On 01/08/18 03:57, Dan Ritter wrote: > On Tue, Jul 31, 2018 at 11:38:34AM -0400, Karen Lewellen wrote: >> Hi everyone, >> While the question seems simple, at least to me, the reason behind it is >> complicated. so I am hoping to focus on the question first. >> During the dh key exchange process, where do the user dh key packets come >> from software wise? > > You generate a private/public key pair with ssh-keygen, and send > the public key over to your destination in advance, so that they > can recognize you. Yes, but that's not the dh (Diffie-Hellman) key. Diffie-Hellman key exchange is to generate a one-time session key that is discarded after the session is finished. >> I have a problem now where each place I try to visit using my ssh client, >> and my sftp one, I am getting a dh key exchange failure. >> using the -v command is not shedding light on the issue. >> I am using the same client now to reach another service, but here we use a >> different port from port 22. >> the error started on the 29th of June, and the company providing my dsl >> service did claim to have a service issue on that day. >> However they do not speak Linux let alone anything else Unusual. >> Thoughts? > > > Are you having problems SSHing to all servers that you try, or > just to one in particular? > > If it's just one, and that one uses a port other than 22, it's > likely that your DSL company started filtering that port on the > 29th. If it was a simple port filtering issue, then you'd get something like 'Connection Refused' or 'Destination unreachable' or 'Connection timed out' - you wouldn't get as far as dh key exchange. I'm not an expert in this, so might have some details wrong, but I think the gist of it is right. Happy to be corrected. Richard
Attachment:
signature.asc
Description: OpenPGP digital signature