ssh does not connect

istazahn · May 12, 2011, 3:54pm

Hi all,
I’m having problems using ssh to connect two openSUSE machines. I have a laptop at home, a desktop at school (both running openSUSE 11.4/Tumbleweed) and a server slice that I rent (running Ubuntu 10.04). I can ssh into the Ubuntu server from the laptop, and I can connect from the server to the desktop, but I cannot connect from the laptop to the desktop. Here are the details.

Here is what happens when I try to connect from the laptop to the desktop:


<MyUsername>@<MyLaptop> ssh -v <MyDesktop>
OpenSSH_5.8p1, OpenSSL 1.0.0c 2 Dec 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to <MyDesktop> port 22.
debug1: Connection established.
debug1: identity file /home/<MyUsername>/.ssh/id_rsa type -1
debug1: identity file /home/<MyUsername>/.ssh/id_rsa-cert type -1
debug1: identity file /home/<MyUsername>/.ssh/id_dsa type -1
debug1: identity file /home/<MyUsername>/.ssh/id_dsa-cert type -1
debug1: identity file /home/<MyUsername>/.ssh/id_ecdsa type -1
debug1: identity file /home/<MyUsername>/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
debug1: match: OpenSSH_5.8 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

and then it just sits there.

For reference, here is what happens when I connect from the laptop to the server, and from the server to the desktop.

Connecting from the laptop to the server (works).


 <MyUsername>@linux-gm46:~> ssh -v <MyUsername>@<MyServer>
OpenSSH_5.8p1, OpenSSL 1.0.0c 2 Dec 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to <MyServer ...>.
debug1: Connection established.
debug1: identity file /home/<MyUsername>/.ssh/id_rsa type -1
debug1: identity file /home/<MyUsername>/.ssh/id_rsa-cert type -1
debug1: identity file /home/<MyUsername>/.ssh/id_dsa type -1
debug1: identity file /home/<MyUsername>/.ssh/id_dsa-cert type -1
debug1: identity file /home/<MyUsername>/.ssh/id_ecdsa type -1
debug1: identity file /home/<MyUsername>/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu5
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA <OMITTED>
debug1: Host '<MyServer>' is known and matches the RSA host key.
debug1: Found key in /home/<MyUserName>/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/<MyUserName>/.ssh/id_rsa
debug1: Trying private key: /home/<MyUserName>/.ssh/id_dsa
debug1: Trying private key: /home/<MyUserName>/.ssh/id_ecdsa
debug1: Next authentication method: password
<MyUserName>@<MyServer>'s password: 
debug1: Authentication succeeded (password).
Authenticated to <MyServer>.
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Linux <MyServer>-rscloud #1 SMP Wed Aug 11 18:40:09 UTC 2010 i686 GNU/Linux
Ubuntu 10.04.2 LTS

Welcome to Ubuntu!

Connecting to the


<MyUserName>@<MyServer> ssh -v <MyUsername>@<MyDesktop>
OpenSSH_5.3p1 Debian-3ubuntu5, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to <MyDesktop> port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /<MyUsername>/.ssh/identity type -1
debug1: identity file /<MyUsername>/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /<MyUserName>/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
debug1: match: OpenSSH_5.8 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu5
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '<MyDesktop>' is known and matches the RSA host key.
debug1: Found key in /<MyUserName>/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /<MyUserName>/.ssh/identity
debug1: Offering public key: /<MyUserName>/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /<MyUserName>/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password: 
debug1: Authentication succeeded (keyboard-interactive).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Thu May 12 09:40:21 2011 from <ommited>
Have a lot of fun...

Any help will be appreciated!

ken_yap · May 12, 2011, 4:01pm

There may be some kind of blocking happening at your school’s firewall. Maybe it kicks in after a few packets have been exchanged. Maybe it’s due to the dynamic IP address of your home laptop.

If you can’t solve this, you could at least simplify the login by using a ssh tunnel via your server. E.g. in one session

ssh -L 2200:desktop:22 server

In another session:

ssh -p 2200 localhost

will connect you to the desktop’s ssh service.

istazahn · May 12, 2011, 4:35pm

OK, that makes sense. And now that you mention it I do remember an email to the effect that the University was tightening up network security. OK, so I consider the problem diagnosed. Thanks!

OK, I tried that and got


<MyUsername>@linux-gm46:~> ssh -v -p 2200 localhost
OpenSSH_5.8p1, OpenSSL 1.0.0c 2 Dec 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost ::1] port 2200.
debug1: Connection established.
debug1: identity file /home/<MyUsername>/.ssh/id_rsa type -1
debug1: identity file /home/<MyUsername>/.ssh/id_rsa-cert type -1
debug1: identity file /home/<MyUsername>/.ssh/id_dsa type -1
debug1: identity file /home/<MyUsername>/.ssh/id_dsa-cert type -1
debug1: identity file /home/<MyUsername>/.ssh/id_ecdsa type -1
debug1: identity file /home/<MyUsername>/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
debug1: match: OpenSSH_5.8 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8
debug1: SSH2_MSG_KEXINIT sent
Connection closed by ::1

At this point the issue is clearly not openSUSE related, and I will ask google about ssh tunneling (something I’m not familiar with). Still, if anyone sees what the problem with the work-around is I’d appreciate a quick tip.

Thanks for your help. This was my first post to the openSUSE forums, and the quality and speed to the assistance I received could not have been better. I really appreciate your help!

ken_yap · May 12, 2011, 5:14pm

It’s using the IPv6 localhost. Try substituting 127.0.0.1 for localhost in the recipe.

robin_listas · May 12, 2011, 9:38pm

On 2011-05-12 16:06, istazahn wrote:
> and then it just sits there.

I can not ssh between two openSUSE machines in my local network. I have to do:

SSH_AUTH_SOCK="" ssh whatever.

and then it works. I don’t think it is your problem, but…

–
Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)