Bug#638940: openssh-client: Regression from 5.5p1 to 5.8p1 - unable to connect to servers
Package: openssh-client
Version: 1:5.8p1-7
Severity: important
Connections fail with:
Read from socket failed: Connection reset by peer
example failed connections:
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.5p1 FreeBSD-20061110
debug1: match: OpenSSH_4.5p1 FreeBSD-20061110 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-7
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 zlib@openssh.com
debug1: kex: client->server aes128-ctr hmac-md5 zlib@openssh.com
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Connection reset by peer
and:
debug1: Remote protocol version 2.0, remote software version dropbear_0.52
debug1: no match: dropbear_0.52
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-7
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 zlib@openssh.com
debug1: kex: client->server aes128-ctr hmac-md5 zlib@openssh.com
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
Read from socket failed: Connection reset by peer
also:
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5
debug1: match: OpenSSH_5.1p1 Debian-5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-7
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 zlib@openssh.com
debug1: kex: client->server aes128-ctr hmac-md5 zlib@openssh.com
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Connection reset by peer
downgrading to 5.5p1 solves the problem (also using dbclient from dropbear works)
Some servers work ok even with 5.8 client, particularly 5.8 openssh servers
-- System Information:
Debian Release: 6.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (x86_64)
Kernel: Linux 3.1.0-rc2 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL (charmap=ISO-8859-2)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-client depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii debconf [de 1.5.36.1 Debian configuration management sy
ii dpkg 1.15.8.11 Debian package management system
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libedit2 2.11-20080614-2 BSD editline and history libraries
ii libgssapi-k 1.8.3+dfsg-4squeeze1 MIT Kerberos runtime libraries - k
ii libssl0.9.8 0.9.8o-4squeeze1 SSL shared libraries
ii passwd 1:4.1.4.2+svn3283-2+squeeze1 change and administer password and
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
Versions of packages openssh-client recommends:
ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS
pn openssh-blacklist-extra <none> (no description available)
ii xauth 1:1.0.4-1 X authentication utility
Versions of packages openssh-client suggests:
ii keychain 2.6.8-2 key manager for OpenSSH
pn libpam-ssh <none> (no description available)
ii ssh-askpass-fullscreen [ssh-a 0.3-3 Under Gnome2, asks user for a pass
-- no debconf information
Reply to: