Haven't seen this ssh output before

To: debian-user@lists.debian.org
Subject: Haven't seen this ssh output before
From: Harry Putnam <reader@newsguy.com>
Date: Tue, 25 Nov 2014 20:31:58 -0500
Message-id: <[🔎] 87tx1mpx0x.fsf@reader.local.lan>
Running debian jessie

I have one openindiana (solaris) host on my home lan. That host has
had no updates or changes recently.

Following a `full-upgrade' yesterday on a debian host, I am now seeing
an ssh failure with output I have not seen before, when ssh from
openindian host to debian host (newly full upgraded).

>From here on I'll refer to the hosts as LOCAL-sol and REMOTE-deb

The LOCAL-sol host can ssh to all other lan hosts without problems,
including 2 other debian hosts (not recently upgraded)

So cutting to the chase: It appears likely that something changed on
REMOTE-deb that is causing incoming ssh from LOCAL-sol to fail.
Apparently something in the OS makeup of LOCAL-sol host
disagrees with some recent change in REMOTE-deb.

I use the following command very often until now:

from: LOCAL-sol ssh to  REMOTE-deb

Note that I do not use any kind of key matching, agents or what not... just
straight ssh password access for quite a long time.

Also note as posted above... this same LOCAL-sol host can ssh to other
(non-upgraded) debian hosts on my lan with no problem.

-------       -------       ---=---       -------       ------- 
harry-on-REMOTE-sol > ssh REMOTE-deb

   no common kex alg: client
   'diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1',
   server   
   'curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1'

-------       -------       ---=---       -------       -------

(ssh Verbose output is posted futher along).

Its possible I've changed something on the LOCAL-sol  host... but can't think
what it might be.

Further, the ssh -vv ouput below is pretty confusing to me, and did
not help me debug it.

Googling the above error output lead to some similar occurances but
from quite a good while  ago... 2005-2006 and I did not see the solution.

-------       -------       ---=---       -------       -------

from LOCAL-sol > ssh -vv  REMOTE-deb
(I've edited host names below, where ever I saw them)

Sun_SSH_1.5, SSH protocols 1.5/2.0, OpenSSL 0x0090819f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to REMOTE-deb [192.168.0.5] port 22.
debug1: Connection established.
debug1: identity file /home/harry/.ssh/identity type -1
debug1: identity file /home/harry/.ssh/id_rsa type -1
debug1: identity file /home/harry/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-3
debug1: match: OpenSSH_6.7p1 Debian-3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.5
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,3des-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,3des-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: en-US
debug2: kex_parse_kexinit: en-US
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible

)
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,3des-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,3des-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: en-US
debug2: kex_parse_kexinit: en-US
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none

no common kex alg: client 'diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1', server 'curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1'
debug1: Calling cleanup 0x807a08c(0x0)
Reply to:
Follow-Ups:
- Re: Haven't seen this ssh output before
  - From: Jochen Spieker <ml@well-adjusted.de>
Prev by Date: Re: How to override fuse args to ntfs-3g to set permissions?
Next by Date: Re: Headless server just got suspended by updating systemd
Previous by thread: solved: nfs mounting
Next by thread: Re: Haven't seen this ssh output before
Index(es):
- Date
- Thread