Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?

To: debian-user@lists.debian.org
Subject: Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?
From: Vincent Lefevre <vincent@vinc17.net>
Date: Fri, 15 Dec 2023 01:29:26 +0100
Message-id: <[🔎] 20231215002926.GA982518@zira.vinc17.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] ZXtRqAUIxrw5sgVR@wooledge.org>
References: <[🔎] 20231214155128.GA3516314@cventin.lip.ens-lyon.fr> <[🔎] 20231214160310.GA24506@singvogel.net> <[🔎] 20231214161428.GB3516314@cventin.lip.ens-lyon.fr> <[🔎] ZXtRqAUIxrw5sgVR@wooledge.org>

On 2023-12-14 14:04:08 -0500, Greg Wooledge wrote:
> On Thu, Dec 14, 2023 at 05:14:28PM +0100, Vincent Lefevre wrote:
> > I have the latest version!!! I recall that this is a Debian/unstable
> > machine, which I upgrade regularly. So, everytime I get such an error,
> > I have the latest client.
> 
> Just for the record, saying you have the "latest" version of something
> is unhelpful.  This goes double when you're on a testing or unstable
> system.  We don't know how long ago you updated, or what mirrors you're
> using, or what errors might have occurred the last time you updated,
> or whether you have a locally installed version of "ssh" in your PATH
> before /usr/bin/ssh, or... anything.  Anything at all.
> 
> When asking for help, it's best to give all of the relevant details up
> front.  Start by saying you're on Debian unstable.  Then give the
> installed package version (as printed by "dpkg -l openssh-client")
> and the output of "ssh -V".

As I've said in my message: I've upgraded to openssh-client 1:9.5p1-2.

The versions up to 9.4 were fine, i.e. I got a detailed error message.

> Since this is a problem with ssh, which uses a client/server architecture,
> giving the version of the server's sshd would also help.

openssh-server 1:7.9p1-10+deb10u3

but I don't think this is useful.

> Finally, if you've customized something that's relevant, be sure to
> include that.  For the ssh client, customizations are done in the
> /etc/ssh/ssh_config and ~/.ssh/config files.  Anything you've changed
> or added there would be important to disclose.

At the time of the test:

IdentitiesOnly yes
TCPKeepAlive no
ControlPath /tmp/ssh-%h-%p-%r
SendEnv LANG LC_*
ProxyCommand none
StrictHostKeyChecking yes

(and the last change was "KeepAlive no" → "TCPKeepAlive no"
in June 2022).

> If you've customized anything on the server end (i.e. in
> /etc/ssh/sshd_config) then you should disclose that as well.

Note that I am not the admin of the server. I can see that
MaxStartups was changed to "MaxStartups 20:30:120". But the
last change was done in June.

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to:

References:
- openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?
  - From: Vincent Lefevre <vincent@vinc17.net>
- Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?
  - From: Klaus Singvogel <deb-user-ml@singvogel.net>
- Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?
  - From: Vincent Lefevre <vincent@vinc17.net>
- Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?
  - From: Greg Wooledge <greg@wooledge.org>

Prev by Date: Re: differences among amd64 and i386
Next by Date: Re: Debian 12.4.0
Previous by thread: Re: openssh: missing kex_exchange_identification ssh error messages with 1:9.5p1-2?
Next by thread: Problem with php after upgrading to Bookworm
Index(es):
- Date
- Thread