ssh 'connection reset by peer' problem since 5.8p1

Corinna Vinschen vinschen at redhat.com
Sat Mar 26 00:20:40 EST 2011


Ping 2.


If there's a good reason that none of the core developers bothers to
comment further on this serious problem, it would be nice to let us
folks at least know why.


On Mar 18 20:19, Corinna Vinschen wrote:
> Ping?
> 
> On Mar  7 20:29, Corinna Vinschen wrote:
> > Hi Darren,
> > 
> > On Feb 17 23:27, Darren Tucker wrote:
> > > On 17/02/2011 10:34 PM, Corinna Vinschen wrote:
> > > >As an additional datapoint, we had a couple of similar bug reports after
> > > >I upgraded openssh in the Cygwin distro to 5.7p1 and then 5.8p1.  One of
> > > >them even comes with a set of debug output of working (5.6p1) and
> > > >non-working (5.8p1) connection attempts:
> > > [...]
> > > >However, I tried with various older versions of SSH running on Cygwin,
> > > >Linux and Solaris to connect from 5.8p1 myself, and I'm unable to
> > > >reproduce this problem.
> > > 
> > > Thanks for the extra info.  I haven't been able to reproduce either.
> > > I've tried building 5.5p1 and 4.3p1 against (locally built) OpenSSL
> > > 0.9.6b and 0.9.8d.  There seems to be some piece of the puzzle
> > > missing...
> > > 
> > > I diffed the working and non working clients, and one difference is:
> > > debug1: sending SSH2_MSG_KEX_ECDH_INIT
> > > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
> > > 
> > > although I'm not sure that's significant since Oren's output had
> > > SSH2_MSG_KEX_DH_GEX_GROUP.  You could try forcing it with "ssh -vvv
> > > -o KexAlgorithms=diffie-hellman-group-exchange-sha1 server"
> > > 
> > > (aside: I now want to add OpenSSL's version output to the server
> > > debug output)
> > 
> > is there any progress in that matter?


Corinna

-- 
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat


More information about the openssh-unix-dev mailing list