Connection reset/closed by server after SSH2_MSG_KEXINIT sent in SSH
For visibility, the link on the comment by @Jakuje solved it for me.
Reset the MTU size to 576:
ifconfig eth0 mtu 576
Doing it only on the host running the ssh server worked for me, but the link suggests doing it on both server and client.
Related videos on Youtube
Admin
Updated on September 18, 2022Comments
-
Admin over 1 year
I've restarted my Fedora 25 server since not restarting it for 3 days (the only 2 things I have installed were JRE and screen) and noticed that SSH stopped working. Sometimes the connection is reset, sometimes it's closed.
sh-3.2# ssh [email protected] Connection reset by 192.168.1.127
I don't know how to view my logs since now I no longer have ssh access, but this is what is outputted if I use ssh -vvv (I'm not sure if OS X El Capitan outputs as much as a Linux)
sh-3.2# ssh -vvv [email protected] OpenSSH_6.9p1, LibreSSL 2.1.8 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 21: Applying options for * debug1: /etc/ssh/ssh_config line 56: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 192.168.1.127 [192.168.1.127] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.9 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4 debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to 192.168.1.127:22 as 'root' debug3: hostkeys_foreach: reading file "/var/root/.ssh/known_hosts" debug1: SSH2_MSG_KEXINIT sent Connection reset by 192.168.1.127 sh-3.2#
I usually connect using a public key but using one doesn't change the output above. Nginx still works completely along with Cockpit, nothing has changed network-wise. If I attempt to SSH my server into itself, then nothing changes once again. (I'm aware that always using root is unsafe but I have tried everything else)
[root@localhost ~]# ssh -vvvv localhost OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 debug1: Reading configuration data /etc/ssh/ssh_config debug3: /etc/ssh/ssh_config line 56: Including file /etc/ssh/ssh_config.d/05-red hat.conf depth 0 debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf debug1: /etc/ssh/ssh_config.d/05-redhat.conf line 2: include /etc/crypto-policie s/back-ends/openssh.config matched no files debug1: /etc/ssh/ssh_config.d/05-redhat.conf line 8: Applying options for * debug2: resolving "localhost" port 22 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to localhost [::1] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4 debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to localhost:22 as 'root' debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts" debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent Connection reset by ::1 port 22 [root@localhost ~]# ^C
Also, no other devices on my network can connect. I have not tried PuTTY however Cyberduck just tells me that "recv failed". I have noticed that the connection always resets after "SSH2_MSG_KEXINIT" is sent, but I don't know what it is.
Here's my ssh config too, all of those are commented:
[root@localhost ~]# cat /etc/ssh/ssh_config # $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $ # Host * # ForwardAgent no # ForwardX11 no # RhostsRSAAuthentication no # ConnectTimeout 0 # StrictHostKeyChecking ask # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa # IdentityFile ~/.ssh/id_ecdsa # IdentityFile ~/.ssh/id_ed25519 # Port 22 # Protocol 2 # Cipher 3des # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3d es-cbc # MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160 # EscapeChar ~ # Tunnel no # TunnelDevice any:any # PermitLocalCommand no # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com # RekeyLimit 1G 1h # # To modify the system-wide ssh configuration, create a *.conf file under # /etc/ssh/ssh_config.d/ which will be automatically included below Include /etc/ssh/ssh_config.d/*.conf
I have tried dnf reinstall openssh-server and that did not change anything. I'm not sure about anything but as I've said, I'm not sure how to view OpenSSH's logfiles (at all? am I correct about it having logs?) in Fedora 25. It would be nice if this could be fixed as it's prevented me from working for 4 hours. Thanks.
-
Jakuje over 6 yearsSounds like snailbook.com/faq/mtu-mismatch.auto.html
-