Mailing List Archive

Weird SSH issue.
Hello, I'm having trouble connecting to any server outside my local
network since like a week. I could do it without any problems before
that.

Here's the log

#2.6.35-22-generic x86_64 GNU/Linux
OpenSSH_5.5p1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to x.x.x.x [x.x.x.x] Port yy.
debug1: Connection established.
debug3: Not a RSA1 key file /home/alex/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/alex/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/alex/.ssh/id_rsa-cert type -1
debug1: identity file /home/alex/.ssh/id_dsa type -1
debug1: identity file /home/alex/.ssh/id_dsa-cert type -1
#after this it hangs so I've to terminate it.


Since SSH just hangs and doesn't terminate with an error message I
don't know where to continue from. I'm under a firewall (possibly a
blacklist) but I am confused here again because I can telnet to the
server.

Any ideas?

Thanks
Alex
Re: Weird SSH issue. [ In reply to ]
It seems to me that the key is bad. Can you generate a new one with
ssh-keygen and try?

On 02/02/2011 07:20 AM, Alex John wrote:
> Hello, I'm having trouble connecting to any server outside my local
> network since like a week. I could do it without any problems before
> that.
>
> Here's the log
>
> #2.6.35-22-generic x86_64 GNU/Linux
> OpenSSH_5.5p1, OpenSSL 0.9.8o 01 Jun 2010
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to x.x.x.x [x.x.x.x] Port yy.
> debug1: Connection established.
> debug3: Not a RSA1 key file /home/alex/.ssh/id_rsa.
> debug2: key_type_from_name: unknown key type '-----BEGIN'
> debug3: key_read: missing keytype
> debug2: key_type_from_name: unknown key type 'Proc-Type:'
> debug3: key_read: missing keytype
> debug2: key_type_from_name: unknown key type 'DEK-Info:'
> debug3: key_read: missing keytype
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug2: key_type_from_name: unknown key type '-----END'
> debug3: key_read: missing keytype
> debug1: identity file /home/alex/.ssh/id_rsa type 1
> debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
> debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
> debug1: identity file /home/alex/.ssh/id_rsa-cert type -1
> debug1: identity file /home/alex/.ssh/id_dsa type -1
> debug1: identity file /home/alex/.ssh/id_dsa-cert type -1
> #after this it hangs so I've to terminate it.
>
>
> Since SSH just hangs and doesn't terminate with an error message I
> don't know where to continue from. I'm under a firewall (possibly a
> blacklist) but I am confused here again because I can telnet to the
> server.
>
> Any ideas?
>
> Thanks
> Alex
>
>
Re: Weird SSH issue. [ In reply to ]
Remove /home/alex/.ssh/Id_rsa*
Enjoy

Am 02.02.2011 um 14:20 schrieb Alex John <alex@archeleus.com>:

> Hello, I'm having trouble connecting to any server outside my local
> network since like a week. I could do it without any problems before
> that.
>
> Here's the log
>
> #2.6.35-22-generic x86_64 GNU/Linux
> OpenSSH_5.5p1, OpenSSL 0.9.8o 01 Jun 2010
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to x.x.x.x [x.x.x.x] Port yy.
> debug1: Connection established.
> debug3: Not a RSA1 key file /home/alex/.ssh/id_rsa.
> debug2: key_type_from_name: unknown key type '-----BEGIN'
> debug3: key_read: missing keytype
> debug2: key_type_from_name: unknown key type 'Proc-Type:'
> debug3: key_read: missing keytype
> debug2: key_type_from_name: unknown key type 'DEK-Info:'
> debug3: key_read: missing keytype
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug2: key_type_from_name: unknown key type '-----END'
> debug3: key_read: missing keytype
> debug1: identity file /home/alex/.ssh/id_rsa type 1
> debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
> debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
> debug1: identity file /home/alex/.ssh/id_rsa-cert type -1
> debug1: identity file /home/alex/.ssh/id_dsa type -1
> debug1: identity file /home/alex/.ssh/id_dsa-cert type -1
> #after this it hangs so I've to terminate it.
>
>
> Since SSH just hangs and doesn't terminate with an error message I
> don't know where to continue from. I'm under a firewall (possibly a
> blacklist) but I am confused here again because I can telnet to the
> server.
>
> Any ideas?
>
> Thanks
> Alex
RE: Weird SSH issue. [ In reply to ]
Alex,

You're missing "debug1: Authentication succeeded (publickey)." The absence
of this line suggests it's not a network problem, neither is it likely an
SSH client/server problem. Your SSH connection likely is inherently failing
from something wrong with your key files; and that, very much so, is SSH
working as expected. Did you recently edit your public key? Check the
timestap. You may have inadvertently clobbered the file w/ line breaks, a
noeol issue.

Regards,
Perry B. Whelan

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Alex John
Sent: Wednesday, February 02, 2011 7:21 AM
To: secureshell@securityfocus.com
Subject: Weird SSH issue.

Hello, I'm having trouble connecting to any server outside my local
network since like a week. I could do it without any problems before
that.

Here's the log

#2.6.35-22-generic x86_64 GNU/Linux
OpenSSH_5.5p1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to x.x.x.x [x.x.x.x] Port yy.
debug1: Connection established.
debug3: Not a RSA1 key file /home/alex/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/alex/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/alex/.ssh/id_rsa-cert type -1
debug1: identity file /home/alex/.ssh/id_dsa type -1
debug1: identity file /home/alex/.ssh/id_dsa-cert type -1
#after this it hangs so I've to terminate it.


Since SSH just hangs and doesn't terminate with an error message I
don't know where to continue from. I'm under a firewall (possibly a
blacklist) but I am confused here again because I can telnet to the
server.

Any ideas?

Thanks
Alex
Re: Weird SSH issue. [ In reply to ]
On 3/02/11 12:20 AM, Alex John wrote:
> Hello, I'm having trouble connecting to any server outside my local
> network since like a week. I could do it without any problems before
> that.

Sounds like a network problem, any recent changes? Here's one
possibility: http://www.snailbook.com/faq/mtu-mismatch.auto.html

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
Re: Weird SSH issue. [ In reply to ]
Hello,

On 3 February 2011 07:48, Darren Tucker <dtucker@zip.com.au> wrote:
> On 3/02/11 12:20 AM, Alex John wrote:
>>
>> Hello, I'm having trouble connecting to any server outside my local
>> network since like a week. I could do it without any problems before
>> that.
>
> Sounds like a network problem, any recent changes?

Yes, well the firewall used to be a caching proxy but the admins have
changed that to something else like a black list (but I still can
telnet to the server, so I don't think its blacklisted). SSH
connections used to be going properly to just about anywhere before
this change.

Here's one possibility:
> http://www.snailbook.com/faq/mtu-mismatch.auto.html
>

On 3 February 2011 03:08, zitstif <zitstif@gmail.com> wrote:
> Alex,
> Out of curiosity, have you tried connecting with a different distro? Or even
> try using putty?

Yes, I've tried in gentoo/ubuntu/Windows (putty). That's all the
distros I have at the moment.

On 3 February 2011 04:38, zhong ming wu <mr.z.m.wu@gmail.com> wrote:
> That looks like the output from the client
>
> What do u see in server log?

Here's the syslog:

sshd[31757]: Accepted password for user from x.x.x.x port 51435 ssh2
sshd[31757]: pam_unix(sshd:session): session opened for user user by (uid=0)
sshd[31757]: lastlog_filetype: Couldn't stat /var/log/lastlog: No such
file or directory
sshd[31757]: lastlog_openseek: /var/log/lastlog is not a file or directory!
sshd[31757]: lastlog_filetype: Couldn't stat /var/log/lastlog: No such
file or directory
sshd[31757]: lastlog_openseek: /var/log/lastlog is not a file or directory!
sshd[31757]: pam_unix(sshd:session): session closed for user user

> Maybe firewall settings changed?  It may not block the port but sometimes
> firewalls can do some weird port/protocol specific proxying

Yeah, any way to pinpoint what exactly its doing to the connection?

Thanks
Alex
Re: Weird SSH issue. [ In reply to ]
On FreeBSD 7.x (and earlier), I'd see this if the number of groups "user" was in exceeded NGROUPS. FreeBSD 8.x changed this (NGROUPS increased, among other things.)

On an internal distro (based on LFS) of Linux, I'd see this if the user's shell wasn't valid.

Also, "user (uid=0)" is special to SSH... but that shouldn't be a surprise.

--- Richard


On Feb 4, 2011, at 3:18 AM, Alex John wrote:

> Hello,
>
> On 3 February 2011 07:48, Darren Tucker <dtucker@zip.com.au> wrote:
>> On 3/02/11 12:20 AM, Alex John wrote:
>>>
>>> Hello, I'm having trouble connecting to any server outside my local
>>> network since like a week. I could do it without any problems before
>>> that.
>>
>> Sounds like a network problem, any recent changes?
>
> Yes, well the firewall used to be a caching proxy but the admins have
> changed that to something else like a black list (but I still can
> telnet to the server, so I don't think its blacklisted). SSH
> connections used to be going properly to just about anywhere before
> this change.
>
> Here's one possibility:
>> http://www.snailbook.com/faq/mtu-mismatch.auto.html
>>
>
> On 3 February 2011 03:08, zitstif <zitstif@gmail.com> wrote:
>> Alex,
>> Out of curiosity, have you tried connecting with a different distro? Or even
>> try using putty?
>
> Yes, I've tried in gentoo/ubuntu/Windows (putty). That's all the
> distros I have at the moment.
>
> On 3 February 2011 04:38, zhong ming wu <mr.z.m.wu@gmail.com> wrote:
>> That looks like the output from the client
>>
>> What do u see in server log?
>
> Here's the syslog:
>
> sshd[31757]: Accepted password for user from x.x.x.x port 51435 ssh2
> sshd[31757]: pam_unix(sshd:session): session opened for user user by (uid=0)
> sshd[31757]: lastlog_filetype: Couldn't stat /var/log/lastlog: No such
> file or directory
> sshd[31757]: lastlog_openseek: /var/log/lastlog is not a file or directory!
> sshd[31757]: lastlog_filetype: Couldn't stat /var/log/lastlog: No such
> file or directory
> sshd[31757]: lastlog_openseek: /var/log/lastlog is not a file or directory!
> sshd[31757]: pam_unix(sshd:session): session closed for user user
>
>> Maybe firewall settings changed? It may not block the port but sometimes
>> firewalls can do some weird port/protocol specific proxying
>
> Yeah, any way to pinpoint what exactly its doing to the connection?
>
> Thanks
> Alex