Re: ssh failure from CentOS7 to Centos6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Mon, 13 Jan 2020 at 12:23, Patrick Bégou
<Patrick.Begou@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> Hi,
>
> I have a strange problem with a freshly installed Centos7 desktop
> (most8pc25). I can't ssh to 2 CentOS6 servers, even with firewall
> disabled on the client and on the server. But I can connect from the
> server to the client, all in the same VLAN. I can also ssh from this
> desktop to centos7 servers in the same VLAN or in another VLAN.
>
> No idea about this problem.
>
> On the server kareline (client is most8pc25), tcpdump says:
>

So the client is able to talk to the server and the server is responding.

>
> On the Centos7 client, with "-v -v" ssh says:
>
>
> [tec21@most8pc25 ~]$ssh -v -v kareline
> OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 58: Applying options for *
> debug1: Connecting to kareline [194.254.66.8] port 22.
> debug1: Connection established.

^^ this says the first part started working.


> debug1: Local version string SSH-2.0-OpenSSH_7.4
> debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
> debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
> debug1: Authenticating to kareline:22 as 'tec21'
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received

It got items and says it is going to use the user tec21 to login

> debug2: local client KEXINIT proposal

> debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@xxxxxxxxxxx
> debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
> debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
> Connection closed by 194.254.66.8 port 22
>

The server then stops the connection. I would then go through the
following on the host:
1. Is fail2ban or something else dropping the connection for some reason?
2. Is there a log in /var/log/secure to say something is going on?
3. Does running the server on port 2222 in debug mode and connecting
from the client give a reason for it dieing?
4. On the client and server are /etc/ssh/*_config changed from
defaults and what changes are there. Sometimes saying you want XYZ
algo in one and not having it in another causes dropped connections
but I thought it gave an error.



> I'm stuck....
>
>
> Patrick
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]

  Powered by Linux