touch-packages team mailing list archive

Thread
Date
Re: [Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Gary Salisbury <708493@xxxxxxxxxxxxxxxxxx>
Date: Fri, 20 Feb 2015 17:25:14 -0000
Reply-to: Bug 708493 <708493@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Use dbclient ...

On 20 February 2015 at 19:07, Mike <smartptr@xxxxxxxxx> wrote:

> Hello,
> Not sure it is the same problem here, but I cannot connect to my machine
> if go through NAT.
> If I connect directly from LAN everything works, but if I use the external
> IP, then I get connection reset after debug1: SSH2_MSG_KEXINIT sent.
>
> Client and server is the same machine. I tried to set MTU to 1400 and
> 400 with no effect, also changed the net.ipv4.tcp_rmem setting and tried
> different cipher algorithms with no luck.
>
> Linux 3.16.0-31-generic #41-Ubuntu
> Ubuntu 14.10
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/708493
>
> Title:
>   Can't login anymore: Read from socket failed: Connection reset by peer
>
> Status in openssh package in Ubuntu:
>   Confirmed
> Status in openssh package in Debian:
>   New
>
> Bug description:
>   After todays update to
>   1:5.7p1-1ubuntu1
>   I cannot login to SOME (!) of my servers. Example of a server failing:
>
>   ~$ ssh -v root@mail
>   OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
>   debug1: Reading configuration data /home/hildeb/.ssh/config
>   debug1: Reading configuration data /etc/ssh/ssh_config
>   debug1: Applying options for *
>   debug1: Connecting to mail [141.42.202.200] port 22.
>   debug1: Connection established.
>   debug1: identity file /home/hildeb/.ssh/id_rsa type -1
>   debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
>   debug1: identity file /home/hildeb/.ssh/id_dsa type 2
>   debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
>   debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
>   debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
>   debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
>   debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
>   debug1: Remote protocol version 1.99, remote software version
> OpenSSH_5.5p1 Debian-6
>   debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
>   debug1: Enabling compatibility mode for protocol 2.0
>   debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
>   debug1: SSH2_MSG_KEXINIT sent
>   debug1: SSH2_MSG_KEXINIT received
>   debug1: kex: server->client aes128-ctr hmac-md5 none
>   debug1: kex: client->server aes128-ctr hmac-md5 none
>   debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>   debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>   Read from socket failed: Connection reset by peer
>
>   There is NOTHING in daemon.log, auth.log or syslog on the server I'm
>   trying to connect to.
>
>   Example of a server NOT failing:
>
>   $ ssh -v root@netsight
>   OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
>   debug1: Reading configuration data /home/hildeb/.ssh/config
>   debug1: Reading configuration data /etc/ssh/ssh_config
>   debug1: Applying options for *
>   debug1: Connecting to netsight [10.47.2.222] port 22.
>   debug1: Connection established.
>   debug1: identity file /home/hildeb/.ssh/id_rsa type -1
>   debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
>   debug1: identity file /home/hildeb/.ssh/id_dsa type 2
>   debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
>   debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
>   debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
>   debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
>   debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
>   debug1: Remote protocol version 2.0, remote software version
> OpenSSH_5.5p1 Debian-6
>   debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
>   debug1: Enabling compatibility mode for protocol 2.0
>   debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
>   debug1: SSH2_MSG_KEXINIT sent
>   debug1: SSH2_MSG_KEXINIT received
>   debug1: kex: server->client aes128-ctr hmac-md5 none
>   debug1: kex: client->server aes128-ctr hmac-md5 none
>   debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>   debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>   debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>   debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>   debug1: Server host key: RSA
> 18:ce:76:c7:7c:f4:98:94:28:8f:62:4a:31:e8:5b:c9
>   debug1: Host 'netsight' is known and matches the RSA host key.
>   debug1: Found key in /home/hildeb/.ssh/known_hosts:56
>   debug1: ssh_rsa_verify: signature correct
>   debug1: SSH2_MSG_NEWKEYS sent
>   debug1: expecting SSH2_MSG_NEWKEYS
>   debug1: SSH2_MSG_NEWKEYS received
>   debug1: Roaming not allowed by server
>   debug1: SSH2_MSG_SERVICE_REQUEST sent
>   debug1: SSH2_MSG_SERVICE_ACCEPT received
>   debug1: Authentications that can continue: publickey,keyboard-interactive
>   debug1: Next authentication method: publickey
>   debug1: Offering DSA public key: /home/hildeb/.ssh/id_dsa
>   debug1: Server accepts key: pkalg ssh-dss blen 433
>   debug1: Authentication succeeded (publickey).
>   Authenticated to netsight ([10.47.2.222]:22).
>   debug1: channel 0: new [client-session]
>   debug1: Requesting no-more-sessions@xxxxxxxxxxx
>   debug1: Entering interactive session.
>   debug1: Sending environment.
>   debug1: Sending env LC_MESSAGES = en_US.utf8
>   debug1: Sending env LANG = de_DE.UTF-8
>
>   ProblemType: Bug
>   DistroRelease: Ubuntu 11.04
>   Package: openssh-client 1:5.7p1-1ubuntu1
>   ProcVersionSignature: Ubuntu 2.6.37-12.26-generic 2.6.37
>   Uname: Linux 2.6.37-12-generic x86_64
>   Architecture: amd64
>   Date: Thu Jan 27 09:13:15 2011
>   ProcEnviron:
>    LANGUAGE=en_US:en
>    LANG=de_DE.UTF-8
>    LC_MESSAGES=en_US.utf8
>    SHELL=/bin/bash
>   RelatedPackageVersions:
>    ssh-askpass N/A
>    libpam-ssh N/A
>    keychain N/A
>    ssh-askpass-gnome 1:5.7p1-1ubuntu1
>   SSHClientVersion: OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun
> 2010
>   SourcePackage: openssh
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions
>

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/708493

Title:
  Can't login anymore: Read from socket failed: Connection reset by peer

Status in openssh package in Ubuntu:
  Confirmed
Status in openssh package in Debian:
  New

Bug description:
  After todays update to
  1:5.7p1-1ubuntu1
  I cannot login to SOME (!) of my servers. Example of a server failing:

  ~$ ssh -v root@mail
  OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
  debug1: Reading configuration data /home/hildeb/.ssh/config
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug1: Applying options for *
  debug1: Connecting to mail [141.42.202.200] port 22.
  debug1: Connection established.
  debug1: identity file /home/hildeb/.ssh/id_rsa type -1
  debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
  debug1: identity file /home/hildeb/.ssh/id_dsa type 2
  debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
  debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
  debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
  debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
  debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
  debug1: Remote protocol version 1.99, remote software version OpenSSH_5.5p1 Debian-6
  debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-ctr hmac-md5 none
  debug1: kex: client->server aes128-ctr hmac-md5 none
  debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  Read from socket failed: Connection reset by peer

  There is NOTHING in daemon.log, auth.log or syslog on the server I'm
  trying to connect to.

  Example of a server NOT failing:

  $ ssh -v root@netsight
  OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
  debug1: Reading configuration data /home/hildeb/.ssh/config
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug1: Applying options for *
  debug1: Connecting to netsight [10.47.2.222] port 22.
  debug1: Connection established.
  debug1: identity file /home/hildeb/.ssh/id_rsa type -1
  debug1: identity file /home/hildeb/.ssh/id_rsa-cert type -1
  debug1: identity file /home/hildeb/.ssh/id_dsa type 2
  debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
  debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
  debug1: identity file /home/hildeb/.ssh/id_dsa-cert type -1
  debug1: identity file /home/hildeb/.ssh/id_ecdsa type -1
  debug1: identity file /home/hildeb/.ssh/id_ecdsa-cert type -1
  debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-6
  debug1: match: OpenSSH_5.5p1 Debian-6 pat OpenSSH*
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_5.7p1 Debian-1ubuntu1
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-ctr hmac-md5 none
  debug1: kex: client->server aes128-ctr hmac-md5 none
  debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  debug1: Server host key: RSA 18:ce:76:c7:7c:f4:98:94:28:8f:62:4a:31:e8:5b:c9
  debug1: Host 'netsight' is known and matches the RSA host key.
  debug1: Found key in /home/hildeb/.ssh/known_hosts:56
  debug1: ssh_rsa_verify: signature correct
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug1: SSH2_MSG_NEWKEYS received
  debug1: Roaming not allowed by server
  debug1: SSH2_MSG_SERVICE_REQUEST sent
  debug1: SSH2_MSG_SERVICE_ACCEPT received
  debug1: Authentications that can continue: publickey,keyboard-interactive
  debug1: Next authentication method: publickey
  debug1: Offering DSA public key: /home/hildeb/.ssh/id_dsa
  debug1: Server accepts key: pkalg ssh-dss blen 433
  debug1: Authentication succeeded (publickey).
  Authenticated to netsight ([10.47.2.222]:22).
  debug1: channel 0: new [client-session]
  debug1: Requesting no-more-sessions@xxxxxxxxxxx
  debug1: Entering interactive session.
  debug1: Sending environment.
  debug1: Sending env LC_MESSAGES = en_US.utf8
  debug1: Sending env LANG = de_DE.UTF-8

  ProblemType: Bug
  DistroRelease: Ubuntu 11.04
  Package: openssh-client 1:5.7p1-1ubuntu1
  ProcVersionSignature: Ubuntu 2.6.37-12.26-generic 2.6.37
  Uname: Linux 2.6.37-12-generic x86_64
  Architecture: amd64
  Date: Thu Jan 27 09:13:15 2011
  ProcEnviron:
   LANGUAGE=en_US:en
   LANG=de_DE.UTF-8
   LC_MESSAGES=en_US.utf8
   SHELL=/bin/bash
  RelatedPackageVersions:
   ssh-askpass N/A
   libpam-ssh N/A
   keychain N/A
   ssh-askpass-gnome 1:5.7p1-1ubuntu1
  SSHClientVersion: OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
  SourcePackage: openssh

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions
Follow ups

Re: [Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
From: Mike, 2015-02-20
References

[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer
From: Mike, 2015-02-20