Bug#613505: marked as done (ssh client fails to login to any ssh server ("reset by peer"))

To: Matt Taggart <matt@lackof.org>
Subject: Bug#613505: marked as done (ssh client fails to login to any ssh server ("reset by peer"))
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Wed, 05 Oct 2022 00:27:03 +0000
Message-id: <[🔎] handler.613505.D612607.1664929539156557.ackdone@bugs.debian.org>
Reply-to: 613505@bugs.debian.org
References: <b7a2354e-750a-cac0-89a4-357d1f83b5e5@lackof.org> <4D5A5704.9080801@held.org.il>

Your message dated Tue, 4 Oct 2022 17:17:57 -0700
with message-id <b7a2354e-750a-cac0-89a4-357d1f83b5e5@lackof.org>
and subject line RE: Connecting to older ssh version has cipher negotiation problem
has caused the Debian Bug report #612607,
regarding ssh client fails to login to any ssh server ("reset by peer")
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
612607: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612607
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: ssh client fails to login to any ssh server ("reset by peer")
From: Oren Held <oren@held.org.il>
Date: Tue, 15 Feb 2011 12:35:48 +0200
Message-id: <4D5A5704.9080801@held.org.il>

Package: openssh-client
Version: 1:5.8p1-2
Severity: serious

Since the last update to 5.8p1, I can no more login to any ssh server.
- I think it's tightly related to Ubuntu's
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493
- Problem gets solved when downgrading back to 5.5p6

Here's the output, first  brief, then verbose (-vvv):
orenhe@orenhe-laptop:~/src/xiv_xsf/_meta/packaging[master]$ ssh
root@orenhe-rhel5.ps
Read from socket failed: Connection reset by peer

orenhe@orenhe-laptop:~/src/xiv_xsf/_meta/packaging[master]$ ssh -vvv
root@orenhe-rhel5.ps
OpenSSH_5.8p1 Debian-2, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/orenhe/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to orenhe-rhel5.ps [9.151.147.165] port 22.
debug1: Connection established.
debug1: identity file /home/orenhe/.ssh/id_rsa type -1
debug1: identity file /home/orenhe/.ssh/id_rsa-cert type -1
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/orenhe/.ssh/id_dsa" as a RSA1 public key
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/orenhe/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/orenhe/.ssh/id_dsa-cert type -1
debug1: identity file /home/orenhe/.ssh/id_ecdsa type -1
debug1: identity file /home/orenhe/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-2
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "orenhe-rhel5.ps" from
file "/home/orenhe/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit:
ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit:
reserved 0 debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit:
reserved 0 debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Connection reset by peer



-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openssh-client depends on:
ii  adduser              3.112+nmu2          add and remove users and groups
ii  debconf [debconf-2.0 1.5.38              Debian configuration
management sy
ii  dpkg                 1.15.8.10           Debian package management
system
ii  libc6                2.11.2-11           Embedded GNU C Library:
Shared lib
ii  libedit2             2.11-20080614-2     BSD editline and history
libraries
ii  libgssapi-krb5-2     1.8.3+dfsg-4        MIT Kerberos runtime
libraries - k
ii  libselinux1          2.0.96-1            SELinux runtime shared
libraries
ii  libssl0.9.8          0.9.8o-5            SSL shared libraries
ii  passwd               1:4.1.4.2+svn3283-2 change and administer
password and
ii  zlib1g               1:1.2.3.4.dfsg-3    compression library - runtime

Versions of packages openssh-client recommends:
ii  openssh-blacklist             0.4.1      list of default blacklisted
OpenSS
ii  openssh-blacklist-extra       0.4.1      list of non-default
blacklisted Op
ii  xauth                         1:1.0.5-1  X authentication utility

Versions of packages openssh-client suggests:
pn  keychain                     <none>      (no description available)
pn  libpam-ssh                   <none>      (no description available)
ii  ssh-askpass                  1:1.2.4.1-9 under X, asks user for a
passphras

-- no debconf information

--- End Message ---

--- Begin Message ---

To: 612607-close@bugs.debian.org

Subject: RE: Connecting to older ssh version has cipher negotiation problem

From: Matt Taggart <matt@lackof.org>

Date: Tue, 4 Oct 2022 17:17:57 -0700

Message-id: <b7a2354e-750a-cac0-89a4-357d1f83b5e5@lackof.org>

This bug report is 11 years old now and for a very old version ofopenssh. Also the original reporter appears to be connecting to a remoteserver with version string "OpenSSH_4.3p2-hpn" which appears to be someHP-UX version. Other reports don't provide enough info to be sure theyare related and the linked Ubuntu bug is totally crazy with unrelated stuff.
Closing this, if you are reading this because some internet search for aproblem you are having brought you here, feel free to file a new bug ifA) you are using Debian, B) you have tested with a current version, andC) you provide plenty of details. :)
--
Matt Taggart
matt@lackof.org
--- End Message ---

Reply to:

Prev by Date: Bug#612607: marked as done (Connecting to older ssh version has cipher negotiation problem)
Next by Date: Bug#613649: marked as done (openssh-client: After upgrading to 1:5.8p1-2 ssh fails to connect to some servers)
Previous by thread: Bug#612607: marked as done (Connecting to older ssh version has cipher negotiation problem)
Next by thread: Bug#613649: marked as done (openssh-client: After upgrading to 1:5.8p1-2 ssh fails to connect to some servers)
Index(es):
- Date
- Thread