Code: Select all
> ssh username@10.170.1.15
username@10.170.1.15's password:
Read from remote host 10.170.1.15: Connection reset by peer
Connection to 10.170.1.15 closed.
Debug logs on the Mikrotik show below (Also I have a txt file with more debug info (packets) right here if that's important):
Code: Select all
15:29:15 ssh,debug auth req: falz ssh-connection password
15:29:15 ssh,debug getting user password for: falz
15:29:15 ssh,debug user falz authorized fffe 0
15:29:15 ssh,debug transport state: 2 --> 3
15:29:15 ssh,debug opening channel 0:0 100000,4000
15:29:15 ssh,debug global request: no-more-sessions@openssh.com
15:29:15 ssh,debug unimplemented: 80 in 4000200
15:29:15 ssh,debug => offset:38 [0x26]
15:29:15 ssh,debug => size:27 [0x27]
15:29:15 ssh,debug 0000 002c 0950 0000 001c 6e6f 2d6d 6f72
15:29:15 ssh,debug 652d 7365 7373 696f 6e73 406f 7065 6e73
15:29:15 ssh,debug 7368 2e63 6f6d 00
15:29:15 ssh,debug closing connection: <broken connection> ::ffff:10.170.1.15:60956 (11)
15:29:15 ssh,debug channel exit code: 0 Code: Select all
> ssh -v 10.170.1.15
OpenSSH_5.1p1 FreeBSD-20080901, OpenSSL 0.9.8q 2 Dec 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 10.170.1.15 [66.170.0.205] port 22.
debug1: Connection established.
debug1: identity file /home/falz/.ssh/identity type -1
debug1: identity file /home/falz/.ssh/id_rsa type -1
debug1: identity file /home/falz/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version ROSSSH
debug1: no match: ROSSSH
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 FreeBSD-20080901
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '10.170.1.15' is known and matches the DSA host key.
debug1: Found key in /home/falz/.ssh/known_hosts:157
debug1: ssh_dss_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/falz/.ssh/identity
debug1: Trying private key: /home/falz/.ssh/id_rsa
debug1: Trying private key: /home/falz/.ssh/id_dsa
debug1: Next authentication method: password
falz@10.170.1.15's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Received SSH2_MSG_UNIMPLEMENTED for 8
debug1: channel 0: free: client-session, nchannels 1
Connection to 10.170.1.15 closed by remote host.
Connection to 10.170.1.15 closed.
Transferred: sent 1632, received 1312 bytes, in 0.0 seconds
Bytes per second: sent 125191.7, received 100644.3
debug1: Exit status -1I can connect to the Routerboard via telnet from this host with no problem, it's something specific with SSH.
Analyzing with a packet dump shows the mikrotik (0.205 in the screenshot) sending RST- the first distorted column is source IP, second is destination:
I do use RADIUS auth on the devices but the behavior is the same with a local user as well. I've had this behavior on RB1100 as well as the above devices which is an RB/SXT running 5.6. The RB1100 that had this issue was running 5.4 or 5.5.
This happens when coming from any user on that host so it's not some issue with a known_hosts file or similar. This machine is where my RANCID install lives so unfortunately it's unable to get configs from a few devcies.
Thoughts or ideas?
Edit: Just found this thread with the same issue, same OpenSSH version of OpenSSH_5.1p1.
