[Savannah-help-public] ssh login from behind firewall fails

savannah-hackers
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-help-public] ssh login from behind firewall fails

From:	Peter Hoppe
Subject:	[Savannah-help-public] ssh login from behind firewall fails
Date:	Mon, 28 Jul 2008 18:31:21 +0100
User-agent:	Thunderbird 2.0.0.14 (X11/20080505)
Dear sir or madam,

I am registered user with Savannah (username = peter20080727) and am part of 
the traverso project. I tried to check the
project out from cvs using ssh. I did create and upload a public key as 
described in
your documentation page (http://savannah.gnu.org/maintenance/SshAccess).

Unfortunately I am unable to log into your cvs server using ssh. I have done 
the diagnosis as suggested by your document
and have pasted the commandlinbe output at the end of this mail.

I am behind a firewall (IPCop, v. 1.4.18) which is behind an adsl router. There 
seem to be problems with SSH access from
behind firewalls. Would you be able to point me to way around this problem 
without having to open ports on the firewall?
Where could I do further reading/study to find a solution to the problem?

Thank you very much for your consideration!

Peter Hoppe

-----------------------------------------------------------------------------------------------

Some diagnostic data:

> address@hidden:~$ uname -a
> Linux localhost 2.6.24-19-generic #1 SMP Fri Jul 11 21:01:46 UTC 2008 x86_64 
> GNU/Linux

> address@hidden:~$ cat /etc/issue
> Ubuntu 8.04.1 \n \l

> address@hidden:~$ ssh -V
> OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007

-----------------------------------------------------------------------------------------------

Session output - cvs command:

> address@hidden:~$ export CVS_RSH=ssh;cvs -z3 
> -d:ext:address@hidden:/sources/traverso co traverso
> Enter passphrase for key '/home/peter/.ssh/id_dsa':
> cvs [checkout aborted]: received interrupt signal
> cvs [checkout aborted]: received interrupt signal
> address@hidden:~$ 

Passphrase entered - session hangs until ctrl-c


Session output - ssh command (used three times '-v' for more output):

> address@hidden:~/Documents/programming/traverso/cvs-test$ ssh -vvv 
> address@hidden
> OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to cvs.savannah.gnu.org [199.232.41.69] port 22.
> debug1: Connection established.
> debug1: identity file /home/peter/.ssh/identity type -1
> debug1: identity file /home/peter/.ssh/id_rsa type -1
> debug3: Not a RSA1 key file /home/peter/.ssh/id_dsa.
> debug2: key_type_from_name: unknown key type '-----BEGIN'
> debug3: key_read: missing keytype
> debug2: key_type_from_name: unknown key type 'Proc-Type:'
> debug3: key_read: missing keytype
> debug2: key_type_from_name: unknown key type 'DEK-Info:'
> debug3: key_read: missing keytype
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug3: key_read: missing whitespace
> debug2: key_type_from_name: unknown key type '-----END'
> debug3: key_read: missing keytype
> debug1: identity file /home/peter/.ssh/id_dsa type 2
> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 
> Debian-9etch2
> debug1: match: OpenSSH_4.3p2 Debian-9etch2 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
> debug2: fd 5 setting O_NONBLOCK
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit: 
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit: 
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,address@hidden,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit: 
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,address@hidden,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit: 
> hmac-md5,hmac-sha1,address@hidden,hmac-ripemd160,address@hidden,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: 
> hmac-md5,hmac-sha1,address@hidden,hmac-ripemd160,address@hidden,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,address@hidden,zlib
> debug2: kex_parse_kexinit: none,address@hidden,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit: 
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit: 
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,address@hidden,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit: 
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,address@hidden,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit: 
> hmac-md5,hmac-sha1,hmac-ripemd160,address@hidden,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: 
> hmac-md5,hmac-sha1,hmac-ripemd160,address@hidden,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,address@hidden
> debug2: kex_parse_kexinit: none,address@hidden
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_setup: found hmac-md5
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug2: mac_setup: found hmac-md5
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug2: dh_gen_key: priv key bits set: 138/256
> debug2: bits set: 481/1024
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug3: check_host_in_hostfile: filename /home/peter/.ssh/known_hosts
> debug3: check_host_in_hostfile: match line 3
> debug3: check_host_in_hostfile: filename /home/peter/.ssh/known_hosts
> debug3: check_host_in_hostfile: match line 4
> debug1: Host 'cvs.savannah.gnu.org' is known and matches the RSA host key.
> debug1: Found key in /home/peter/.ssh/known_hosts:3
> debug2: bits set: 503/1024
> debug1: ssh_rsa_verify: signature correct
> debug2: kex_derive_keys
> debug2: set_newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug2: set_newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /home/peter/.ssh/identity ((nil))
> debug2: key: /home/peter/.ssh/id_rsa ((nil))
> debug2: key: /home/peter/.ssh/id_dsa (0x7f47efc9a2f0)
> debug1: Authentications that can continue: publickey
> debug3: start over, passed a different list publickey
> debug3: preferred 
> gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: Next authentication method: publickey
> debug1: Trying private key: /home/peter/.ssh/identity
> debug3: no such identity: /home/peter/.ssh/identity
> debug1: Trying private key: /home/peter/.ssh/id_rsa
> debug3: no such identity: /home/peter/.ssh/id_rsa
> debug1: Offering public key: /home/peter/.ssh/id_dsa
> debug3: send_pubkey_test
> debug2: we sent a publickey packet, wait for reply
> debug1: Server accepts key: pkalg ssh-dss blen 433
> debug2: input_userauth_pk_ok: fp 
> ea:62:93:04:44:5a:eb:93:74:80:24:ec:ef:40:5e:b5
> debug3: sign_and_send_pubkey
> debug1: PEM_read_PrivateKey failed
> debug1: read PEM private key done: type <unknown>
> Enter passphrase for key '/home/peter/.ssh/id_dsa':
> debug1: read PEM private key done: type DSA
> debug1: Authentication succeeded (publickey).
> debug1: channel 0: new [client-session]
> debug3: ssh_session2_open: channel_new: 0
> debug2: channel 0: send open
> debug1: Entering interactive session.
> debug2: callback start
> debug2: client_session2_setup: id 0
> debug2: channel 0: request pty-req confirm 0
> debug3: tty_make_modes: ospeed 38400
> debug3: tty_make_modes: ispeed 38400
> debug3: tty_make_modes: 1 3
> debug3: tty_make_modes: 2 28
> debug3: tty_make_modes: 3 127
> debug3: tty_make_modes: 4 21
> debug3: tty_make_modes: 5 4
> debug3: tty_make_modes: 6 0
> debug3: tty_make_modes: 7 0
> debug3: tty_make_modes: 8 17
> debug3: tty_make_modes: 9 19
> debug3: tty_make_modes: 10 26
> debug3: tty_make_modes: 12 18
> debug3: tty_make_modes: 13 23
> debug3: tty_make_modes: 14 22
> debug3: tty_make_modes: 18 15
> debug3: tty_make_modes: 30 0
> debug3: tty_make_modes: 31 0
> debug3: tty_make_modes: 32 0
> debug3: tty_make_modes: 33 0
> debug3: tty_make_modes: 34 0
> debug3: tty_make_modes: 35 0
> debug3: tty_make_modes: 36 1
> debug3: tty_make_modes: 37 0
> debug3: tty_make_modes: 38 0
> debug3: tty_make_modes: 39 0
> debug3: tty_make_modes: 40 0
> debug3: tty_make_modes: 41 0
> debug3: tty_make_modes: 50 1
> debug3: tty_make_modes: 51 1
> debug3: tty_make_modes: 52 0
> debug3: tty_make_modes: 53 1
> debug3: tty_make_modes: 54 1
> debug3: tty_make_modes: 55 1
> debug3: tty_make_modes: 56 0
> debug3: tty_make_modes: 57 0
> debug3: tty_make_modes: 58 0
> debug3: tty_make_modes: 59 1
> debug3: tty_make_modes: 60 1
> debug3: tty_make_modes: 61 1
> debug3: tty_make_modes: 62 0
> debug3: tty_make_modes: 70 1
> debug3: tty_make_modes: 71 0
> debug3: tty_make_modes: 72 1
> debug3: tty_make_modes: 73 0
> debug3: tty_make_modes: 74 0
> debug3: tty_make_modes: 75 0
> debug3: tty_make_modes: 90 1
> debug3: tty_make_modes: 91 1
> debug3: tty_make_modes: 92 0
> debug3: tty_make_modes: 93 0
> debug1: Sending environment.
> debug3: Ignored env KDE_MULTIHEAD
> debug3: Ignored env SSH_AGENT_PID
> debug3: Ignored env DM_CONTROL
> debug3: Ignored env GPG_AGENT_INFO
> debug3: Ignored env TERM
> debug3: Ignored env SHELL
> debug3: Ignored env XDG_SESSION_COOKIE
> debug3: Ignored env XDM_MANAGED
> debug3: Ignored env GTK2_RC_FILES
> debug3: Ignored env GTK_RC_FILES
> debug3: Ignored env GS_LIB
> debug3: Ignored env WINDOWID
> debug3: Ignored env OLDPWD
> debug3: Ignored env KDE_FULL_SESSION
> debug3: Ignored env USER
> debug3: Ignored env LS_COLORS
> debug3: Ignored env SSH_AUTH_SOCK
> debug3: Ignored env SESSION_MANAGER
> debug3: Ignored env KONSOLE_DCOP
> debug3: Ignored env PATH
> debug3: Ignored env DESKTOP_SESSION
> debug3: Ignored env KONSOLE_DCOP_SESSION
> debug3: Ignored env PWD
> debug3: Ignored env KDE_SESSION_UID
> debug1: Sending env LANG = en_US.UTF-8
> debug2: channel 0: request env confirm 0
> debug3: Ignored env HOME
> debug3: Ignored env SHLVL
> debug3: Ignored env XCURSOR_THEME
> debug3: Ignored env LOGNAME
> debug3: Ignored env LESSOPEN
> debug3: Ignored env DISPLAY
> debug3: Ignored env LESSCLOSE
> debug3: Ignored env _
> debug2: channel 0: request shell confirm 0
> debug2: fd 5 setting TCP_NODELAY
> debug2: callback done
> debug2: channel 0: open confirm rwindow 0 rmax 32768

Session hangs from here on.


-- 
Fame is probably the second most dangerous occupation after working in a coal 
mine
 - Moby
[Prev in Thread]
Current Thread
[Next in Thread]
[Savannah-help-public] ssh login from behind firewall fails, Peter Hoppe <=
Prev by Date: [Savannah-help-public] [sr #106452] How I can use dazuko module with clamav?
Next by Date: [Savannah-help-public] progress -> ssh login from behind firewall fails
Previous by thread: [Savannah-help-public] [sr #106452] How I can use dazuko module with clamav?
Next by thread: [Savannah-help-public] progress -> ssh login from behind firewall fails
Index(es):
- Date
- Thread