ssh 'connection reset by peer' problem since 5.8p1
Darren Tucker
dtucker at zip.com.au
Thu Feb 17 23:27:47 EST 2011
On 17/02/2011 10:34 PM, Corinna Vinschen wrote:
> As an additional datapoint, we had a couple of similar bug reports after
> I upgraded openssh in the Cygwin distro to 5.7p1 and then 5.8p1. One of
> them even comes with a set of debug output of working (5.6p1) and
> non-working (5.8p1) connection attempts:
[...]
> However, I tried with various older versions of SSH running on Cygwin,
> Linux and Solaris to connect from 5.8p1 myself, and I'm unable to
> reproduce this problem.
Thanks for the extra info. I haven't been able to reproduce either.
I've tried building 5.5p1 and 4.3p1 against (locally built) OpenSSL
0.9.6b and 0.9.8d. There seems to be some piece of the puzzle missing...
I diffed the working and non working clients, and one difference is:
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
although I'm not sure that's significant since Oren's output had
SSH2_MSG_KEX_DH_GEX_GROUP. You could try forcing it with "ssh -vvv -o
KexAlgorithms=diffie-hellman-group-exchange-sha1 server"
(aside: I now want to add OpenSSL's version output to the server debug
output)
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list