Re: SSH vervolg

To: debian-user-dutch@lists.debian.org
Subject: Re: SSH vervolg
From: Paul van der Vlis <paul@vandervlis.nl>
Date: Mon, 22 Oct 2018 18:58:25 +0200
Message-id: <[🔎] 6cd7457a-2b3c-4f5e-2551-0a644ac62a7b@vandervlis.nl>
In-reply-to: <[🔎] CAMchUiEBY22N0siU95AFGsv4oGsgC3e9=9PM8GowK38G0w5-DQ@mail.gmail.com>
References: <[🔎] CAMchUiEBY22N0siU95AFGsv4oGsgC3e9=9PM8GowK38G0w5-DQ@mail.gmail.com>
Op 22-10-18 om 17:48 schreef Bas Neve:
> Wat vooraf ing:
> Ik heb een laptop met windows. Als ik met Putty + Key naar een server
> wil dan krijg ik verbinding.
> Probeer ik verbinding te maken met een virtuele debian machine naar
> diezelfde server dan lukt dit niet.
> 
> De oplossingsroute die door Paul vd Vlis voorgesteld word is om zelf een
> server te draaien en dan te 
> kijken waar het misgaat. 
> 
> /usr/sbin/sshd -ddd -D -p 2222 2>&1 | awk '{ print strftime("%T: "), $0;
> fflush(); }' | tee sshd.log
> 17:35:25:  debug2: load_server_config: filename /etc/ssh/sshd_config
> 17:35:25:  debug2: load_server_config: done config len = 284
> 17:35:25:  debug2: parse_server_config: config /etc/ssh/sshd_config len 284
> 17:35:25:  debug3: /etc/ssh/sshd_config:13 setting Port 2222
> 17:35:25:  debug3: /etc/ssh/sshd_config:61 setting
> ChallengeResponseAuthentication no
> 17:35:25:  debug3: /etc/ssh/sshd_config:84 setting UsePAM yes
> 17:35:25:  debug3: /etc/ssh/sshd_config:89 setting X11Forwarding yes
> 17:35:25:  debug3: /etc/ssh/sshd_config:93 setting PrintMotd no
> 17:35:25:  debug3: /etc/ssh/sshd_config:113 setting AcceptEnv LANG LC_*
> 17:35:25:  debug3: /etc/ssh/sshd_config:116 setting Subsystem
> sftp/usr/lib/openssh/sftp-server
> 17:35:25:  debug3: /etc/ssh/sshd_config:124 setting LogLevel DEBUG3
> 17:35:25:  debug1: sshd version OpenSSH_7.4, OpenSSL 1.0.2l  25 May 2017
> 17:35:25:  debug1: key_load_private: Permission denied
> 17:35:25:  Could not load host key: /etc/ssh/ssh_host_rsa_key
> 17:35:25:  debug1: key_load_private: Permission denied

Ik zie hier dat sshd niet bij de keys kan.
Als welke user draai je sshd? Normaal draai je sshd als root.

> 17:35:25:  Could not load host key: /etc/ssh/ssh_host_ecdsa_key
> 17:35:25:  debug1: key_load_private: Permission denied
> 17:35:25:  Could not load host key: /etc/ssh/ssh_host_ed25519_key
> 17:35:25:  debug1: setgroups() failed: Operation not permitted
> 17:35:25:  debug1: rexec_argv[0]='/usr/sbin/sshd'
> 17:35:25:  debug1: rexec_argv[1]='-ddd'
> 17:35:25:  debug1: rexec_argv[2]='-D'
> 17:35:25:  debug1: rexec_argv[3]='-p'
> 17:35:25:  debug1: rexec_argv[4]='2222'
> 17:35:25:  debug3: oom_adjust_setup
> 17:35:25:  debug1: Set /proc/self/oom_score_adj from 0 to -1000
> 17:35:25:  debug2: fd 3 setting O_NONBLOCK
> 17:35:25:  debug1: Bind to port 2222 on 0.0.0.0.
> 17:35:25:  Server listening on 0.0.0.0 port 2222.
> 17:35:25:  debug2: fd 4 setting O_NONBLOCK
> 17:35:25:  debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY
> 17:35:25:  debug1: Bind to port 2222 on ::.
> 17:35:25:  Server listening on :: port 2222.
> 17:35:29:  debug3: fd 5 is not O_NONBLOCK
> 17:35:29:  debug1: Server will not fork when running in debugging mode.
> 17:35:29:  debug3: send_rexec_state: entering fd = 8 config len 284
> 17:35:29:  debug3: ssh_msg_send: type 0
> 17:35:29:  debug3: send_rexec_state: done
> 17:35:29:  debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
> 17:35:29:  debug1: inetd sockets after dupping: 3, 3
> 17:35:29:  Connection from ::1 port 38542 on ::1 port 2222
> 17:35:29:  debug1: Client protocol version 2.0; client software version
> OpenSSH_7.4p1 Debian-10+deb9u4
> 17:35:29:  debug1: match: OpenSSH_7.4p1 Debian-10+deb9u4 pat OpenSSH*
> compat 0x04000000
> 17:35:29:  debug1: Local version string SSH-2.0-OpenSSH_7.4p1
> Debian-10+deb9u4
> 17:35:29:  debug1: Enabling compatibility mode for protocol 2.0
> 17:35:29:  debug2: fd 3 setting O_NONBLOCK
> 17:35:29:  debug3: ssh_sandbox_init: preparing seccomp filter sandbox
> 17:35:29:  debug2: Network child is on pid 7364
> 17:35:29:  debug3: preauth child monitor started
> 17:35:29:  debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
> 17:35:29:  debug3: ssh_sandbox_child: attaching seccomp filter program
> [preauth]
> 17:35:29:  debug1: list_hostkey_types:  [preauth]
> 17:35:29:  No supported key exchange algorithms [preauth]

Er zijn geen hostkeys beschikbaar daarom werkt het niet. Lijkt me.
Ik zou hetzelfde nog eens doen, maar dan sshd starten als root.

Connect je met Putty ook via IPv6?  Zo niet, dan is het misschien beter
om ook naar localhost te connecten met ipv4, ter vergelijk.

Groet,
Paul

> 17:35:29:  debug1: do_cleanup [preauth]
> 17:35:29:  debug3: PAM: sshpam_thread_cleanup entering [preauth]
> 17:35:29:  debug1: monitor_read_log: child log fd closed
> 17:35:29:  debug3: mm_request_receive entering
> 17:35:29:  debug1: do_cleanup
> 17:35:29:  debug3: PAM: sshpam_thread_cleanup entering
> 17:35:29:  debug1: Killing privsep child 7364
> 17:35:29:  debug1: audit_event: unhandled event 12
> 
> op de client zie ik:
>  
> ssh -vvv bas@localhost -p 2222
> OpenSSH_7.4p1 Debian-10+deb9u4, OpenSSL 1.0.2l  25 May 2017
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 18: Applying options for *
> debug2: resolving "localhost" port 2222
> debug2: ssh_connect_direct: needpriv 0
> debug1: Connecting to localhost [::1] port 2222.
> debug1: Connection established.
> debug1: identity file /home/bas/.ssh/id_rsa type 1
> debug1: key_load_public: No such file or directory
> debug1: identity file /home/bas/.ssh/id_rsa-cert type -1
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u4
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_7.4p1 Debian-10+deb9u4
> debug1: match: OpenSSH_7.4p1 Debian-10+deb9u4 pat OpenSSH* compat 0x04000000
> debug2: fd 3 setting O_NONBLOCK
> debug1: Authenticating to localhost:2222 as 'bas'
> debug3: put_host_port: [localhost]:2222
> debug3: hostkeys_foreach: reading file "/home/bas/.ssh/known_hosts"
> debug3: record_hostkey: found key type ECDSA in file
> /home/bas/.ssh/known_hosts:3
> debug3: load_hostkeys: loaded 1 keys from [localhost]:2222
> debug3: order_hostkeyalgs: prefer hostkeyalgs:
> ecdsa-sha2-nistp256-cert-v01@openssh.com
> <mailto:ecdsa-sha2-nistp256-cert-v01@openssh.com>,ecdsa-sha2-nistp384-cert-v01@openssh.com
> <mailto:ecdsa-sha2-nistp384-cert-v01@openssh.com>,ecdsa-sha2-nistp521-cert-v01@openssh.com
> <mailto:ecdsa-sha2-nistp521-cert-v01@openssh.com>,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
> debug3: send packet: type 20
> debug1: SSH2_MSG_KEXINIT sent
> Connection reset by ::1 port 2222
> 
> 
> Graag ontvang ik een bevestiging retour.
> 
> Met vriendelijke groet,
> 
> Bas Neve
> bastiaanneve@gmail.com <mailto:bastiaanneve@gmail.com>
> 316 14 12 00 71
> 
> 
> 
> 
> 
> 
> 



-- 
Paul van der Vlis Linux systeembeheer Groningen
https://www.vandervlis.nl/
Reply to:
References:
- SSH vervolg
  - From: Bas Neve <bastiaanneve@gmail.com>
Prev by Date: Re: SSH
Next by Date: Re: SSH, debug1: Offering RSA public key: /root/.ssh/id_rsa
Previous by thread: SSH vervolg
Next by thread: NodeJS installeren
Index(es):
- Date
- Thread