Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have problem to connect with SSH to remote host but only on my home network (provider). If I am at another network (my friend in same city - different provider) the connection works perfect. Ping to the server (at my home) works. Also this problem I have only with this server. If I try connect to other host from my home network, it works. What should I do?
nich#ubuntu:/etc$ ssh -vvv xxx#www.sci.muni.cz
OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to www.sci.muni.cz [147.251.24.3] port 22.
debug1: Connection established.
debug1: identity file /home/nich/.ssh/id_rsa type -1
debug1: identity file /home/nich/.ssh/id_rsa-cert type -1
debug1: identity file /home/nich/.ssh/id_dsa type -1
debug1: identity file /home/nich/.ssh/id_dsa-cert type -1
debug1: identity file /home/nich/.ssh/id_ecdsa type -1
debug1: identity file /home/nich/.ssh/id_ecdsa-cert type -1
ssh_exchange_identification: Connection closed by remote host
nich#ubuntu:/etc$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 12.04.2 LTS
Release: 12.04
Codename: precise
Here's how you can attempt to create a tunnel.
intermediary is a machine you trust to do the forwarding for you
remote is the machine you're trying to get to
ssh -N -L 20000:remote:22 user#intermediary
Once you do this your local machine will listen on port 20000. When you connect with ssh to this port, on your host, the connection will be forwarded over the tunnel to intermediary who will in turn forward it to remote.
Related
I have a site hosted by an Amazon Web Server and I use a ssh connection to access it.
Suddenly the server stopped answering (I was deleting caches of some symfony2 applications as I do frequently).
First it told me:
ssh_exchange_identification: read: Connection reset by peer
And now it's not answering at all (not by ssh neither by the website)
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to xxxxxxxxxx.eu-central-1.compute.amazonaws.com [xxxxxxxx] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/xxxx/.ssh/xxxxxx.pem" as a RSA1 public key
debug1: identity file /home/xxxxx/.ssh/xxxxx.pem type -1
debug1: identity file /home/xxxxx/.ssh/xxxxxx.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
ssh_exchange_identification: read: Connection reset by peer
What can it be?
This problem happened before, and after some hours it stopped.
Can it be a RAM problem? I am thinking that maybe some action I did in the server may have blocked him (just like a normal computer that is being too much requested).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
While working on a Microsoft Azure virtual machine I noticed it was lagging significantly, so I decided to run the sudo reboot command then ssh back in. When I tried to ssh back in with
ssh user#ipaddress
i got the error:
ssh: connect to host xxx.xx.xx.xxx port 22: Operation timed out.
When I run the ssh command using -vvv i get:
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug1: /etc/ssh/ssh_config line 53: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to xxx.xx.xx.xxx [xxx.xx.xx.xxx] port 22.
debug1: connect to address xxx.xx.xx.xxx port 22: Operation timed out
ssh: connect to host xxx.xx.xx.xxx port 22: Operation timed out
If you did a shutdown, IP of machine has been changed. Check it in the control panel.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 6 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I have an AWS EC2 instance of Ubuntu 14.04. It's been about 6 months since I've logged into it, and now I can't get logged in.
I get Permission denied (Public Key)
The thing is, I backed up my .pem file in 3 places, and none of them work. I'm pretty experienced with AWS, and I've never had this happen before.
The command I'm using is ssh -v -i mykey.pem ubuntu#192.168.0.1
The output I'm getting from the command is this:
OpenSSH_7.1p2, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Connecting to ec2-192-168-0-1.compute-1.amazonaws.com [192.168.0.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file mykey.pem type -1
debug1: key_load_public: No such file or directory
debug1: identity file mykey.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version PaloAltoNetworks_0.2
debug1: no match: PaloAltoNetworks_0.2
debug1: Authenticating to ec2-192-168-0-1.compute-1.amazonaws.com:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<7680<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:Mt8dMlt7QdgQ9kiju3OATK43jnN9oV2pZ4oGZdd46PA
debug1: Host 'ec2-192-168-0-1.compute-1.amazonaws.com' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:34
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: mykey.pem
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
I have tried rebooting the machine several times.
I've tried this from 3 different locations, one with no firewall at all, and I get the same thing (except of course the lines about firewalls).
I finally gave up on trying to SSH in, and decided to use the AWS Management Console connect (A Java SSH Client directly from my browser (Java required))
This has failed. It doesn't support Chrome, and when I try from Firefox, it just freezes up, and never does anything...with no error in the browser console (that I can find...I'm kind of noob at browser troubleshooting).
It does the same thing in Edge and IE. I have tried this on all 3 computers, on Ubuntu Desktop, and Windows 10 with no luck.
After that fail, I found somewhere that said I can save it to a snapshot, and start a new instance from that snapshot, and use a different .pem file, just in case all 3 of my copies were somehow magically corrupt. I tried that, and the clone I made wouldn't ever start correctly (1/2 status check).
Is there anything I haven't tried?
EDIT 1
I have also tried changing the permissions of the .pem file to 400 and 600, as well as deleting the known_hosts file. Neither of these proved to be a solution.
Do you have any monitoring on the instance? If the disk filled up, that might explain some of the problems, but Cloudwatch won't be able to tell you how much space is in use. This might explain why an AMI won't boot correctly. You should be able to get to the boot log from the AWS console which might have some information in it. If the problem is disk space, you can launch another instance from your AMI but specify a large disk.
Is it possible that the instance was hacked somehow? If someone took it over, they may have changed/removed the key, or even changed the port sshd is listening to.
If your instance is truly hosed, and you want to get the data off it, you should be able to take a snapshot, create a new volume from that snapshot, and mount the resulting volume on a new instance.
Run
chmod 400 mykey.pem
And then try ssh again. This could be the error for Permission denied (Public Key).
I've had problems when the permissions on my key were to open.
I have a small application that's trying to do a dozen parallel "scp" runs, pulling files from a remote system. Usually, it runs fine.
Sometimes, one or two of the scp runs quietly dies.
("quiet" if pulling from Linux. If pulling from HP-UX, I get a message
like Connection reset by peer.)
If I add "-v" to my scp commands, then when a failure occurs, I see that I'm
getting "ssh_exchange_identification: read: Connection reset by peer"
(on Linux ... haven't tried the -v on HP-UX).
Here's the "scp -v" output for a typical run, with the point where a 'bad'
run and a 'good' run diverge indicated:
Executing: program /usr/bin/ssh host wilbur, user (unspecified), command scp -v -p -f /home/sieler/source/misc/[p-q]*.[ch]
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 51: Applying options for *
debug1: Connecting to wilbur [10.84.3.61] port 22.
debug1: Connection established.
debug1: identity file /Users/sieler/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/sieler/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/sieler/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/sieler/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/sieler/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/sieler/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/sieler/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/sieler/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
'bad' and 'good' runs match up to this point, then...
Bad:
ssh_exchange_identification: read: Connection reset by peer
Good:
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to wilbur:22 as 'sieler'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr umac-64#openssh.com none
debug1: kex: client->server aes128-ctr umac-64#openssh.com none
...
Although the usual host machine for the script and scp runs is a Mac, running OS X 10.11.4, the problem was been reproduced to/from several combinations
of Mac/Linux/HP-UX (enough to rule out it being a Mac or HP-UX specific problem).
IIRC, using scp to pull from Linux to Mac has had the problem,
as well as pulling from HP-UX to Mac, and pulling from Linux to HP-UX.
Haven't tried pulling from Mac or HP-UX to Linux.
Is there something about scp/ssh/openssh that parallel usage sometimes fails?
If I run sshd on the Linux system with -ddd, then the demon stops after
the first scp accesses it (the scp has no problem),
and the other eleven scp runs fail.
Thanks
This is probably caused by the limitation of parallel sessions in sshd_config. By default, server is configured to do "random early drop", which means refusing new connections, if amount of active is bigger than some limit. The responsible option is MaxStartups (from man sshd_config):
MaxStartups
Specifies the maximum number of concurrent unauthenticated connections to the SSH daemon. Additional connections will be dropped until authentication succeeds or the LoginGraceTime expires for a connection. The default is 10:30:100.
Alternatively, random early drop can be enabled by specifying the three colon separated values “start:rate:full” (e.g. "10:30:60"). sshd(8) will refuse connection attempts with a probability of “rate/100” (30%) if there are currently “start” (10) unauthenticated connections. The probability increases linearly and all connection attempts are refused if the number of unauthenticated connections reaches “full” (60).
Bumping the value to something bigger than the amount of connections you expect should solve your problem. Otherwise, you can set LogLevel DEBUG3 in sshd_config to see more logs in system log.
But when you are connecting to the same server, it is better to use connection multiplexing. It will be faster and you will not have these problems. Check out ControlMaster option in ssh_config or just check my similar answer for fast excursion to this "magic".
I am trying to connect to remote solaris machine from a linux server using ssh but not able to connect to the solaris machine. I am using below ssd command to connect to the solaris machine
ssh <host_name>
After giving this command, I am not getting any prompt for username and password. Is it the limitation for linux to solaris connection ??
The output is:
root#host> ssh -v user#solaris_host
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to solaris_host [solaris_host] port 22.
debug1: connect to address solaris_host port 22: Connection timed out
ssh: connect to host solaris_host port 22: Connection timed out
Go over following steps
Check the network connectivity with your target, e.g. ping.
Check if the port 22 is open on your remote host e.g. nmap -A 192.168.0.5/32 -p 22
Check if ssh daemon is running on your target svcs ssh
Come back, when the problem still exists.