Hi mikrotik people, i've got an x86 powered by 5.7 that give me a problem with ssh. When a user try to log it with this protocol, mikrotik with normal level off logging return two ssh,error:

"key not loaded"
"host pub key not loaded"

I attach the ssh,debug log.

Can someone help me?

can you describe problem in more detail? Or only problem that you have is that you see these messages in log?

Dear janisk, the problem is that i cannot open ssh connections to the x86 host. When i open a connection to the sshd i received those error message.

do this user have ssh key assigned to it. Do user have private key to access the router?

user don't use key auth, it used simple auth.

it seems i was not clear enough with my question:

is RouterOS user set up to use public key? And then user trying to connect fails.


What client is this. what you see in debug output of the client.

also, i could not find strings you mention in the log.txt file you have attached to the thread.

try to reinstall router using netinstall tool.

I'v found another APs x86 with fresh installed 5.7 routeros that have got the same problem.

This is the output of the ssh cliente when i try to connecto to it:

taglio@hammer:~/Work/34T/firmware/mikrotik$ ssh admin@172.31.33.15
Received disconnect from 172.31.33.15: 3:
taglio@hammer:~/Work/34T/firmware/mikrotik$

All the others service work great.

Problem reported from normal logging system:

11:09:12 ssh,error key not loaded
11:09:12 ssh,error host pub key not loaded


Problem reported from ssh,debug,packet:

11:12:04 ssh,debug connection accepted from: 172.31.33.59:40807 (11)
11:12:04 ssh,debug,packet sending string
11:12:04 ssh,debug,packet SSH-2.0-ROSSSH\r
11:12:04 ssh,debug,packet
11:12:04 ssh,debug client version: SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
11:12:04 ssh,debug transport state: 0 --> 1
11:12:04 ssh,debug,packet packet create: 14
11:12:04 ssh,debug,packet ----- sending -----
11:12:04 ssh,debug,packet => offset:168 [0x168]
11:12:04 ssh,debug,packet => size:100 [0x100]
11:12:04 ssh,debug,packet 0000 0164 0814 299b f1b5 45c3 df94 cb3f
11:12:04 ssh,debug,packet 35c5 ddcc 7781 0000 007e 6469 6666 6965
11:12:04 ssh,debug,packet 2d68 656c 6c6d 616e 2d67 726f 7570 2d65
11:12:04 ssh,debug,packet 7863 6861 6e67 652d 7368 6132 3536 2c64
11:12:04 ssh,debug,packet 6966 6669 652d 6865 6c6c 6d61 6e2d 6772
11:12:04 ssh,debug,packet 6f75 702d 6578 6368 616e 6765 2d73 6861
11:12:04 ssh,debug,packet 312c 6469 6666 6965 2d68 656c 6c6d 616e
11:12:04 ssh,debug,packet 2d67 726f 7570 3134 2d73 6861 312c 6469
11:12:04 ssh,debug,packet 6666 6965 2d68 656c 6c6d 616e 2d67 726f
11:12:04 ssh,debug,packet 7570 312d 7368 6131 0000 0007 7373 682d
11:12:04 ssh,debug,packet 6473 7300 0000 3661 6573 3139 322d 6362
11:12:04 ssh,debug,packet 632c 6165 7331 3238 2d63 6263 2c61 6573
11:12:04 ssh,debug,packet 3235 362d 6362 632c 626c 6f77 6669 7368
11:12:04 ssh,debug,packet 2d63 6263 2c33 6465 732d 6362 6300 0000
11:12:04 ssh,debug,packet 3661 6573 3139 322d 6362 632c 6165 7331
11:12:04 ssh,debug,packet 3238 2d63 6263 2c61 6573 3235 362d 6362
11:12:04 ssh,debug,packet --------------------
11:12:04 ssh,debug,packet ----- recieved -----
11:12:04 ssh,debug,packet => offset:478 [0x478]
11:12:04 ssh,debug,packet => size:100 [0x100]
11:12:04 ssh,debug,packet 0000 0474 0414 cbe7 4968 6bbd 861b aa81
11:12:04 ssh,debug,packet 4dd9 ed18 955c 0000 00b7 6563 6468 2d73
11:12:04 ssh,debug,packet 6861 322d 6e69 7374 7032 3536 2c65 6364
11:12:04 ssh,debug,packet 682d 7368 6132 2d6e 6973 7470 3338 342c
11:12:04 ssh,debug,packet 6563 6468 2d73 6861 322d 6e69 7374 7035
11:12:04 ssh,debug,packet 3231 2c64 6966 6669 652d 6865 6c6c 6d61
11:12:04 ssh,debug,packet 6e2d 6772 6f75 702d 6578 6368 616e 6765
11:12:04 ssh,debug,packet 2d73 6861 3235 362c 6469 6666 6965 2d68
11:12:04 ssh,debug,packet 656c 6c6d 616e 2d67 726f 7570 2d65 7863
11:12:04 ssh,debug,packet 6861 6e67 652d 7368 6131 2c64 6966 6669
11:12:04 ssh,debug,packet 652d 6865 6c6c 6d61 6e2d 6772 6f75 7031
11:12:04 ssh,debug,packet 342d 7368 6131 2c64 6966 6669 652d 6865
11:12:04 ssh,debug,packet 6c6c 6d61 6e2d 6772 6f75 7031 2d73 6861
11:12:04 ssh,debug,packet 3100 0001 3a73 7368 2d64 7373 2d63 6572
11:12:04 ssh,debug,packet 742d 7630 3140 6f70 656e 7373 682e 636f
11:12:04 ssh,debug,packet 6d2c 7373 682d 6473 732d 6365 7274 2d76
11:12:04 ssh,debug,packet --------------------
11:12:04 ssh,debug kex algo: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
11:12:04 ssh,debug host key algo: ssh-dss-cert-v01@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-dss,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openss
11:12:04 ssh,debug h.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa
11:12:04 ssh,debug enc algo CS: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
11:12:04 ssh,debug enc algo SC: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
11:12:04 ssh,debug mac algo CS: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
11:12:04 ssh,debug mac algo SC: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
11:12:04 ssh,debug comp algo CS: none,zlib@openssh.com,zlib
11:12:04 ssh,debug comp algo SC: none,zlib@openssh.com,zlib
11:12:04 ssh,debug packet follows: 0
11:12:04 ssh,debug agreed on: diffie-hellman-group-exchange-sha256 aes128-cbc aes128-cbc hmac-md5 hmac-md5 none none
11:12:04 ssh,debug,packet ----- recieved -----
11:12:04 ssh,debug,packet => offset:18 [0x18]
11:12:04 ssh,debug,packet => size:18 [0x18]
11:12:04 ssh,debug,packet 0000 0014 0622 0000 0400 0000 0400 0000
11:12:04 ssh,debug,packet 2000 0000 0000 0000
11:12:04 ssh,debug,packet --------------------
11:12:04 ssh,debug,packet packet create: 1f
11:12:04 ssh,debug,packet ----- sending -----
11:12:04 ssh,debug,packet => offset:98 [0x98]
11:12:04 ssh,debug,packet => size:98 [0x98]
11:12:04 ssh,debug,packet 0000 0094 081f 0000 0081 00ff ffff ffff
11:12:04 ssh,debug,packet ffff ffc9 0fda a221 68c2 34c4 c662 8b80
11:12:04 ssh,debug,packet dc1c d129 024e 088a 67cc 7402 0bbe a63b
11:12:04 ssh,debug,packet 139b 2251 4a08 798e 3404 ddef 9519 b3cd
11:12:04 ssh,debug,packet 3a43 1b30 2b0a 6df2 5f14 374f e135 6d6d
11:12:04 ssh,debug,packet 51c2 45e4 85b5 7662 5e7e c6f4 4c42 e9a6
11:12:04 ssh,debug,packet 37ed 6b0b ff5c b6f4 06b7 edee 386b fb5a
11:12:04 ssh,debug,packet 899f a5ae 9f24 117c 4b1f e649 2866 51ec
11:12:04 ssh,debug,packet e653 81ff ffff ffff ffff ff00 0000 0102
11:12:04 ssh,debug,packet 68f4 7170 d31f 16cf
11:12:04 ssh,debug,packet --------------------
11:12:04 ssh,debug,packet ----- recieved -----
11:12:04 ssh,debug,packet => offset:90 [0x90]
11:12:04 ssh,debug,packet => size:90 [0x90]
11:12:04 ssh,debug,packet 0000 008c 0520 0000 0081 008d abc3 7479
11:12:04 ssh,debug,packet 678e c97a f7b1 665f 32bc 94ee 9580 a810
11:12:04 ssh,debug,packet 2ef0 1882 39c2 9637 f592 9370 c1c4 15e9
11:12:04 ssh,debug,packet c603 afb6 e2df 4010 3a15 4f32 2d5a e9e8
11:12:04 ssh,debug,packet ab54 134a 07d7 a560 3a5c a9ea 50e0 5ad3
11:12:04 ssh,debug,packet 1c02 49e3 4b0d 78bc ebd5 070d 40ea df0c
11:12:04 ssh,debug,packet 3a53 ab8a e93d f71b 00a1 4421 b6b4 0745
11:12:04 ssh,debug,packet 3d7a 64f2 3aba 3c28 3f49 d5f0 c162 d04c
11:12:04 ssh,debug,packet 14f1 0090 6c78 7f81 3203 7f00 0000 0000
11:12:04 ssh,debug,packet --------------------
11:12:04 ssh,debug trying PEM container..
11:12:04 ssh,error key not loaded
11:12:04 ssh,error host pub key not loaded
11:12:04 ssh,debug code 0x02000003 closing..
11:12:04 ssh,debug,packet packet create: 1
11:12:04 ssh,debug,packet ----- sending -----
11:12:04 ssh,debug,packet => offset:18 [0x18]
11:12:04 ssh,debug,packet => size:18 [0x18]
11:12:04 ssh,debug,packet 0000 0014 0601 0000 0003 0000 0000 0000
11:12:04 ssh,debug,packet 0000 098b 626a 263c
11:12:04 ssh,debug,packet --------------------
11:12:04 ssh,debug closing connection: <> 172.31.33.59:40807 (11)

I got same problem

There was absolutly clear instalation on x86, 8GB compact flash, version 5.6 (same with 5.7). Every servicies working great, but SSH doesn´t. I have also tried to change service port from 22 to another, but problem is still same.

When I have tried to connect by putty, I get message "Server sent disconnect message type 3 (key exchange failed). In RouterOS Log, there is

ssh error : key not loaded
ssh error : host pub key not loaded

With other programs, there is mostly no response, just connection closed without response...

but during the instalation, there was lines with SSH key generation, so I don´t know, where could be problem :-/ It´s only on 5.6 and 5.7 version, on 5.5 I didn´t have problem with it....please, can someone help me with it ?

***instaled packages
Flags: X - disabled
# NAME VERSION SCHEDULED
0 system 5.7
1 routeros-x86 5.7
2 X ipv6 5.7
3 ups 5.7
4 routerboard 5.7
5 wireless 5.7
6 hotspot 5.7
7 dhcp 5.7
8 mpls 5.7
9 routing 5.7
10 ppp 5.7
11 security 5.7
12 advanced-tools 5.7


Thank you very much.

Yours sincerely, Ondrej

hmmm... checked with 5.7 and 5.8 (both x86) - PuTTy connects w/o errors...

try to reinstall router with netinstall tool.

Same issue here, 25% of the MT433AH i have upgraded to 5.7 are now not allowing ssh to connect.

These units are in the field and cannot be access via net install.

Please advice on a fix, i could try to force a downgrade to 4.17 and then 5.7 again.

Martin Madsen

I have tried to reinstall, again version 5.6, also tried version 5.7 from .iso (cd-rom) and still same problem. Using x86, I have also tried new license on new compact flash card, and problem is still same. During the instalation, there is lines with generating ssh keys, everything is OK, no error, but ssh still not working. So definitely, there is some problem in Router OS for x86. I got about 400 routerboards upgraded to version 5.6 and there is SSH connection working 100%, bud on x86 it fails.

I don´t know why, because I got 5 same servers with x86 and only 2 has problems with ssh after upgrade on 5.6 / 5.7 or new install.

Yours sincerely, Ondrej

Same thing here - MT 450G OS 5.7 - Version 5.6 works fine.

Cheers

M


[admin@HiTech-Hotspot] > /system ssh 172.16.32.1 user=admin
password:
password:
password:
password:
password:
password:
password:

Welcome back!
[admin@HiTech-Hotspot] >

can any of you provide logs of connection attempt

[admin@HiTech-Hotspot] >
(21 messages discarded)
echo: ssh,debug,packet --------------------
echo: ssh,debug,packet ----- recieved -----
echo: ssh,debug,packet => offset:44 [0x44]
echo: ssh,debug,packet => size:44 [0x44]
echo: ssh,debug,packet 0000 002c 0f01 0000 000b 0000 000f 7469
echo: ssh,debug,packet 6d65 6f75 7420 7265 6163 6865 6400 0000
echo: ssh,debug,packet 000b b5a7 ee23 987d ea58 028a 9d1a 829d
echo: ssh,debug,packet 79b2 dbc1 1de4 0f00 ebb6 2281 5d28 3b50
echo: ssh,debug,packet 18d2 1c47
echo: ssh,debug,packet --------------------
echo: ssh,debug peer disconnected : 11 timeout reached
echo: ssh,debug closing connection: 172.16.32.1:22 (8)


hth

Hello,

I don´t know, if is it help for someone, but I have tried to downgrade version to 4.17 and SSH works. After upgrade 5.6, 5.7, 5.8 doesn´t work. I have tried it 3 times, and everytime it was same, on version 4.17 SSH works, on 5.6 and higher doesn´t work. In log file, there is still same error :


ssh error : key not loaded
ssh error : host pub key not loaded

Yours sincerely, Ondrej

on 5.8 turn on logging (if not set already) and create supout.rif after unsuccessful login and send it to support. Thanks in advance.

13:10:02 system,info,account user admin logged in from xxx.xxx.xxx.xxx via api
13:10:03 ssh,error key not loaded
13:10:03 ssh,error host pub key not loaded
13:10:03 system,info,account user admin logged out from xxx.xxx.xxx.xxx via api
13:10:03 system,info,account user admin logged in from xxx.xxx.xxx.xxx via api
13:10:03 system,info,account user admin logged out from xxx.xxx.xxx.xxx via api
13:10:04 system,info log rule added by admin
13:10:13 ssh,debug,packet SSH: 6dc9 8afa 1ae6 9bca a3ea be7f 6f3e ae07
13:10:13 ssh,debug,packet SSH: 16ad afd8 b841 887b 1fda d719 904e 59c7
13:10:13 ssh,debug,packet SSH: c30c 20c3 45d8 b285 07e7 6065 ecf8 abaf
13:10:13 ssh,debug,packet SSH: 82a9 8a4f 322d e4d4 8522 c2db fbb0 bf8d
13:10:13 ssh,debug,packet SSH: 5c75 b5f8 9691 24af b80d 47c3 bbd2 d2f4
13:10:13 ssh,debug,packet SSH: 148a 77a5 d250 bc0d 3700 864d 5986 9b6d
13:10:13 ssh,debug,packet SSH: 6e0d 965f a990 4d3b e9b7 0000 0000 0000
13:10:13 ssh,debug,packet SSH: --------------------
13:10:13 ssh,debug SSH: trying PEM container..
13:10:13 ssh,error key not loaded
13:10:13 ssh,error SSH: key not loaded
13:10:13 ssh,error host pub key not loaded
13:10:13 ssh,error SSH: host pub key not loaded
13:10:13 ssh,debug SSH: code 0x02000003 closing..
13:10:13 ssh,debug,packet SSH: packet create: 1
13:10:13 ssh,debug,packet SSH: ----- sending -----
13:10:13 ssh,debug,packet SSH: => offset:18 [0x18]
13:10:13 ssh,debug,packet SSH: => size:18 [0x18]
13:10:13 ssh,debug,packet SSH: 0000 0014 0601 0000 0003 0000 0000 0000
13:10:13 ssh,debug,packet SSH: 0000 afa7 1d7e c8b0
13:10:13 ssh,debug,packet SSH: --------------------
13:10:13 ssh,debug SSH: closing connection: <> xxx.xxx.xxx.xxx:57311 (11)
13:10:13 system,info,account user admin logged in from xxx.xxx.xxx.xxx via api
13:10:13 system,info,account user admin logged out from xxx.xxx.xxx.xxx via api
13:10:29 ssh,debug SSH: connection accepted from: xxx.xxx.xxx.xxx:57420 (11)
13:10:29 ssh,debug,packet SSH: sending string
13:10:29 ssh,debug,packet SSH: SSH-2.0-ROSSSH\r
13:10:29 ssh,debug,packet SSH:
13:10:29 ssh,debug SSH: client version: SSH-2.0-1.30
13:10:29 ssh,debug SSH: transport state: 0 --> 1
13:10:29 ssh,debug,packet SSH: packet create: 14
13:10:29 ssh,debug,packet SSH: ----- sending -----
13:10:29 ssh,debug,packet SSH: => offset:168 [0x168]
13:10:29 ssh,debug,packet SSH: => size:100 [0x100]
13:10:29 ssh,debug,packet SSH: 0000 0164 0814 1737 dc68 c37b e952 abfb
13:10:29 ssh,debug,packet SSH: 399c 3575 5df1 0000 007e 6469 6666 6965
13:10:29 ssh,debug,packet SSH: 2d68 656c 6c6d 616e 2d67 726f 7570 2d65
13:10:29 ssh,debug,packet SSH: 7863 6861 6e67 652d 7368 6132 3536 2c64
13:10:29 ssh,debug,packet SSH: 6966 6669 652d 6865 6c6c 6d61 6e2d 6772
13:10:29 ssh,debug,packet SSH: 6f75 702d 6578 6368 616e 6765 2d73 6861
13:10:29 ssh,debug,packet SSH: 312c 6469 6666 6965 2d68 656c 6c6d 616e
13:10:29 ssh,debug,packet SSH: 2d67 726f 7570 3134 2d73 6861 312c 6469
13:10:29 ssh,debug,packet SSH: 6666 6965 2d68 656c 6c6d 616e 2d67 726f
13:10:29 ssh,debug,packet SSH: 7570 312d 7368 6131 0000 0007 7373 682d
13:10:29 ssh,debug,packet SSH: 6473 7300 0000 3661 6573 3139 322d 6362
13:10:29 ssh,debug,packet SSH: 632c 6165 7331 3238 2d63 6263 2c61 6573
13:10:29 ssh,debug,packet SSH: 3235 362d 6362 632c 626c 6f77 6669 7368
13:10:29 ssh,debug,packet SSH: 2d63 6263 2c33 6465 732d 6362 6300 0000
13:10:29 ssh,debug,packet SSH: 3661 6573 3139 322d 6362 632c 6165 7331
13:10:29 ssh,debug,packet SSH: 3238 2d63 6263 2c61 6573 3235 362d 6362
13:10:29 ssh,debug,packet SSH: --------------------
13:10:29 ssh,debug,packet SSH: ----- recieved -----
13:10:29 ssh,debug,packet SSH: => offset:d8 [0xd8]
13:10:29 ssh,debug,packet SSH: => size:d8 [0xd8]
13:10:29 ssh,debug,packet SSH: 0000 00d4 0614 d928 a8ed 974b eed4 25ce
13:10:29 ssh,debug,packet SSH: c8dc 3357 d113 0000 001a 6469 6666 6965
13:10:29 ssh,debug,packet SSH: 2d68 656c 6c6d 616e 2d67 726f 7570 312d
13:10:29 ssh,debug,packet SSH: 7368 6131 0000 000f 7373 682d 6473 732c
13:10:29 ssh,debug,packet SSH: 7373 682d 7273 6100 0000 1d33 6465 732d
13:10:29 ssh,debug,packet SSH: 6362 632c 626c 6f77 6669 7368 2d63 6263
13:10:29 ssh,debug,packet SSH: 2c61 7263 666f 7572 0000 001d 3364 6573
13:10:29 ssh,debug,packet SSH: 2d63 6263 2c62 6c6f 7766 6973 682d 6362
13:10:29 ssh,debug,packet SSH: 632c 6172 6366 6f75 7200 0000 1268 6d61
13:10:29 ssh,debug,packet SSH: 632d 7368 6131 2c68 6d61 632d 6d64 3500
13:10:29 ssh,debug,packet SSH: 0000 1268 6d61 632d 7368 6131 2c68 6d61
13:10:29 ssh,debug,packet SSH: 632d 6d64 3500 0000 046e 6f6e 6500 0000
13:10:29 ssh,debug,packet SSH: 046e 6f6e 6500 0000 0000 0000 0000 0000
13:10:29 ssh,debug,packet SSH: 0000 0000 0000 0000
13:10:29 ssh,debug,packet SSH: --------------------
13:10:29 ssh,debug SSH: kex algo: diffie-hellman-group1-sha1
13:10:29 ssh,debug SSH: host key algo: ssh-dss,ssh-rsa
13:10:29 ssh,debug SSH: enc algo CS: 3des-cbc,blowfish-cbc,arcfour
13:10:29 ssh,debug SSH: enc algo SC: 3des-cbc,blowfish-cbc,arcfour
13:10:29 ssh,debug SSH: mac algo CS: hmac-sha1,hmac-md5
13:10:29 ssh,debug SSH: mac algo SC: hmac-sha1,hmac-md5
13:10:29 ssh,debug SSH: comp algo CS: none
13:10:29 ssh,debug SSH: comp algo SC: none
13:10:29 ssh,debug SSH: packet follows: 0
13:10:29 ssh,debug SSH: agreed on: diffie-hellman-group1-sha1 3des-cbc 3des-cbc hm
ac-sha1 hmac-sha1 none none
13:10:29 ssh,debug,packet SSH: ----- recieved -----
13:10:29 ssh,debug,packet SSH: => offset:90 [0x90]
13:10:29 ssh,debug,packet SSH: => size:90 [0x90]
13:10:29 ssh,debug,packet SSH: 0000 008c 061e 0000 0080 1514 ea3f 9707
13:10:29 ssh,debug,packet SSH: 5ac5 25ea 9d0e b5e4 657a 3195 5b8d a76f
13:10:29 ssh,debug,packet SSH: 0587 7e1f 9f1b cc3b 38e1 1ef1 2439 2c3d
13:10:29 ssh,debug,packet SSH: 8a14 cea3 36e2 e816 fd27 2d00 1a6e 9dee
13:10:29 ssh,debug,packet SSH: c778 98ad 785c 6a32 0174 70e2 2a08 9a5a
13:10:29 ssh,debug,packet SSH: 8879 15dc f349 a52e 1dda 2913 c6f5 8ef3
13:10:29 ssh,debug,packet SSH: 830e d609 b4e3 66dd d8ff 78c8 b621 7873
13:10:29 ssh,debug,packet SSH: 8b6c 991f 4298 cea8 6b4e b20c 95ed 7f05
13:10:29 ssh,debug,packet SSH: 9c90 2a96 9d01 cd27 5749 0000 0000 0000
13:10:29 ssh,debug,packet SSH: --------------------
13:10:29 ssh,debug SSH: trying PEM container..
13:10:29 ssh,error key not loaded
13:10:29 ssh,error SSH: key not loaded
13:10:29 ssh,error host pub key not loaded
13:10:29 ssh,error SSH: host pub key not loaded
13:10:29 ssh,debug SSH: code 0x02000003 closing..
13:10:29 ssh,debug,packet SSH: packet create: 1
13:10:29 ssh,debug,packet SSH: ----- sending -----
13:10:29 ssh,debug,packet SSH: => offset:18 [0x18]
13:10:29 ssh,debug,packet SSH: => size:18 [0x18]
13:10:29 ssh,debug,packet SSH: 0000 0014 0601 0000 0003 0000 0000 0000
13:10:29 ssh,debug,packet SSH: 0000 a08f 2e9b e92c
13:10:29 ssh,debug,packet SSH: --------------------
13:10:29 ssh,debug SSH: closing connection: <> xxx.xxx.xxx.xxx:57420 (11)
13:10:29 system,info,account user admin logged in from xxx.xxx.xxx.xxx via api
13:10:29 system,info,account user admin logged out from xxx.xxx.xxx.xxx via api
13:11:18 system,info,account user admin logged in from xxx.xxx.xxx.xxx via telnet

Hello,

Seing that this still comes up sometimes even on 5.11 and 5.12 - I'm wondering if this is somehow related to an installation error. I remember that the first time I boot routeros, it generates the server keys. This is not generated when I upgrade or downgrade. So if the initial key generation failes this problem might still be present no matter which version you upgrade to.... so the question is if there is a way to regenaret the SSH keys from the command line?

GL

Hello,

Seing that this still comes up sometimes even on 5.11 and 5.12 - I'm wondering if this is somehow related to an installation error. I remember that the first time I boot routeros, it generates the server keys. This is not generated when I upgrade or downgrade. So if the initial key generation failes this problem might still be present no matter which version you upgrade to.... so the question is if there is a way to regenaret the SSH keys from the command line?

GL

I think, that it´s not problem with upgrade or downgrade, because it fails even in new instalation (new flash card + new license). I have tried also reinstall due net install....still same problem on some x86 servers, so I have downgraded to 4.17....I didn´t found no other way, like with nv2 on x86 - it will never works corectly I was big fan of Mikrotik, but lately, I have to admit that it´s good only for routing.

there was a version that had some problems (not all installation had this problems) but one or both of the keys where missing.if you install same older RouterOS version, you might encounter same problem over and over again. try with 5.12 reinstalled using netinstall or CD-install (fill force key generation, as there is no other way how to change that on working system).

4.17 had its own problems set related to sshd as result completely new sshd was created and included in 5.x

If you want my personal opinion - go with 5.12

try with 5.12 reinstalled using netinstall or CD-install (fill force key generation, as there is no other way how to change that on working system).

won't "/system reset" force key generation too?..

try with 5.12 reinstalled using netinstall or CD-install (fill force key generation, as there is no other way how to change that on working system).

won't "/system reset" force key generation too?..

Yes good call. I had the same issue on an RB1100AHx2 /system reset-configuration forced it to generate ssh keys

Of course I had to put the config back in afterwards


Nick.

try with 5.12 reinstalled using netinstall or CD-install (fill force key generation, as there is no other way how to change that on working system).

won't "/system reset" force key generation too?..

Why don't add a:
It'll be useful.

won't "/system reset" force key generation too?..

if you can restore configuration after /system reset-configuration, then most probably you are able to do the netinstall on the device. (Tunnel to closest device bridge the port (ether13) and install away)

won't "/system reset" force key generation too?..

if you can restore configuration after /system reset-configuration, then most probably you are able to do the netinstall on the device. (Tunnel to closest device bridge the port (ether13) and install away)

Unless, like me, the router is remote, you don't have anything plugged into ether13, and, even if I did, don't have a handy Windows machine on site, then this ideal! Going to give it a try as soon as I've moved our live service to the other datacentre

Chris

remote installation - 2 routers that has to be connected through ether13 (in case of RB1100AH) create tunnel, bridge it to port and install other device.

so only thing that is required - 2 rotuers on remote end to be able to use netinstall.

I have same problem with ssh.

version: 5.20
arch: x86 (vmware)

you can use cd-install to reinstall RouterOS.

you can use cd-install to reinstall RouterOS.

Thank you, I run system reset-configuration and it fixed. But It will be good if there will be one little button for regenerating ssh keys.

What's new in 5.19 (2012-Jul-16 10:51):

*) ssh - added /ip ssh regenerate-host-key which will regenerate current host key;

wow. Thank you. It worked on another router.
If i knew that yesterday.. eh.