Bug#613505: ssh client fails to login to any ssh server ("reset by peer")

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#613505: ssh client fails to login to any ssh server ("reset by peer")
From: Oren Held <oren@held.org.il>
Date: Tue, 15 Feb 2011 12:35:48 +0200
Message-id: <[🔎] 4D5A5704.9080801@held.org.il>
Reply-to: Oren Held <oren@held.org.il>, 613505@bugs.debian.org
Package: openssh-client
Version: 1:5.8p1-2
Severity: serious

Since the last update to 5.8p1, I can no more login to any ssh server.
- I think it's tightly related to Ubuntu's
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493
- Problem gets solved when downgrading back to 5.5p6

Here's the output, first  brief, then verbose (-vvv):
orenhe@orenhe-laptop:~/src/xiv_xsf/_meta/packaging[master]$ ssh
root@orenhe-rhel5.ps
Read from socket failed: Connection reset by peer

orenhe@orenhe-laptop:~/src/xiv_xsf/_meta/packaging[master]$ ssh -vvv
root@orenhe-rhel5.ps
OpenSSH_5.8p1 Debian-2, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/orenhe/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to orenhe-rhel5.ps [9.151.147.165] port 22.
debug1: Connection established.
debug1: identity file /home/orenhe/.ssh/id_rsa type -1
debug1: identity file /home/orenhe/.ssh/id_rsa-cert type -1
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/orenhe/.ssh/id_dsa" as a RSA1 public key
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/orenhe/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/orenhe/.ssh/id_dsa-cert type -1
debug1: identity file /home/orenhe/.ssh/id_ecdsa type -1
debug1: identity file /home/orenhe/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-2
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "orenhe-rhel5.ps" from
file "/home/orenhe/.ssh/known_hosts"
debug3: load_hostkeys: loaded 0 keys
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit:
ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit:
reserved 0 debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2:
kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit:
reserved 0 debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Connection reset by peer



-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openssh-client depends on:
ii  adduser              3.112+nmu2          add and remove users and groups
ii  debconf [debconf-2.0 1.5.38              Debian configuration
management sy
ii  dpkg                 1.15.8.10           Debian package management
system
ii  libc6                2.11.2-11           Embedded GNU C Library:
Shared lib
ii  libedit2             2.11-20080614-2     BSD editline and history
libraries
ii  libgssapi-krb5-2     1.8.3+dfsg-4        MIT Kerberos runtime
libraries - k
ii  libselinux1          2.0.96-1            SELinux runtime shared
libraries
ii  libssl0.9.8          0.9.8o-5            SSL shared libraries
ii  passwd               1:4.1.4.2+svn3283-2 change and administer
password and
ii  zlib1g               1:1.2.3.4.dfsg-3    compression library - runtime

Versions of packages openssh-client recommends:
ii  openssh-blacklist             0.4.1      list of default blacklisted
OpenSS
ii  openssh-blacklist-extra       0.4.1      list of non-default
blacklisted Op
ii  xauth                         1:1.0.5-1  X authentication utility

Versions of packages openssh-client suggests:
pn  keychain                     <none>      (no description available)
pn  libpam-ssh                   <none>      (no description available)
ii  ssh-askpass                  1:1.2.4.1-9 under X, asks user for a
passphras

-- no debconf information
Reply to:
Prev by Date: [bts-link] source package openssh
Next by Date: Bug#613578: error messages should make clear if they are talking about remote or local machine
Previous by thread: [bts-link] source package openssh
Next by thread: Bug#613578: error messages should make clear if they are talking about remote or local machine
Index(es):
- Date
- Thread