Find the answer to your Linux question:
Results 1 to 3 of 3
Hello, I have a failure about SSH2_MSG_KEXINIT when connecting via ssh. This ssh setup was working previously, with 'PubkeyAuthentication yes' I removed it and re-enable 'PasswordAuthentication yes' to avoid any ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    Dec 2008
    Location
    Luxembourg
    Posts
    136

    OpenSSH failure : SSH2_MSG_KEXINIT sent


    Hello,

    I have a failure about SSH2_MSG_KEXINIT when connecting via ssh.
    This ssh setup was working previously, with 'PubkeyAuthentication yes'
    I removed it and re-enable 'PasswordAuthentication yes' to avoid any potential problem with my key pair and so simplify the config but same problem.

    I'm lost here and have no idea at all ... lucky I still have access to this distant server via Webmin
    Thanks for any clue.


    --> ssh -vvv bruno@xxx.xxx

    OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007
    debug1: Reading configuration data /home/bruno/.ssh/config
    debug1: Applying options for xxx.xxx
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for xxx.xxx
    debug1: Applying options for *
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to xxx.xxx [x.x.x.x] port x
    debug1: Connection established.
    debug1: identity file /home/bruno/.ssh/identity type -1
    debug1: identity file /home/bruno/.ssh/id_rsa type -1
    debug1: identity file /home/bruno/.ssh/id_dsa type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5
    debug1: match: OpenSSH_5.1p1 Debian-5 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5
    debug2: fd 3 setting O_NONBLOCK
    debug1: SSH2_MSG_KEXINIT sent
    Connection closed by x.x.x.x

    --> sshd_config is :

    Port xxxx
    Protocol 2
    HostKey /etc/ssh/ssh_host_rsa_key
    HostKey /etc/ssh/ssh_host_dsa_key
    UsePrivilegeSeparation yes
    KeyRegenerationInterval 3600
    ServerKeyBits 768
    SyslogFacility AUTH
    LogLevel INFO
    LoginGraceTime 120
    PermitRootLogin no
    StrictModes yes
    RSAAuthentication yes
    PubkeyAuthentication yes
    IgnoreRhosts yes
    RhostsRSAAuthentication no
    HostbasedAuthentication no
    PermitEmptyPasswords no
    ChallengeResponseAuthentication no
    X11Forwarding yes
    X11DisplayOffset 10
    PrintMotd no
    PrintLastLog yes
    TCPKeepAlive yes
    AcceptEnv LANG LC_*
    Subsystem sftp /usr/lib/openssh/sftp-server
    UsePAM yes


    Thanks for your attention and any clue.
    Bye,
    Bruno

  2. #2
    Linux Newbie
    Join Date
    Dec 2008
    Location
    Luxembourg
    Posts
    136
    The message 'SSH2_MSG_KEXINIT sent' from the client openssh doesn't indicate an error by itself.

    Logs files (SSHD, networks...) on the server side needs to be investigated.

  3. #3
    Linux Newbie
    Join Date
    Dec 2008
    Location
    Luxembourg
    Posts
    136

    SOLVED : OpenSSH failure : SSH2_MSG_KEXINIT sent

    It's solved.
    It was a problem of permission as described hereafter in the SSHD log files :

    ...
    error: Permissions 0644 for '/etc/ssh/ssh_host_dsa_key' are too open. : 31 time(s)
    error: Permissions 0644 for '/etc/ssh/ssh_host_rsa_key' are too open. : 31 time(s)
    error: bad permissions: ignore key: /etc/ssh/ssh_host_dsa_key : 31 time(s)
    error: It is recommended that your private key files are NOT accessible by others. : 62 time(s)
    error: bad permissions: ignore key: /etc/ssh/ssh_host_rsa_key : 31 time(s)
    error writing /proc/self/oom_adj: Operation not permitted : 54 time(s)
    ...

    Once connected via telnet I 'sudo chmod 0600 /etc/ssh/ssh_host_?sa_key',
    re-started sshd and was able again to connect via ssh.

    Note ; it's resolved but I have no idea about why the permissions changes on these keys files...

    Bye,
    Bruno

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •