Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssh connection not work #307

Closed
micron10 opened this issue May 17, 2022 · 8 comments · Fixed by #311 or #312
Closed

ssh connection not work #307

micron10 opened this issue May 17, 2022 · 8 comments · Fixed by #311 or #312

Comments

@micron10
Copy link

Hi i try to run ssh manager but after add private key , public key , hosts and all other and run : php artisan ssham:send to send update .
update code from git.
Ubuntu server 20.04 lts

php artisan ssham:send
Pending hosts to be updated: 2
Updating keys for admin@ssh-server...
Updating keys for [email protected]...

/usr/sbin/sshd -Dd -p 2222
debug1: sshd version OpenSSH_9.0, OpenSSL 1.1.1o 3 May 2022
debug1: private host key #0: ssh-rsa SHA256:0Ia/OdHMUTp9LSOttrLpH19Fgyny1j3yjLv44W/XZ0U
debug1: private host key #1: ssh-rsa SHA256:6vS/SaLj722wcIe6ARmrkQYFYptwXNb0SJ4b8YrISpI
debug1: private host key #2: ssh-dss SHA256:+I8lbOAxcUl8GbYpjtMGhjjJZ0ID0gS8pkwB/TFobG8
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-Dd'
debug1: rexec_argv[2]='-p'
debug1: rexec_argv[3]='2222'
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 2222 on 0.0.0.0.
Server listening on 0.0.0.0 port 2222.
debug1: Bind to port 2222 on ::.
Server listening on :: port 2222.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: sshd version OpenSSH_9.0, OpenSSL 1.1.1o 3 May 2022
debug1: private host key #0: ssh-rsa SHA256:0Ia/OdHMUTp9LSOttrLpH19Fgyny1j3yjLv44W/XZ0U
debug1: private host key #1: ssh-rsa SHA256:6vS/SaLj722wcIe6ARmrkQYFYptwXNb0SJ4b8YrISpI
debug1: private host key #2: ssh-dss SHA256:+I8lbOAxcUl8GbYpjtMGhjjJZ0ID0gS8pkwB/TFobG8
debug1: inetd sockets after dupping: 3, 3
Connection from 192.168.10.1 port 45312 on 192.168.10.2 port 2222 rdomain ""
debug1: Local version string SSH-2.0-OpenSSH_9.0
debug1: Remote protocol version 2.0, remote software version phpseclib_3.0 (libsodium, openssl)
debug1: compat_banner: no match: phpseclib_3.0 (libsodium, openssl)
debug1: permanently_set_uid: 100/65534 [preauth]
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-rsa [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: algorithm: curve25519-sha256 [preauth]
debug1: kex: host key algorithm: rsa-sha2-256 [preauth]
debug1: kex: client->server cipher: [email protected] MAC: compression: none [preauth]
debug1: kex: server->client cipher: [email protected] MAC: compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: SSH2_MSG_KEX_ECDH_INIT received [preauth]
debug1: rekey out after 4294967296 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: rekey in after 4294967296 blocks [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user root service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: userauth-request for user root service ssh-connection method password [preauth]
debug1: attempt 1 failures 0 [preauth]
Failed password for root from 192.168.10.1 port 45312 ssh2
debug1: Unable to open the btmp file /var/log/btmp: No such file or directory
Received disconnect from 192.168.10.1 port 45312:11: [preauth]
Disconnected from authenticating user root 192.168.10.1 port 45312 [preauth]
debug1: do_cleanup [preauth]
debug1: monitor_read_log: child log fd closed
debug1: do_cleanup
debug1: Killing privsep child 516340

3 time regenerate ssh key but not help .
@micron10
Copy link
Author

@pacoorozco
Please update if you have time

@micron10
Copy link
Author

@pacoorozco
One more
after run :
php artisan ssham:send
Pending hosts to be updated: 1
Updating keys for [email protected]...

All done!

But in web stay Pending sync - yes

Clear install remove all db and php src ,
and make step by step install from clean

@micron10
Copy link
Author

@pacoorozco one more update :

after add # in .env line QUEUE_CONNECTION

back to work mode, but with same problem not make connection with key and in log i see :

php artisan ssham:send
Pending hosts to be updated: 1
Updating keys for [email protected]...

All done!

/usr/sbin/sshd -Dddd -p 2222
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 588
debug2: parse_server_config_depth: config /etc/ssh/sshd_config len 588
debug3: /etc/ssh/sshd_config:1 setting Port 22
debug3: /etc/ssh/sshd_config:2 setting Protocol 2,1
debug2: /etc/ssh/sshd_config line 2: Deprecated option Protocol
debug3: /etc/ssh/sshd_config:3 setting HostKey /etc/ssh/ssh_host_key
debug3: /etc/ssh/sshd_config:4 setting HostKey /etc/ssh/ssh_host_rsa_key
debug3: /etc/ssh/sshd_config:5 setting HostKey /etc/ssh/ssh_host_dsa_key
debug3: /etc/ssh/sshd_config:6 setting AuthorizedKeysFile /root/.ssh/authorized_keys
debug3: /etc/ssh/sshd_config:7 setting HostKeyAlgorithms +ssh-rsa
debug3: /etc/ssh/sshd_config:8 setting PubkeyAcceptedAlgorithms +ssh-rsa
debug3: /etc/ssh/sshd_config:9 setting SyslogFacility AUTHPRIV
debug3: /etc/ssh/sshd_config:11 setting LoginGraceTime 600
debug3: /etc/ssh/sshd_config:12 setting PermitRootLogin yes
debug3: /etc/ssh/sshd_config:13 setting StrictModes yes
debug3: /etc/ssh/sshd_config:14 setting PubkeyAuthentication yes
debug3: /etc/ssh/sshd_config:15 setting IgnoreRhosts yes
debug3: /etc/ssh/sshd_config:16 setting HostbasedAuthentication no
debug3: /etc/ssh/sshd_config:17 setting PermitEmptyPasswords no
debug3: /etc/ssh/sshd_config:18 setting PasswordAuthentication yes
debug3: /etc/ssh/sshd_config:19 setting ChallengeResponseAuthentication no
debug3: /etc/ssh/sshd_config:21 setting X11Forwarding no
debug3: /etc/ssh/sshd_config:22 setting X11DisplayOffset 10
debug3: /etc/ssh/sshd_config:23 setting PrintMotd no
debug3: /etc/ssh/sshd_config:24 setting KeepAlive yes
debug3: /etc/ssh/sshd_config:25 setting TCPKeepAlive yes
debug3: /etc/ssh/sshd_config:26 setting Subsystem sftp internal-sftp
debug1: sshd version OpenSSH_9.0, OpenSSL 1.1.1o 3 May 2022
debug1: private host key #0: ssh-rsa SHA256:0Ia/OdHMUTp9LSOttrLpH19Fgyny1j3yjLv44W/XZ0U
debug1: private host key #1: ssh-rsa SHA256:6vS/SaLj722wcIe6ARmrkQYFYptwXNb0SJ4b8YrISpI
debug1: private host key #2: ssh-dss SHA256:+I8lbOAxcUl8GbYpjtMGhjjJZ0ID0gS8pkwB/TFobG8
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-Dddd'
debug1: rexec_argv[2]='-p'
debug1: rexec_argv[3]='2222'
debug3: oom_adjust_setup
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 2222 on 0.0.0.0.
Server listening on 0.0.0.0 port 2222.
debug2: fd 4 setting O_NONBLOCK
debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY
debug1: Bind to port 2222 on ::.
Server listening on :: port 2222.

debug3: fd 5 is not O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 8 config len 588
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug3: recv_rexec_state: entering fd = 5
debug3: ssh_msg_recv entering
debug3: recv_rexec_state: done
debug2: parse_server_config_depth: config rexec len 588
debug3: rexec:1 setting Port 22
debug3: rexec:2 setting Protocol 2,1
debug2: rexec line 2: Deprecated option Protocol
debug3: rexec:3 setting HostKey /etc/ssh/ssh_host_key
debug3: rexec:4 setting HostKey /etc/ssh/ssh_host_rsa_key
debug3: rexec:5 setting HostKey /etc/ssh/ssh_host_dsa_key
debug3: rexec:6 setting AuthorizedKeysFile /root/.ssh/authorized_keys
debug3: rexec:7 setting HostKeyAlgorithms +ssh-rsa
debug3: rexec:8 setting PubkeyAcceptedAlgorithms +ssh-rsa
debug3: rexec:9 setting SyslogFacility AUTHPRIV
debug3: rexec:11 setting LoginGraceTime 600
debug3: rexec:12 setting PermitRootLogin yes
debug3: rexec:13 setting StrictModes yes
debug3: rexec:14 setting PubkeyAuthentication yes
debug3: rexec:15 setting IgnoreRhosts yes
debug3: rexec:16 setting HostbasedAuthentication no
debug3: rexec:17 setting PermitEmptyPasswords no
debug3: rexec:18 setting PasswordAuthentication yes
debug3: rexec:19 setting ChallengeResponseAuthentication no
debug3: rexec:21 setting X11Forwarding no
debug3: rexec:22 setting X11DisplayOffset 10
debug3: rexec:23 setting PrintMotd no
debug3: rexec:24 setting KeepAlive yes
debug3: rexec:25 setting TCPKeepAlive yes
debug3: rexec:26 setting Subsystem sftp internal-sftp
debug1: sshd version OpenSSH_9.0, OpenSSL 1.1.1o 3 May 2022
debug1: private host key #0: ssh-rsa SHA256:0Ia/OdHMUTp9LSOttrLpH19Fgyny1j3yjLv44W/XZ0U
debug1: private host key #1: ssh-rsa SHA256:6vS/SaLj722wcIe6ARmrkQYFYptwXNb0SJ4b8YrISpI
debug1: private host key #2: ssh-dss SHA256:+I8lbOAxcUl8GbYpjtMGhjjJZ0ID0gS8pkwB/TFobG8
debug1: inetd sockets after dupping: 3, 3
Connection from 192.168.10.1 port 45342 on 192.168.10.2 port 2222 rdomain ""
debug1: Local version string SSH-2.0-OpenSSH_9.0
debug1: Remote protocol version 2.0, remote software version phpseclib_3.0 (libsodium, openssl)
debug1: compat_banner: no match: phpseclib_3.0 (libsodium, openssl)
debug2: fd 3 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing seccomp filter sandbox
debug2: Network child is on pid 409691
debug3: preauth child monitor started
debug3: privsep user:group 100:65534 [preauth]
debug1: permanently_set_uid: 100/65534 [preauth]
debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
debug3: append_hostkey_type: ssh-dss key not permitted by HostkeyAlgorithms [preauth]
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-rsa [preauth]
debug3: send packet: type 20 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug3: receive packet: type 20 [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug2: local server KEXINIT proposal [preauth]
debug2: KEX algorithms: [email protected],curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 [preauth]
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-rsa [preauth]
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
debug2: compression ctos: none,[email protected] [preauth]
debug2: compression stoc: none,[email protected] [preauth]
debug2: languages ctos: [preauth]
debug2: languages stoc: [preauth]
debug2: first_kex_follows 0 [preauth]
debug2: reserved 0 [preauth]
debug2: peer client KEXINIT proposal [preauth]
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group15-sha512,diffie-hellman-group16-sha512,diffie-hellman-group17-sha512,diffie-hellman-group18-sha512,diffie-hellman-group1-sha1 [preauth]
debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss [preauth]
debug2: ciphers ctos: [email protected],[email protected],aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,twofish128-ctr,twofish192-ctr,twofish256-ctr,twofish128-cbc,twofish192-cbc,twofish256-cbc,twofish-cbc,blowfish-ctr,blowfish-cbc,3des-ctr [preauth]
debug2: ciphers stoc: [email protected],[email protected],aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc,twofish128-ctr,twofish192-ctr,twofish256-ctr,twofish128-cbc,twofish192-cbc,twofish256-cbc,twofish-cbc,blowfish-ctr,blowfish-cbc,3des-ctr [preauth]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,[email protected],[email protected],hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5 [preauth]
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,[email protected],[email protected],hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5 [preauth]
debug2: compression ctos: none,[email protected],zlib [preauth]
debug2: compression stoc: none,[email protected],zlib [preauth]
debug2: languages ctos: [preauth]
debug2: languages stoc: [preauth]
debug2: first_kex_follows 0 [preauth]
debug2: reserved 0 [preauth]
debug1: kex: algorithm: curve25519-sha256 [preauth]
debug1: kex: host key algorithm: rsa-sha2-256 [preauth]
debug1: kex: client->server cipher: [email protected] MAC: compression: none [preauth]
debug1: kex: server->client cipher: [email protected] MAC: compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug3: receive packet: type 30 [preauth]
debug1: SSH2_MSG_KEX_ECDH_INIT received [preauth]
debug3: mm_sshkey_sign: entering [preauth]
debug3: mm_request_send: entering, type 6 [preauth]
debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
debug3: mm_request_receive_expect: entering, type 7 [preauth]
debug3: mm_request_receive: entering [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 6
debug3: mm_answer_sign: entering
debug3: mm_answer_sign: rsa-sha2-256 KEX signature len=404
debug3: mm_request_send: entering, type 7
debug2: monitor_read: 6 used once, disabling now
debug3: send packet: type 31 [preauth]
debug3: send packet: type 21 [preauth]
debug2: ssh_set_newkeys: mode 1 [preauth]
debug1: rekey out after 4294967296 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug3: receive packet: type 21 [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug2: ssh_set_newkeys: mode 0 [preauth]
debug1: rekey in after 4294967296 blocks [preauth]
debug1: KEX done [preauth]
debug3: receive packet: type 5 [preauth]
debug3: send packet: type 6 [preauth]
debug3: receive packet: type 50 [preauth]
debug1: userauth-request for user root service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug3: mm_getpwnamallow: entering [preauth]
debug3: mm_request_send: entering, type 8 [preauth]
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
debug3: mm_request_receive_expect: entering, type 9 [preauth]
debug3: mm_request_receive: entering [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 8
debug3: mm_answer_pwnamallow: entering
debug2: parse_server_config_depth: config reprocess config len 588
debug3: auth_shadow_acctexpired: today 19130 sp_expire -1 days left -19131
debug3: account expiration disabled
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send: entering, type 9
debug2: monitor_read: 8 used once, disabling now
debug2: input_userauth_request: setting up authctxt for root [preauth]
debug3: mm_inform_authserv: entering [preauth]
debug3: mm_request_send: entering, type 4 [preauth]
debug2: input_userauth_request: try method none [preauth]
debug3: user_specific_delay: user specific delay 0.000ms [preauth]
debug3: ensure_minimum_time_since: elapsed 0.703ms, delaying 5.337ms (requested 6.040ms) [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 4
debug3: mm_answer_authserv: service=ssh-connection, style=
debug2: monitor_read: 4 used once, disabling now
debug3: userauth_finish: failure partial=0 next methods="publickey,password" [preauth]
debug3: send packet: type 51 [preauth]
debug3: receive packet: type 50 [preauth]
debug1: userauth-request for user root service ssh-connection method password [preauth]
debug1: attempt 1 failures 0 [preauth]
debug2: input_userauth_request: try method password [preauth]
debug3: mm_auth_password: entering [preauth]
debug3: mm_request_send: entering, type 12 [preauth]
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD [preauth]
debug3: mm_request_receive_expect: entering, type 13 [preauth]
debug3: mm_request_receive: entering [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 12
debug3: mm_answer_authpassword: sending result 0
debug3: mm_answer_authpassword: sending result 0
debug3: mm_request_send: entering, type 13
Failed password for root from 192.168.10.1 port 45342 ssh2
debug1: Unable to open the btmp file /var/log/btmp: No such file or directory
debug3: mm_auth_password: user not authenticated [preauth]
debug3: user_specific_delay: user specific delay 0.000ms [preauth]
debug3: ensure_minimum_time_since: elapsed 0.136ms, delaying 5.904ms (requested 6.040ms) [preauth]
debug3: userauth_finish: failure partial=0 next methods="publickey,password" [preauth]
debug3: send packet: type 51 [preauth]
debug3: receive packet: type 1 [preauth]
Received disconnect from 192.168.10.11 port 45342:11: [preauth]
Disconnected from authenticating user root 192.168.10.1 port 45342 [preauth]
debug1: do_cleanup [preauth]
debug1: monitor_read_log: child log fd closed
debug3: mm_request_receive: entering
debug1: do_cleanup
debug1: Killing privsep child 409691

@pacoorozco
Copy link
Owner

I'm guessing if we are talking about the same issue #305

@micron10
Copy link
Author

yes same issue.

after disable QUEUE_CONNECTION with # in .env file
and run send process start
but as you see in debug-log not try with private key and ask password

@micron10
Copy link
Author

@pacoorozco do you have telegram

@micron10
Copy link
Author

@pacoorozco

ok if sshd_config is set : PasswordAuthentication no , connect with key
but if is set to yes try to auth with password
i try with ssh client and connect without problem.

Here with enabled PasswordAuth:

debug2: input_userauth_request: setting up authctxt for superroot [preauth]
debug2: input_userauth_request: try method none [preauth]
debug2: monitor_read: 4 used once, disabling now
debug1: userauth-request for user superroot service ssh-connection method password [preauth]
debug1: attempt 1 failures 0 [preauth]
debug2: input_userauth_request: try method password [preauth]

With disabled :

debug1: userauth-request for user superroot service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug2: parse_server_config_depth: config reprocess config len 587
debug2: monitor_read: 8 used once, disabling now
debug2: input_userauth_request: setting up authctxt for superroot [preauth]
debug2: input_userauth_request: try method none [preauth]
debug2: monitor_read: 4 used once, disabling now
Received disconnect from 192.168.10.1 port 45400:11: [preauth]
Disconnected from authenticating user superroot 192.168.10.1 port 45400 [preauth]
debug1: do_cleanup [preauth]
debug1: monitor_read_log: child log fd closed
debug1: do_cleanup
debug1: Killing privsep child 626774

@micron10
Copy link
Author

One note update phpseclib to 3.0.14 but is same

its sample when run send commad to send all key for this server :(

@pacoorozco pacoorozco mentioned this issue May 26, 2022
Merged
@pacoorozco pacoorozco mentioned this issue May 27, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@pacoorozco @micron10