API tools faq
paste
Advertisement
lifeboy

email ssh explanation

lifeboy
May 27th, 2013
140
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 4.38 KB | None | 0 0
raw download clone embed print report
  1. I cannot connect via SSH between a client and the server or vice versa from the server.  Connecting to the server from the client, prompts me to update the key, which, if answering "yes", allows me to connect.  However, since this is a client image, the key is not retained when rebooting, so it has to be fixed in the image.  However, the image (chroot) keys match the server's keys?
  2.  
  3. To try and troubleshoot this, I added openssh-server to the client chroot and configured a user with sudo rights before rebuilding the client image.  Once the client has booted, when I try to connect:
  4.  
  5. # ssh -v 192.168.8.236
  6. OpenSSH_5.5p1 Debian-4ubuntu6, OpenSSL 0.9.8o 01 Jun 2010
  7. debug1: Reading configuration data /etc/ssh/ssh_config
  8. debug1: Applying options for *
  9. debug1: Connecting to 192.168.8.236 [192.168.8.236] port 22.
  10. debug1: Connection established.
  11. debug1: permanently_set_uid: 0/0
  12. debug1: identity file /root/.ssh/id_rsa type -1
  13. debug1: identity file /root/.ssh/id_rsa-cert type -1
  14. debug1: identity file /root/.ssh/id_dsa type -1
  15. debug1: identity file /root/.ssh/id_dsa-cert type -1
  16. debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5p1 Debian-4ubuntu6
  17. debug1: match: OpenSSH_5.5p1 Debian-4ubuntu6 pat OpenSSH*
  18. debug1: Enabling compatibility mode for protocol 2.0
  19. debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu6
  20. debug1: SSH2_MSG_KEXINIT sent
  21. Read from socket failed: Connection reset by peer
  22.  
  23. Google has many hits for this, and I have read a large number of them, but none really resolve the issue.  I have purged the relevant packages as well and reinstalled, not difference.
  24.  
  25. However, the keys match:
  26.  
  27. # cat /etc/ssh/ssh_host_dsa_key.pub
  28. ssh-dss AAAAB3NzaC1kc3MAAACBALTo9JGJtBCv9rymWkO1MIeDP9NHptGnDnqTJXLnv0uPzQxEjre9y6WuuPQCw6kzIfYCh7zNIh6ioUZ6zy25WWalFsUgBubWm9W9tDw5mK1+lQRFLZ8jdLkwXOQ/slUmj5pE+4j0aZljxgpIe2f60FKX656CYnmgyZq+izV9MVf9AAAAFQDKu5eG1x97YEw/PjI+GOlcSzPtwQAAAIATLVwopoOu0ntvciy/3/iGwoJGinfvBQ/5qpp5ba4uHLTyyTW1fRzCA6P2PW4rV9r2CLhicvMO0UVUXL0petMrQ3iWjwTg8RH1LAavISipri/TRYEpv1gLXutBtIbXmpsCUzC8okfO3l7j8fiZeaBtvndnXN5pQOn/OMXqW4evNwAAAIEAmL5YXxApE764f19WYqKRH/CeKLuNg4/rrkoFnemZq6iUCigC+Docbpa4Q5NDslb72Q8/z9O1beJjV7FzK/fNYkwk5w7mWgzfX7u8NzBC64OVZJtPZ0fNxmy3SdlaoWhtANxqkwRXdVu16rYbeoEcb0xiThlYkqeihy6uhiTAl7Q= root@zambas
  29.  
  30. I cut and pasted the key and grepped in the client chroot.
  31.  
  32. grep -r "AAAAB3NzaC1kc3MAAACBALTo9JGJtBCv9rymWkO1MIeDP9NHptGnDnqTJXLnv0uPzQxEjre9y6WuuPQCw6kzIfYCh7zNIh6ioUZ6zy25WWalFsUgBubWm9W9tDw5mK1+lQRFLZ8jdLkwXOQ/slUmj5pE+4j0aZljxgpIe2f60FKX656CYnmgyZq+izV9MVf9AAAAFQDKu5eG1x97YEw/PjI+GOlcSzPtwQAAAIATLVwopoOu0ntvciy/3/iGwoJGinfvBQ/5qpp5ba4uHLTyyTW1fRzCA6P2PW4rV9r2CLhicvMO0UVUXL0petMrQ3iWjwTg8RH1LAavISipri/TRYEpv1gLXutBtIbXmpsCUzC8okfO3l7j8fiZeaBtvndnXN5pQOn/OMXqW4evNwAAAIEAmL5YXxApE764f19WYqKRH/CeKLuNg4/rrkoFnemZq6iUCigC+Docbpa4Q5NDslb72Q8/z9O1beJjV7FzK/fNYkwk5w7mWgzfX7u8NzBC64OVZJtPZ0fNxmy3SdlaoWhtANxqkwRXdVu16rYbeoEcb0xiThlYkqeihy6uhiTAl7Q=" /opt/ltsp/lucid/etc/
  33. /opt/ltsp/lucid/etc/ssh/ssh_known_hosts:server ssh-dss AAAAB3NzaC1kc3MAA
  34. <clipped>
  35.  
  36. A match is found in the ssh_known_hosts file.
  37.  
  38. Some context:
  39.  
  40. Although this is a problem with an Ubuntu 12.04 LTSP server, it's seems it's not particularly LTSP related.  The setup is basically as follows:
  41.  
  42. Ubuntu 12.04 64bit.  Clients booting Ubuntu 10.04 32bit via PXE since the hardware of the clients need 'cmov' support and Ubuntu dropped this after 10.04.  (I tried a Debian Wheezy client, but the display driver doesn't compile and the binary version doesn't run, so I've abandoned that route).
  43.  
  44. The standard LTSP way for 12.04 is to load the client image via the NBD server using named paths, whereas previously a port was used.  The clients images boot and all the hardware is supported so keeping the image makes that way makes sense to me.
  45.  
  46. If this was an ssh compatibility issue, then connecting from the booted client to the server would be a problem, not so?  LTSP wants to connect to the server, but the prompt to add the key to the ssh_known_hosts file stalls the ldm connection.  If I go the another screen (ie 08) and manually connect, "yes" for the key, then ldm allows me to log in and all it fine.
  47. I can't use the "correct" key though, since the key is hashed and not just text.
  48.  
  49. So, what can I do the resolved this problem?
  50.  
  51. O, lastly, this was working fine before and suddenly just stopped working.  Unfortunately I cannot recall what I had done just before that. :-(
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!