| 1 |
On Thursday 23 Feb 2017 20:10:05 Mick wrote: |
| 2 |
> I am trying to understand why an ssh server keeps dropping the connection |
| 3 |
> when using openssh on Linux straight after a successful authentication, but |
| 4 |
> it works fine with Filezilla in MSWindows. |
| 5 |
> |
| 6 |
> The connection initially appears to succeed like so: |
| 7 |
> |
| 8 |
> debug2: service_accept: ssh-userauth |
| 9 |
> debug1: SSH2_MSG_SERVICE_ACCEPT received |
| 10 |
> debug3: send packet: type 50 |
| 11 |
> debug3: receive packet: type 51 |
| 12 |
> debug1: Authentications that can continue: password |
| 13 |
> debug3: start over, passed a different list password |
| 14 |
> debug3: preferred publickey,keyboard-interactive,password |
| 15 |
> debug3: authmethod_lookup password |
| 16 |
> debug3: remaining preferred: ,keyboard-interactive,password |
| 17 |
> debug3: authmethod_is_enabled password |
| 18 |
> debug1: Next authentication method: password |
| 19 |
> user_name@server_name.com's password: |
| 20 |
> debug3: send packet: type 50 |
| 21 |
> debug2: we sent a password packet, wait for reply |
| 22 |
> debug3: receive packet: type 52 |
| 23 |
> debug1: Single to Multithread CTR cipher swap - client request |
| 24 |
> debug1: Authentication succeeded (password). |
| 25 |
> Authenticated to server_name.com ([123.456.78.9]:22). |
| 26 |
> |
| 27 |
> |
| 28 |
> Then it starts renegotiating keys and it eventually fails: |
| 29 |
> |
| 30 |
> debug1: Final hpn_buffer_size = 2097152 |
| 31 |
> debug1: HPN Disabled: 0, HPN Buffer Size: 2097152 |
| 32 |
> debug1: channel 0: new [client-session] |
| 33 |
> debug1: Enabled Dynamic Window Scaling |
| 34 |
> debug3: ssh_session2_open: channel_new: 0 |
| 35 |
> debug2: channel 0: send open |
| 36 |
> debug3: ssh_packet_send2: rekex triggered |
| 37 |
> debug1: enqueue packet: 90 |
| 38 |
> debug3: send packet: type 20 |
| 39 |
> debug1: SSH2_MSG_KEXINIT sent |
| 40 |
> debug1: Entering interactive session. |
| 41 |
> debug1: pledge: network |
| 42 |
> debug1: rekeying in progress |
| 43 |
> debug1: rekeying in progress |
| 44 |
> debug3: receive packet: type 20 |
| 45 |
> debug1: SSH2_MSG_KEXINIT received |
| 46 |
> debug1: AUTH STATE IS 1 |
| 47 |
> debug2: local client KEXINIT proposal |
| 48 |
> debug2: KEX algorithms: curve25519-sha256@××××××.org,diffie-hellman-group- |
| 49 |
> exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sh |
| 50 |
> a1 debug2: host key algorithms: |
| 51 |
> ssh-rsa-cert-v01@×××××××.com,rsa-sha2-512,rsa- |
| 52 |
> sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@×××××××.com,ecdsa-sha2-nistp3 |
| 53 |
> 84- |
| 54 |
> cert-v01@×××××××.com,ecdsa-sha2-nistp521-cert-v01@×××××××.com,ssh-ed25519- |
| 55 |
> cert-v01@×××××××.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2- |
| 56 |
> nistp521,ssh-ed25519 |
| 57 |
> debug2: ciphers ctos: chacha20-poly1305@×××××××.com,aes256- |
| 58 |
> gcm@×××××××.com,aes128-gcm@×××××××.com,aes256-ctr,aes128-ctr,3des-cbc |
| 59 |
> debug2: ciphers stoc: chacha20-poly1305@×××××××.com,aes256- |
| 60 |
> gcm@×××××××.com,aes128-gcm@×××××××.com,aes256-ctr,aes128-ctr,3des-cbc |
| 61 |
> debug2: MACs ctos: hmac-sha2-512-etm@×××××××.com,hmac-sha2-256- |
| 62 |
> etm@×××××××.com,umac-128-etm@×××××××.com,hmac-sha2-512,hmac-sha2-256,hmac- |
| 63 |
> ripemd160,hmac-sha1 |
| 64 |
> debug2: MACs stoc: hmac-sha2-512-etm@×××××××.com,hmac-sha2-256- |
| 65 |
> etm@×××××××.com,umac-128-etm@×××××××.com,hmac-sha2-512,hmac-sha2-256,hmac- |
| 66 |
> ripemd160,hmac-sha1 |
| 67 |
> debug2: compression ctos: none,zlib@×××××××.com,zlib |
| 68 |
> debug2: compression stoc: none,zlib@×××××××.com,zlib |
| 69 |
> debug2: languages ctos: |
| 70 |
> debug2: languages stoc: |
| 71 |
> debug2: first_kex_follows 0 |
| 72 |
> debug2: reserved 0 |
| 73 |
> debug2: peer server KEXINIT proposal |
| 74 |
> debug2: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2- |
| 75 |
> nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange- |
| 76 |
> sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa1024-sha1 |
| 77 |
> debug2: host key algorithms: ssh-rsa |
| 78 |
> debug2: ciphers ctos: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192- |
| 79 |
> cbc,aes128-cbc,blowfish-ctr,blowfish-cbc,cast128- |
| 80 |
> cbc,arcfour256,arcfour128,3des-ctr,3des-cbc |
| 81 |
> debug2: ciphers stoc: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192- |
| 82 |
> cbc,aes128-cbc,blowfish-ctr,blowfish-cbc,cast128- |
| 83 |
> cbc,arcfour256,arcfour128,3des-ctr,3des-cbc |
| 84 |
> debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac- |
| 85 |
> md5,hmac-md5-96,hmac-ripemd160,umac-64@×××××××.com |
| 86 |
> debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac- |
| 87 |
> md5,hmac-md5-96,hmac-ripemd160,umac-64@×××××××.com |
| 88 |
> debug2: compression ctos: zlib@×××××××.com,zlib,none |
| 89 |
> debug2: compression stoc: zlib@×××××××.com,zlib,none |
| 90 |
> debug2: languages ctos: |
| 91 |
> debug2: languages stoc: |
| 92 |
> debug2: first_kex_follows 0 |
| 93 |
> debug2: reserved 0 |
| 94 |
> debug1: kex: algorithm: diffie-hellman-group-exchange-sha256 |
| 95 |
> debug1: kex: host key algorithm: ssh-rsa |
| 96 |
> debug1: REQUESTED ENC.NAME is 'aes256-ctr' |
| 97 |
> debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-512 |
| 98 |
> compression: none |
| 99 |
> debug1: REQUESTED ENC.NAME is 'aes256-ctr' |
| 100 |
> debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-512 |
| 101 |
> compression: none |
| 102 |
> debug3: send packet: type 34 |
| 103 |
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<8192<8192) sent |
| 104 |
> debug1: rekeying in progress |
| 105 |
> debug1: rekeying in progress |
| 106 |
> debug3: receive packet: type 31 |
| 107 |
> debug1: got SSH2_MSG_KEX_DH_GEX_GROUP |
| 108 |
> debug2: bits set: 4105/8192 |
| 109 |
> debug3: send packet: type 32 |
| 110 |
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent |
| 111 |
> debug1: rekeying in progress |
| 112 |
> debug1: rekeying in progress |
Archives