I can not secure copy files between my servers - linux

I have two servers ,
SERVER1: the first is installed with Redhat 7.7
SERVER2: the second server is installed with Redhat 6.10
The problem can be described in below 4 point:
1- I can ssh from SERVER1 to SERVER 2 and vice versa
as below:
> SERVER1,root,root # ssh SERVER2
>
> Last login: Sat May 16 02:06:48 2020 from x.x.x.x
>
> Agent pid 103002
>
> SERVER2,root,root #
To be noted that there is a new file is created under /tmp
> SERVER2,root,root # ll /tmp/ssh-tuqA103001
>
> total 0
>
> srw------- 1 root root 0 May 21 11:45 agent.103001
>
> SERVER2,root,root #
also ssh command ommits output Agent pid 103002 as above
each time a new file is created with a new number
2- I can ssh from SERVER2 to SERVER1 as below:
> SERVER2,root,root # ssh SERVER1
> Last login: Thu May 21 11:13:45 2020
> from x.x.x.x
> SERVER1,root,root #
to be noted that ssh does not omit the agent pid nor create any files under /tmp
3- I can scp any file from SERVER2 to SERVER1 as below:
> SERVER2,root,root # scp -rp test.sh SERVER1:/tmp
> test.sh 100% 470 0.5KB/s 00:00
> SERVER2,root,root#
4- But I can't transfer any file from SERVER1 to SERVER2 as below:
> SERVER1,root,root # scp -rp foo SERVER2:/tmp
> Agent pid 107142
> SERVER1,root,root #
I have captured the debug log for this scp failure as below:
SERVER1,root,root # scp -rpvvv foo SERVER2:/tmp
Executing: program /usr/bin/ssh host SERVER2, user (unspecified), command scp -v -r -p -t /tmp
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 49: Applying options for *
debug2: resolving "SERVER2" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to SERVER2 [SERVER2] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type 2
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to SERVER2:22 as 'root'
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from SERVER2
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ssh-ed25519-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: MACs ctos: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: compression ctos: none,zlib#openssh.com
debug2: compression stoc: none,zlib#openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64#openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64#openssh.com compression: none
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug3: send packet: type 34
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug3: receive packet: type 31
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 1577/3072
debug3: send packet: type 32
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug3: receive packet: type 33
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:Pcht7p5vfFNXT6fZIcf8m7qG3xdMViWiIVKGcaHV/xg
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 135.183.142.155
debug1: Host '135.183.142.155' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug2: bits set: 1542/3072
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /root/.ssh/id_rsa (0x55ebe8e53f10)
debug2: key: /root/.ssh/id_dsa (0x55ebe8e54300)
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug2: key: /root/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp SHA256:y9b1WKq87QvObEImsrh2qzj4Xucf4Zcq2Zz9uCEWfiw
debug3: sign_and_send_pubkey: RSA SHA256:y9b1WKq87QvObEImsrh2qzj4Xucf4Zcq2Zz9uCEWfiw
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to SERVER2 ([SERVER2]:22).
debug2: fd 4 setting O_NONBLOCK
debug2: fd 5 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions#openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 91
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x08
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug3: Ignored env XDG_SESSION_ID
debug3: Ignored env GUESTFISH_INIT
debug3: Ignored env HOSTNAME
debug3: Ignored env TERM
debug3: Ignored env SHELL
debug3: Ignored env HISTSIZE
debug3: Ignored env SSH_CLIENT
debug3: Ignored env QTDIR
debug3: Ignored env QTINC
debug3: Ignored env SSH_TTY
debug3: Ignored env QT_GRAPHICSSYSTEM_CHECKED
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env ENV
debug3: Ignored env GUESTFISH_PS1
debug3: Ignored env MAIL
debug3: Ignored env PATH
debug3: Ignored env PWD
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: send packet: type 98
debug3: Ignored env GUESTFISH_OUTPUT
debug3: Ignored env PS1
debug3: Ignored env HISTCONTROL
debug3: Ignored env SHLVL
debug3: Ignored env HOME
debug3: Ignored env LOGNAME
debug3: Ignored env QTLIB
debug3: Ignored env CVS_RSH
debug3: Ignored env XDG_DATA_DIRS
debug3: Ignored env SSH_CONNECTION
debug3: Ignored env LESSOPEN
debug3: Ignored env XDG_RUNTIME_DIR
debug3: Ignored env GUESTFISH_RESTORE
debug3: Ignored env HISTFILE
debug3: Ignored env OLDPWD
debug3: Ignored env _
debug1: Sending command: scp -v -r -p -t /tmp
debug2: channel 0: request exec confirm 1
debug3: send packet: type 98
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
Agent pid 107427
debug2: channel 0: read<=0 rfd 4 len 0
debug2: channel 0: read failed
debug2: channel 0: close_read
debug2: channel 0: input open -> drain
debug2: channel 0: ibuf empty
debug2: channel 0: send eof
debug3: send packet: type 96
debug2: channel 0: input drain -> closed
ionnoclab2,root,root # debug2: channel 0: write failed
debug2: channel 0: close_write
debug2: channel 0: send eow
debug3: send packet: type 98
debug2: channel 0: output open -> closed
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug3: receive packet: type 96
debug2: channel 0: rcvd eof
debug3: receive packet: type 97
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug3: send packet: type 97
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
debug3: send packet: type 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 3312, received 2880 bytes, in 0.1 seconds
Bytes per second: sent 41262.8, received 35880.7
debug1: Exit status 0
SERVER1,root,root #**
What do you think the issue is? and how to solve it?

Related

How to exctract a string from terminal in Linux?

When I execute a script, I obtain the following text into terminal:
GN status:
MAC addr: 10:98:C3:73:64:CD
Lastest Update Time: 2021-11-18 10:26:18(GMT+0)
--- Media Layer---
TX Packet:
Total: 68360
Success: 68360
Failure: 0
RX Packet:
Total: 751063
Success: 751063
Dropped: 0
CRC Error: 313
All I want to do is to obtain the value 751063:
RX Packet:
Total: 751063
How can I show only this number into the terminal and erase all the other words?

Have you tried anything on your own?
this will work:
your_command|grep 'RX Packet:' -A1|grep Total|head -1|awk '{print $2}'

GPG Still sees good sign with revoked subkey still works

I have created a key, and created a subkey. With a subkey, I signed a file. Verification works. Revoked the key, verification does not hold. This is the expected behavior.
However, If I try to sign with the same subkey and verify it still works. What am I doing wrong? Here is what am I doing in full:
$ gpg --gen-key
$ gpg -k
/Users/mustafa/.gnupg/pubring.kbx
---------------------------------
pub rsa2048 2019-02-03 [SC] [expires: 2021-02-02]
5DD923FBCF6392A5CB366167D4C0627A07510C6C
uid [ultimate] Mustafa <mustafa91#gmail.com>
sub rsa2048 2019-02-03 [E] [expires: 2021-02-02]
Using edit key, add a subkey.
$ gpg --edit-key 5DD923FBCF6392A5CB366167D4C0627A07510C6C
sec rsa2048/D4C0627A07510C6C
created: 2019-02-03 expires: 2021-02-02 usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/E058B91696C43666
created: 2019-02-03 expires: 2021-02-02 usage: E
gpg> addkey
sec rsa2048/D4C0627A07510C6C
created: 2019-02-03 expires: 2021-02-02 usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/E058B91696C43666
created: 2019-02-03 expires: 2021-02-02 usage: E
ssb rsa2048/38616BDAE66E418C
created: 2019-02-03 expires: 2019-02-13 usage: S
[ultimate] (1). Mustafa <mustafa91#gmail.com>
gpg> q
Save changes? (y/N) y
Sign a file and verify it.
$ gpg --armor --detach-sign --default-key 38616BDAE66E418C test.txt
gpg: using "38616BDAE66E418C" as default secret key for signing
$ gpg --verify test.txt.asc test.txt
gpg: Signature made Sun Feb 3 21:49:43 2019 +03
gpg: using RSA key 485FC77FC73DA3B800C7F41538616BDAE66E418C
gpg: Good signature from "Mustafa <mustafa91#gmail.com>" [ultimate]
Revoke the key with message "This key is now in the hands of the enemy."
$ gpg --edit-key 5DD923FBCF6392A5CB366167D4C0627A07510C6C
gpg> key 2
sec rsa2048/D4C0627A07510C6C
created: 2019-02-03 expires: 2021-02-02 usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/E058B91696C43666
created: 2019-02-03 expires: 2021-02-02 usage: E
ssb* rsa2048/38616BDAE66E418C
created: 2019-02-03 expires: 2019-02-13 usage: S
gpg> revkey
sec rsa2048/D4C0627A07510C6C
created: 2019-02-03 expires: 2021-02-02 usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/E058B91696C43666
created: 2019-02-03 expires: 2021-02-02 usage: E
The following key was revoked on 2019-02-03 by RSA key D4C0627A07510C6C Mustafa <mustafa91#gmail.com>
ssb rsa2048/38616BDAE66E418C
created: 2019-02-03 revoked: 2019-02-03 usage: S
[ultimate] (1). Mustafa <mustafa91#gmail.com>
Try to verify the old signature and see it fails.
$ gpg --verify test.txt.asc test.txt
gpg: Signature made Sun Feb 3 21:49:43 2019 +03
gpg: using RSA key 485FC77FC73DA3B800C7F41538616BDAE66E418C
gpg: Good signature from "Mustafa <mustafa91#gmail.com>" [ultimate]
gpg: WARNING: This subkey has been revoked by its owner!
gpg: reason for revocation: Key has been compromised
gpg: revocation comment: This key is now in the hands of the enemy.
However, trying to sign with revoked key.
$ rm test.key.asc
$ gpg --armor --detach-sign --default-key 38616BDAE66E418C test.txt
gpg: using "38616BDAE66E418C" as default secret key for signing
Why does it not fail? How can it be verified?
$ gpg --verify test.txt.asc test.txt
gpg: Signature made Sun Feb 3 21:53:11 2019 +03
gpg: using RSA key 5DD923FBCF6392A5CB366167D4C0627A07510C6C
gpg: Good signature from "Mustafa <mustafa91#gmail.com>" [ultimate]

Look at your last two excerpts. Despite the fact that you specified the default signing key to be 38616BDAE66E418C, when you do the verify it reports having been signed with D4C0627A07510C6C.
If you utilize the -v verbose option of gpg, you will see that if the specified default key is revoked, it falls back to the next usable signing key.
To illustrate this, I recreated your scenario:
sec rsa2048/4E5CB15076F1318E
created: 2019-02-09 expires: 2021-02-08 usage: SC
trust: ultimate validity: ultimate
ssb rsa2048/3303CBB274AECA3B
created: 2019-02-09 expires: 2021-02-08 usage: E
The following key was revoked on 2019-02-09 by RSA key 4E5CB15076F1318E Herp Derp <herp#derp.com>
ssb rsa2048/8ABD3900E64E7972
created: 2019-02-09 revoked: 2019-02-09 usage: S
[ultimate] (1). Herp Derp <herp#derp.com>
Signing with subkey prior to revoking:
$ gpg -v --armor --detach-sign --default-key 8ABD3900E64E7972 test.txt
gpg: using pgp trust model
gpg: using "8ABD3900E64E7972" as default secret key for signing
gpg: using subkey 8ABD3900E64E7972 instead of primary key 4E5CB15076F1318E
gpg: writing to 'test.txt.asc'
gpg: RSA/SHA256 signature from: "8ABD3900E64E7972 Herp Derp <herp#derp.com>"
Signing with subkey after revoking:
$ gpg -v --armor --detach-sign --default-key 8ABD3900E64E7972 test.txt
gpg: Note: signature key 8ABD3900E64E7972 has been revoked
gpg: using pgp trust model
gpg: using "8ABD3900E64E7972" as default secret key for signing
gpg: Note: signature key 8ABD3900E64E7972 has been revoked
gpg: writing to 'test.txt.asc'
gpg: RSA/SHA256 signature from: "4E5CB15076F1318E Herp Derp <herp#derp.com>"
You can see that in the second example, gpg identifies the subkey as revoked and falls back to the primary key.

SSH connection issue only by bash script

The bash script try connect a remote host through:
CNX=$(bash -c 'exec 3<> /dev/tcp/'$OPCION'/'22';echo $?' 2>/dev/null)
if [ "$CNX" = "1" ]; then
telnet "$OPCION"
else
ssh -vvv "$OPCION"
fi
But it finish with this error:
ssh_exchange_identification: read: Connection reset by peer
[myuser#vmlnx01 .escrip]$ ./menu
Usar CRTL + C para salir.
Patron a buscar:
remot
1) RemoteRouter
#? 1
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 57: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to RemoteRouter [1.1.1.1] port 22.
debug1: Connection established.
debug1: identity file /home/myuser/.ssh/id_rsa type -1
debug1: identity file /home/myuser/.ssh/id_rsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_dsa type -1
debug1: identity file /home/myuser/.ssh/id_dsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa type -1
debug1: identity file /home/myuser/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/myuser/.ssh/id_ed25519 type -1
debug1: identity file /home/myuser/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
ssh_exchange_identification: read: Connection reset by peer
Connection to remote host without script is successful:
^C[myuser#vmlnx01 .escrip]$ ssh RemoteRouter
------------------
ACCESO RESTRINGIDO
------------------
myuser#RemoteRouter's password:
The remote host is a router and it shows this logs:
RP/0/RSP1/CPU0:Apr 5 03:55:46.210 : SSHD_[65590]: %SECURITY-SSHD-6-INFO_GENERAL : Client 10.108.120.4 closes socket connection
RP/0/RSP1/CPU0:Apr 5 03:55:46.211 : SSHD_[65590]: %SECURITY-SSHD-3-ERR_GENERAL : Failed in version exchange

gpshell "delete_key" command return 6a80 (Wrong data)

I imported several GlobalPlatform keys in my javacard with different key version. i can create secure channel by new key but when i want delete one of them i receive sw=6a80 result. My script is:
mode_211
enable_trace
establish_context
card_connect -readerNumber 1
select -AID A000000018434D00
open_sc -security 0 -keyind 0 -keyver 02 -mac_key 47454d5850524553534f53414d504c45-enc_key 47454d5850524553534f53414d504c45-kek_key 47454d5850524553534f53414d504c45// Open secure channel
delete_key -keyver 08 -keyind 0
get_status -element 40
card_disconnect
release_contex
I also try second script which open secure channel with same key but the result is sw = 6a80,
mode_211
enable_trace
establish_context
card_connect -readerNumber 1
select -AID A000000018434D00
open_sc -security 0 -keyind 0 -keyver 08 -mac_key 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f -kek_key 404142434445464748494a4b4c4d4e4f // Open secure channel
delete_key -keyver 08 -keyind 0
get_status -element 40
card_disconnect
release_context
the apdu trace is:
Command --> 80CA006600
Wrapped command --> 80CA006600
Response <-- 664C734A06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864
886FC6B03640B06092A864886FC6B040105650B06092B8510864864020103660C060A2B060104012
A026E01029000
Command --> 8050020008919F9B915C23C5D600
Wrapped command --> 8050020008919F9B915C23C5D600
Response <-- 4D0022840106A57C224F020137AFC43375EF54A1A60DF8A01B351A189000
Command --> 8482000010E61BDA493C17D649ED414E4AD2356F3C
Wrapped command --> 8482000010E61BDA493C17D649ED414E4AD2356F3C
Response <-- 9000
delete_key -keyver 08 -keyind 0
Command --> 80E4000006D00100D2010800
Wrapped command --> 80E4000006D00100D2010800
Response <-- 6A80
delete_key() return 0x80206A80 (6A80: Wrong data / Incorrect values in command d
ata.)
get_status -element 40
Command --> 80F24000024F0000
Wrapped command --> 80F24000024F0000
Response <-- 09A0000003080000100007049000
Anyone can help me. Thanks a lot.

Storing command output in bash "Here Document"

Below is a small bash script. The expected output after connecting to the server is to print Hello World and in the next line the current month and year - like Jan 2014. For using VARIABLE1 in the 'here document', I need dollar expansion, so the terminating character ~ is not quoted.
VARIABLE1="World"
ssh username#server.domain.com <<~
echo "Hello $VARIABLE1"
COMMAND1=`date +%b`
COMMAND2=$(date +%Y)
echo "$COMMAND1 $COMMAND2"
~
The actual output that I get is this :
Pseudo-terminal will not be allocated because stdin is not a terminal.
Password:
Hello World
When ssh is run in verbose mode, here is last part of the output:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: *****
debug1: Trying private key: *****
debug1: Next authentication method: keyboard-interactive
Password:
debug1: Authentication succeeded (keyboard-interactive).
debug1: Final hpn_buffer_size = *****
debug1: HPN Disabled: 0, HPN Buffer Size: *****
debug1: channel 0: new [client-session]
debug1: Enabled Dynamic Window Scaling
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
Hello World
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
Transferred: sent 1552, received 2360 bytes, in 0.1 seconds
Bytes per second: sent 17253.2, received 26235.6
debug1: Exit status 0
Could somebody point out the bug here? Why doesn't it print Jan 2014?

There is some information here about how to force a tty, however, your script should work if you escape your characters properly:
VARIABLE1="World"
ssh username#server.domain.com <<EOF
echo Hello $VARIABLE1
COMMAND1=\`date +%b\`
COMMAND2=\$(date +%Y)
echo "\$COMMAND1 \$COMMAND2"
EOF
If you want to force the tty:
ssh -t -t user#domain.com <<EOF
echo Hello $VARIABLE1
COMMAND1=\`date +%b\`
COMMAND2=\$(date +%Y)
echo "\$COMMAND1 \$COMMAND2"
exit
EOF
Alternatively, you could just send the script as an argument to ssh:
ssh user#domain.com "echo Hello $VARIABLE1;COMMAND1=\`date +%b\`; COMMAND2=\$(date +%Y); echo \$COMMAND1 \$COMMAND2"
EDIT: If you want to disable the message about the Pseudo-terminal allocation use "-T":
VARIABLE1="World"
ssh -T username#server.domain.com <<EOF
echo Hello $VARIABLE1
COMMAND1=\`date +%b\`
COMMAND2=\$(date +%Y)
echo "\$COMMAND1 \$COMMAND2"
EOF

Resources