On Mon, 13 Jan 2020 at 12:23, Patrick Bégou Patrick.Begou@legi.grenoble-inp.fr wrote:
Hi,
I have a strange problem with a freshly installed Centos7 desktop (most8pc25). I can't ssh to 2 CentOS6 servers, even with firewall disabled on the client and on the server. But I can connect from the server to the client, all in the same VLAN. I can also ssh from this desktop to centos7 servers in the same VLAN or in another VLAN.
No idea about this problem.
On the server kareline (client is most8pc25), tcpdump says:
So the client is able to talk to the server and the server is responding.
On the Centos7 client, with "-v -v" ssh says:
[tec21@most8pc25 ~]$ssh -v -v kareline OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 58: Applying options for * debug1: Connecting to kareline [194.254.66.8] port 22. debug1: Connection established.
^^ this says the first part started working.
debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000 debug1: Authenticating to kareline:22 as 'tec21' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received
It got items and says it is going to use the user tec21 to login
debug2: local client KEXINIT proposal
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16 debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16 debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent Connection closed by 194.254.66.8 port 22
The server then stops the connection. I would then go through the following on the host: 1. Is fail2ban or something else dropping the connection for some reason? 2. Is there a log in /var/log/secure to say something is going on? 3. Does running the server on port 2222 in debug mode and connecting from the client give a reason for it dieing? 4. On the client and server are /etc/ssh/*_config changed from defaults and what changes are there. Sometimes saying you want XYZ algo in one and not having it in another causes dropped connections but I thought it gave an error.
I'm stuck....
Patrick
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos