Answers
Network issue on multinic. Unable to ping a host from One NIC but other works
khaniqshahid
Dear, I hope you all will be ok. I have an issue with Solaris box running on x86 Blade. I am unable to ping a node neither traceroute. I am able to do traceroute from oce0:6 port which have IP and subnet of same type which oce0:1 has. details are as follows: Problem: root@rinams02:/#...... Solaris
3
Solaris
SCP not working while SSH works
posix
Dear expert, I have gone through the thread A similar error arising for me , please find the debug logs. I have tried from another server to push a file using scp but not working for me. i am using SunOS SUNW,SPARC-Enterprise machine. Thanks... Solaris
5
Solaris
script to monitor if ssh works.
nua7
Hi All, I have a setup of around 100 servers with atleast 10 users on each box.The public key from one server has been created and updated on all other servers , so that passwordless login can be done from any use. We recently had a problem that ssh keys on one of the system was changed and...... UNIX for Advanced & Expert Users
2
UNIX for Advanced & Expert Users