Hi,
When I had 11.0, I could ssh to my router without problems. When I switched
to 11.2, I no longer could (three machines, one new, two upgraded). I have
also tried from a VM 11.1. Putty in another VM also fails.
11.2:
Code:
cer@Telcontar:~> SSH_AUTH_SOCK="" ssh -v router
OpenSSH_5.2p1, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /home/cer/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to router [192.168.1.1] port 22.
debug1: Connection established.
debug1: identity file /home/cer/.ssh/id_rsa type 1
debug1: identity file /home/cer/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version dropbear_0.36
debug1: no match: dropbear_0.36
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client 3des-cbc hmac-md5 none
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
Read from socket failed: Connection reset by peer
cer@Telcontar:~>
11.1 virtual machine (vmware):
Code:
eleanor:~ # ssh -v router
OpenSSH_5.1p1, OpenSSL 0.9.8h 28 May 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to router [192.168.1.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version dropbear_0.36
debug1: no match: dropbear_0.36
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client 3des-cbc hmac-md5 none
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
Write failed: Connection reset by peer
eleanor:~ #
Putty, winme: “internal fault: chaos is SSH2 transport layer” and
“connection closed by remote host”. From XP it says “reset by peer”.
Chances are it is some thing in the router (which accepts telnet and http
without problems, so there is conectivity). The configuration for both
telnet and ssh is the same, open (there are no more settings).
Code:
-> remoteaccess show
remote access for FTP is in LAN side
remote access for HTTP is in LAN side
remote access for ICMP is in WAN & LAN sides
remote access for SNMP is in LAN side
remote access for SSH is in LAN side <===
remote access for TELNET is in LAN side <===
remote access for TFTP is in LAN side
Access Control Mode : enable
IP address Subnet mask Interface
172.20.25.0 255.255.255.0 WAN
172.20.45.0 255.255.255.0 WAN
193.152.37.192 255.255.255.240 WAN
0.0.0.0 0.0.0.0 LAN
80.58.63.128 255.255.255.128 WAN
Hit <enter> to continue
The router is a Comtrend ADSL router, model CT-536+. I tried hard reseting
it, and restoring configuration from its backup. No change.
What confuses me is that it worked in 11.0. Some configuration changed,
some default protocol changed?
The only test I can still do is install an 11.0 VM and test from that one…
Ideas?
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)