5.1p1 disconnects after the password prompt when connecting to my router and
UPS. 5.1p1 connects fine to other unix hosts, and my Windows client connects
fine to 5.1p1 servers. 5.0p1 works fine everywhere.
I've tried ssh -T, ssh -t, permutations with ssh -o Compression=no -o
TCPKeepAlive=no, etc, to no avail. I've used the default ssh_config file,
and it still fails.
Can anyone suggest any other command line options to try that might have
changed?
Here is a -vvv log from 5.1p1 and 5.0p1 connecting to my router:
ssh -vvv -p 1024 admin at router
5.1p1:
OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug3: cipher ok: aes256-cbc [aes256-cbc,3des-cbc]
debug3: cipher ok: 3des-cbc [aes256-cbc,3des-cbc]
debug3: ciphers ok: [aes256-cbc,3des-cbc]
debug2: mac_setup: found hmac-sha1
debug3: mac ok: hmac-sha1
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: mac_setup: found hmac-md5
debug3: mac ok: hmac-md5
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: mac_setup: found hmac-ripemd160
debug3: mac ok: hmac-ripemd160
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: mac_setup: found hmac-sha1-96
debug3: mac ok: hmac-sha1-96
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: mac_setup: found hmac-md5-96
debug3: mac ok: hmac-md5-96
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug3: macs ok: [hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: ssh_connect: needpriv 0
debug1: Connecting to router [10.1.1.1] port 1024.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version NetScreen
debug1: no match: NetScreen
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes256-cbc,3des-cbc
debug2: kex_parse_kexinit: aes256-cbc,3des-cbc
debug2: kex_parse_kexinit:
hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: 3des-cbc
debug2: kex_parse_kexinit: 3des-cbc
debug2: kex_parse_kexinit: hmac-sha1
debug2: kex_parse_kexinit: hmac-sha1
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client 3des-cbc hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server 3des-cbc hmac-sha1 none
debug2: dh_gen_key: priv key bits set: 182/384
debug2: bits set: 516/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug3: put_host_port: [10.1.1.1]:1024
debug3: put_host_port: [router]:1024
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 74
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 74
debug1: Host '[router]:1024' is known and matches the DSA host key.
debug1: Found key in /root/.ssh/known_hosts:74
debug2: bits set: 481/1024
debug1: ssh_dss_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: password
debug3: start over, passed a different list password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup password
debug3: remaining preferred: ,keyboard-interactive,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
admin at router's password:
^
The password prompt works fine and blocks wrong passwords properly.
This is a failed connection ->
debug3: packet_send2: adding 56 (len 61 padlen 11 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug2: fd 5 setting O_NONBLOCK
debug3: fd 6 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions at openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: tty_make_modes: ospeed 38400
debug3: tty_make_modes: ispeed 38400
debug2: channel 0: request shell confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 2048 rmax 1024
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r42 i0/0 o0/0 fd 4/5 cfd -1)
debug3: channel 0: close_fds r 4 w 5 e 6 c -1
debug1: fd 1 clearing O_NONBLOCK
debug3: fd 2 is not O_NONBLOCK
Connection to router closed by remote host.
Connection to router closed.
Transferred: sent 1224, received 920 bytes, in 0.0 seconds
Bytes per second: sent 98557.8, received 74079.4
debug1: Exit status -1
5.0p1:
OpenSSH_5.0p1, OpenSSL 0.9.8h 28 May 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug3: cipher ok: aes256-cbc [aes256-cbc,3des-cbc]
debug3: cipher ok: 3des-cbc [aes256-cbc,3des-cbc]
debug3: ciphers ok: [aes256-cbc,3des-cbc]
debug2: mac_setup: found hmac-sha1
debug3: mac ok: hmac-sha1
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: mac_setup: found hmac-md5
debug3: mac ok: hmac-md5
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: mac_setup: found hmac-ripemd160
debug3: mac ok: hmac-ripemd160
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: mac_setup: found hmac-sha1-96
debug3: mac ok: hmac-sha1-96
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: mac_setup: found hmac-md5-96
debug3: mac ok: hmac-md5-96
[hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug3: macs ok: [hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96]
debug2: ssh_connect: needpriv 0
debug1: Connecting to router [10.1.1.1] port 1024.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version NetScreen
debug1: no match: NetScreen
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.0
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes256-cbc,3des-cbc
debug2: kex_parse_kexinit: aes256-cbc,3des-cbc
debug2: kex_parse_kexinit:
hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: 3des-cbc
debug2: kex_parse_kexinit: 3des-cbc
debug2: kex_parse_kexinit: hmac-sha1
debug2: kex_parse_kexinit: hmac-sha1
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client 3des-cbc hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server 3des-cbc hmac-sha1 none
debug2: dh_gen_key: priv key bits set: 181/384
debug2: bits set: 562/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug3: put_host_port: [10.1.1.1]:1024
debug3: put_host_port: [router]:1024
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 74
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 74
debug1: Host '[router]:1024' is known and matches the DSA host key.
debug1: Found key in /root/.ssh/known_hosts:74
debug2: bits set: 511/1024
debug1: ssh_dss_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: password
debug3: start over, passed a different list password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup password
debug3: remaining preferred: ,keyboard-interactive,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
admin at router's password:
^
The password prompt works fine and blocks wrong passwords properly.
This is a successfull connection ->
debug3: packet_send2: adding 56 (len 61 padlen 11 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug2: fd 5 setting O_NONBLOCK
debug3: fd 6 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 0
debug3: tty_make_modes: ospeed 38400
debug3: tty_make_modes: ispeed 38400
debug3: tty_make_modes: 1 3
debug3: tty_make_modes: 2 28
debug3: tty_make_modes: 3 127
debug3: tty_make_modes: 4 21
debug3: tty_make_modes: 5 4
debug3: tty_make_modes: 6 0
debug3: tty_make_modes: 7 0
debug3: tty_make_modes: 8 17
debug3: tty_make_modes: 9 19
debug3: tty_make_modes: 10 26
debug3: tty_make_modes: 12 18
debug3: tty_make_modes: 13 23
debug3: tty_make_modes: 14 22
debug3: tty_make_modes: 18 15
debug3: tty_make_modes: 30 0
debug3: tty_make_modes: 31 0
debug3: tty_make_modes: 32 0
debug3: tty_make_modes: 33 0
debug3: tty_make_modes: 34 0
debug3: tty_make_modes: 35 0
debug3: tty_make_modes: 36 1
debug3: tty_make_modes: 37 0
debug3: tty_make_modes: 38 1
debug3: tty_make_modes: 39 0
debug3: tty_make_modes: 40 0
debug3: tty_make_modes: 41 0
debug3: tty_make_modes: 50 1
debug3: tty_make_modes: 51 1
debug3: tty_make_modes: 52 0
debug3: tty_make_modes: 53 1
debug3: tty_make_modes: 54 1
debug3: tty_make_modes: 55 1
debug3: tty_make_modes: 56 0
debug3: tty_make_modes: 57 0
debug3: tty_make_modes: 58 0
debug3: tty_make_modes: 59 1
debug3: tty_make_modes: 60 1
debug3: tty_make_modes: 61 1
debug3: tty_make_modes: 62 0
debug3: tty_make_modes: 70 1
debug3: tty_make_modes: 71 0
debug3: tty_make_modes: 72 1
debug3: tty_make_modes: 73 0
debug3: tty_make_modes: 74 0
debug3: tty_make_modes: 75 0
debug3: tty_make_modes: 90 1
debug3: tty_make_modes: 91 1
debug3: tty_make_modes: 92 0
debug3: tty_make_modes: 93 0
debug2: channel 0: request shell confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 2048 rmax 1024
Remote Management Console
router-> exitdebug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r43 i3/0 o3/0 fd -1/-1 cfd -1)
debug3: channel 0: close_fds r -1 w -1 e 6 c -1
debug1: fd 1 clearing O_NONBLOCK
debug3: fd 2 is not O_NONBLOCK
Connection to router closed.
debug1: Transferred: stdin 0, stdout 0, stderr 27 bytes in 1.3 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 20.1
debug1: Exit status -1