1 |
On Thursday 23 Feb 2017 20:10:05 Mick wrote: |
2 |
> I am trying to understand why an ssh server keeps dropping the connection |
3 |
> when using openssh on Linux straight after a successful authentication, but |
4 |
> it works fine with Filezilla in MSWindows. |
5 |
> |
6 |
> The connection initially appears to succeed like so: |
7 |
> |
8 |
> debug2: service_accept: ssh-userauth |
9 |
> debug1: SSH2_MSG_SERVICE_ACCEPT received |
10 |
> debug3: send packet: type 50 |
11 |
> debug3: receive packet: type 51 |
12 |
> debug1: Authentications that can continue: password |
13 |
> debug3: start over, passed a different list password |
14 |
> debug3: preferred publickey,keyboard-interactive,password |
15 |
> debug3: authmethod_lookup password |
16 |
> debug3: remaining preferred: ,keyboard-interactive,password |
17 |
> debug3: authmethod_is_enabled password |
18 |
> debug1: Next authentication method: password |
19 |
> user_name@server_name.com's password: |
20 |
> debug3: send packet: type 50 |
21 |
> debug2: we sent a password packet, wait for reply |
22 |
> debug3: receive packet: type 52 |
23 |
> debug1: Single to Multithread CTR cipher swap - client request |
24 |
> debug1: Authentication succeeded (password). |
25 |
> Authenticated to server_name.com ([123.456.78.9]:22). |
26 |
> |
27 |
> |
28 |
> Then it starts renegotiating keys and it eventually fails: |
29 |
> |
30 |
> debug1: Final hpn_buffer_size = 2097152 |
31 |
> debug1: HPN Disabled: 0, HPN Buffer Size: 2097152 |
32 |
> debug1: channel 0: new [client-session] |
33 |
> debug1: Enabled Dynamic Window Scaling |
34 |
> debug3: ssh_session2_open: channel_new: 0 |
35 |
> debug2: channel 0: send open |
36 |
> debug3: ssh_packet_send2: rekex triggered |
37 |
> debug1: enqueue packet: 90 |
38 |
> debug3: send packet: type 20 |
39 |
> debug1: SSH2_MSG_KEXINIT sent |
40 |
> debug1: Entering interactive session. |
41 |
> debug1: pledge: network |
42 |
> debug1: rekeying in progress |
43 |
> debug1: rekeying in progress |
44 |
> debug3: receive packet: type 20 |
45 |
> debug1: SSH2_MSG_KEXINIT received |
46 |
> debug1: AUTH STATE IS 1 |
47 |
> debug2: local client KEXINIT proposal |
48 |
> debug2: KEX algorithms: curve25519-sha256@××××××.org,diffie-hellman-group- |
49 |
> exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sh |
50 |
> a1 debug2: host key algorithms: |
51 |
> ssh-rsa-cert-v01@×××××××.com,rsa-sha2-512,rsa- |
52 |
> sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@×××××××.com,ecdsa-sha2-nistp3 |
53 |
> 84- |
54 |
> cert-v01@×××××××.com,ecdsa-sha2-nistp521-cert-v01@×××××××.com,ssh-ed25519- |
55 |
> cert-v01@×××××××.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2- |
56 |
> nistp521,ssh-ed25519 |
57 |
> debug2: ciphers ctos: chacha20-poly1305@×××××××.com,aes256- |
58 |
> gcm@×××××××.com,aes128-gcm@×××××××.com,aes256-ctr,aes128-ctr,3des-cbc |
59 |
> debug2: ciphers stoc: chacha20-poly1305@×××××××.com,aes256- |
60 |
> gcm@×××××××.com,aes128-gcm@×××××××.com,aes256-ctr,aes128-ctr,3des-cbc |
61 |
> debug2: MACs ctos: hmac-sha2-512-etm@×××××××.com,hmac-sha2-256- |
62 |
> etm@×××××××.com,umac-128-etm@×××××××.com,hmac-sha2-512,hmac-sha2-256,hmac- |
63 |
> ripemd160,hmac-sha1 |
64 |
> debug2: MACs stoc: hmac-sha2-512-etm@×××××××.com,hmac-sha2-256- |
65 |
> etm@×××××××.com,umac-128-etm@×××××××.com,hmac-sha2-512,hmac-sha2-256,hmac- |
66 |
> ripemd160,hmac-sha1 |
67 |
> debug2: compression ctos: none,zlib@×××××××.com,zlib |
68 |
> debug2: compression stoc: none,zlib@×××××××.com,zlib |
69 |
> debug2: languages ctos: |
70 |
> debug2: languages stoc: |
71 |
> debug2: first_kex_follows 0 |
72 |
> debug2: reserved 0 |
73 |
> debug2: peer server KEXINIT proposal |
74 |
> debug2: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2- |
75 |
> nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange- |
76 |
> sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa1024-sha1 |
77 |
> debug2: host key algorithms: ssh-rsa |
78 |
> debug2: ciphers ctos: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192- |
79 |
> cbc,aes128-cbc,blowfish-ctr,blowfish-cbc,cast128- |
80 |
> cbc,arcfour256,arcfour128,3des-ctr,3des-cbc |
81 |
> debug2: ciphers stoc: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192- |
82 |
> cbc,aes128-cbc,blowfish-ctr,blowfish-cbc,cast128- |
83 |
> cbc,arcfour256,arcfour128,3des-ctr,3des-cbc |
84 |
> debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac- |
85 |
> md5,hmac-md5-96,hmac-ripemd160,umac-64@×××××××.com |
86 |
> debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac- |
87 |
> md5,hmac-md5-96,hmac-ripemd160,umac-64@×××××××.com |
88 |
> debug2: compression ctos: zlib@×××××××.com,zlib,none |
89 |
> debug2: compression stoc: zlib@×××××××.com,zlib,none |
90 |
> debug2: languages ctos: |
91 |
> debug2: languages stoc: |
92 |
> debug2: first_kex_follows 0 |
93 |
> debug2: reserved 0 |
94 |
> debug1: kex: algorithm: diffie-hellman-group-exchange-sha256 |
95 |
> debug1: kex: host key algorithm: ssh-rsa |
96 |
> debug1: REQUESTED ENC.NAME is 'aes256-ctr' |
97 |
> debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-512 |
98 |
> compression: none |
99 |
> debug1: REQUESTED ENC.NAME is 'aes256-ctr' |
100 |
> debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-512 |
101 |
> compression: none |
102 |
> debug3: send packet: type 34 |
103 |
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<8192<8192) sent |
104 |
> debug1: rekeying in progress |
105 |
> debug1: rekeying in progress |
106 |
> debug3: receive packet: type 31 |
107 |
> debug1: got SSH2_MSG_KEX_DH_GEX_GROUP |
108 |
> debug2: bits set: 4105/8192 |
109 |
> debug3: send packet: type 32 |
110 |
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent |
111 |
> debug1: rekeying in progress |
112 |
> debug1: rekeying in progress |