The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,089 other followers

Archive for the ‘ssh/sshd’ Category

Remote access to the Embarcadero License Center via SSH tunnel – twm’s blog

Posted by jpluimers on 2020/08/10

Thomas basically did all the research on the forwarding needed for ELC (formerly Belise/Elise), then showed the PuTTY equivalent to ssh user@remote -L5567:192.168.1.200:5567:

[WayBackRemote access to the Embarcadero License Center via SSH tunnel – twm’s blog

Via: [WayBack] Once you have set up an Embarcadero License Center (ELC) for your company (with network named user or concurrent licenses) you will need network access … – Thomas Mueller (dummzeuch) – Google+

Related: [WayBack] Introducing the Embarcadero License Center – ELC

–jeroen

 

Posted in *nix, Communications Development, Delphi, Development, Internet protocol suite, Licensing, Power User, Software Development, SSH, ssh/sshd | Leave a Comment »

linux – ssh_exchange_identification: Connection closed by remote host (not using hosts.deny) – Unix & Linux Stack Exchange

Posted by jpluimers on 2020/07/17

I had this one day connecting to a guest:

debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
Connection closed by 192.168.71.81 port 22

The cause was indeed a heavily overloaded box that would not respond in time to any actual data sent over network requests, but would accept the initial TCP connection.

Logging on the console also failed, but the memory and CPU usage on the wrapping host was out of the roof.

The only solution was to soft power-cycle the guest.

Very similar to:

You can also have a host who’s memory is so badly fragmented that it can’t allocate a page a contiguous memory to fork the process for hosting an SSH session.

In such a case, you can get either of the messages:

ssh_exchange_identification: read: Connection reset by peer

or:

Connection closed by aaa.bbb.ccc.ddd

depending on how far the host gets before it bails out.

If memory fragmenting is the apparent cause, the solution is to access the server via other means and to restart some of the pertinent services. I have found Apache and MySQL to be the culprit on VM’s since VM’s don’t have a swap partition. Failing that, reboot the host.

Via: [WayBacklinux – ssh_exchange_identification: Connection closed by remote host (not using hosts.deny) – Unix & Linux Stack Exchange

–jeroen

Posted in *nix, *nix-tools, Power User, ssh/sshd | Leave a Comment »

shell – List open SSH tunnels – via: Super User

Posted by jpluimers on 2020/06/29

I put an lsof example and output in Reverse ssh tunnel between two linux boxes to allow RDP traffic over port 3389, but forgot to explain it.

Note that if you are bumping into remote tunneling issues selecting the wrong network interface, then checkout the GatewayPorts setting in the above post first!

Inactive local tunnels on the client: find the first word ssh on lsof output.

$ lsof -i -n | grep -w '^\<ssh\>'
ssh       93548 jeroenp    3u  IPv4 0x298985ab430c8aa9      0t0  TCP 192.168.71.77:50257->80.101.239.92:30022 (ESTABLISHED)
ssh       93548 jeroenp    5u  IPv6 0x298985ab22e02df9      0t0  TCP [::1]:59124 (LISTEN)
ssh       93548 jeroenp    6u  IPv4 0x298985ab272543a1      0t0  TCP 127.0.0.1:59124 (LISTEN)
ssh       93548 jeroenp    7u  IPv6 0x298985ab22e03339      0t0  TCP [::1]:ms-wbt-server (LISTEN)
ssh       93548 jeroenp    8u  IPv4 0x298985ab4306eaa9      0t0  TCP 127.0.0.1:ms-wbt-server (LISTEN)
ssh       93548 jeroenp    9u  IPv6 0x298985ab28049339      0t0  TCP [::1]:5925 (LISTEN)
ssh       93548 jeroenp   10u  IPv4 0x298985ab25cefe89      0t0  TCP 127.0.0.1:5925 (LISTEN)

The above listens two tunnels listening to ports 59124, 3389 (ms-wbt-server) and 5925.

Remote tunnels on the server: find the first word sshd on lsof output. Needs sudo if sshd runs as daemon or to listen active connections:

$ sudo lsof -i -n | grep -w '^\<sshd\>'
sshd       1664     root    3u  IPv4   21299      0t0  TCP *:ssh (LISTEN)
sshd       1664     root    4u  IPv6   21301      0t0  TCP *:ssh (LISTEN)
sshd       5026     root    3u  IPv4  350758      0t0  TCP 192.168.124.32:ssh->192.168.171.24:52417 (ESTABLISHED)
sshd       5029  jeroenp    3u  IPv4  350758      0t0  TCP 192.168.124.32:ssh->192.168.171.24:52417 (ESTABLISHED)
sshd       5120     root    3u  IPv4 6693665      0t0  TCP 192.168.124.32:ssh->80.100.143.119:11585 (ESTABLISHED)
sshd       5123  jeroenp    3u  IPv4 6693665      0t0  TCP 192.168.124.32:ssh->80.100.143.119:11585 (ESTABLISHED)
sshd      13320     root    3u  IPv4 6319692      0t0  TCP 192.168.124.32:ssh->192.168.171.24:56801 (ESTABLISHED)
sshd      13323  jeroenp    3u  IPv4 6319692      0t0  TCP 192.168.124.32:ssh->192.168.171.24:56801 (ESTABLISHED)
sshd      16505     root    3u  IPv4 6374150      0t0  TCP 192.168.124.32:ssh->192.168.171.24:21505 (ESTABLISHED)
sshd      16508  jeroenp    3u  IPv4 6374150      0t0  TCP 192.168.124.32:ssh->192.168.171.24:21505 (ESTABLISHED)

The above does not list any tunnels, just regular connections as there were no local tunnels from the client active, which lists the server side of tunnel -L 59124:192.168.124.32:5900 (which is service rfb):

$ sudo lsof -i -n | grep -w '^\<sshd\>'

sshd       1664     root    3u  IPv4   21299      0t0  TCP *:ssh (LISTEN)
sshd       1664     root    4u  IPv6   21301      0t0  TCP *:ssh (LISTEN)
sshd       5026     root    3u  IPv4  350758      0t0  TCP 192.168.124.32:ssh->192.168.171.24:52417 (ESTABLISHED)
sshd       5029  jeroenp    3u  IPv4  350758      0t0  TCP 192.168.124.32:ssh->192.168.171.24:52417 (ESTABLISHED)
sshd       5120     root    3u  IPv4 6693665      0t0  TCP 192.168.124.32:ssh->80.100.143.119:11585 (ESTABLISHED)
sshd       5123  jeroenp    3u  IPv4 6693665      0t0  TCP 192.168.124.32:ssh->80.100.143.119:11585 (ESTABLISHED)
sshd       5123  jeroenp   13u  IPv4 6698066      0t0  TCP 192.168.124.32:51494->192.168.124.32:rfb (ESTABLISHED)
sshd      13320     root    3u  IPv4 6319692      0t0  TCP 192.168.124.32:ssh->192.168.171.24:56801 (ESTABLISHED)
sshd      13323  jeroenp    3u  IPv4 6319692      0t0  TCP 192.168.124.32:ssh->192.168.171.24:56801 (ESTABLISHED)
sshd      16505     root    3u  IPv4 6374150      0t0  TCP 192.168.124.32:ssh->192.168.171.24:21505 (ESTABLISHED)
sshd      16508  jeroenp    3u  IPv4 6374150      0t0  TCP 192.168.124.32:ssh->192.168.171.24:21505 (ESTABLISHED)

For the client side of active connections you need sudo too:

$ sudo lsof -i -n | grep -w '^\<ssh\>'
Password:
ssh 93548 jeroenp 3u IPv4 0x298985ab430c8aa9 0t0 TCP 192.168.71.77:50257->80.101.239.92:30022 (ESTABLISHED)
ssh 93548 jeroenp 5u IPv6 0x298985ab22e02df9 0t0 TCP [::1]:59124 (LISTEN)
ssh 93548 jeroenp 6u IPv4 0x298985ab272543a1 0t0 TCP 127.0.0.1:59124 (LISTEN)
ssh 93548 jeroenp 7u IPv6 0x298985ab22e03339 0t0 TCP [::1]:ms-wbt-server (LISTEN)
ssh 93548 jeroenp 8u IPv4 0x298985ab4306eaa9 0t0 TCP 127.0.0.1:ms-wbt-server (LISTEN)
ssh 93548 jeroenp 9u IPv6 0x298985ab28049339 0t0 TCP [::1]:5925 (LISTEN)
ssh 93548 jeroenp 10u IPv4 0x298985ab25cefe89 0t0 TCP 127.0.0.1:5925 (LISTEN)
ssh 93548 jeroenp 15u IPv4 0x298985ab2998de89 0t0 TCP 127.0.0.1:59124->127.0.0.1:52580 (ESTABLISHED)

Based on [WayBackshell – List open SSH tunnels – Super User.

–jeroen

Posted in *nix, *nix-tools, Power User, ssh/sshd | Leave a Comment »

ssh_config section order is important: the first setting obtained from a Host/Match section applies

Posted by jpluimers on 2020/06/12

Often, configuration files work like this:

  • global settings are at the top
  • detailed settings are further on, overwriting global settings

Not for ssh_config though, so I was right writing I should read more on it in Good read for starting to intermediate ssh users is “SSH Essentials: Working with SSH Servers, Clients, and Keys | DigitalOcean” and pointers to more advanced reading material.

So here is how ssh_config does it as per man page at [WayBack] ssh_config(5) – OpenBSD manual pages and [WayBack] ssh_config — OpenSSH SSH client configuration files at Linux.org:

     For each parameter, the first obtained value will be used.  The configuration files contain sections separated
     by “Host” specifications, and that section is only applied for hosts that match one of the patterns given in the
     specification.  The matched host name is the one given on the command line.

     Since the first obtained value for each parameter is used, more host-specific declarations should be given near
     the beginning of the file, and general defaults at the end.

This means a section Host * needs to come at the end.

I got that wrong and it took me the better half of a morning to figure out the cause of a connection problem ending in this:

debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred:
debug1: No more authentication methods to try.

Somehow, the identity file was never used to try public key authentication at all because of the ssh_config order in ~/.ssh/config.

I’m not the only one confused, as during the search for the cause with “remaining preferred” “No more authentication methods to try.”:

Maybe now I should step up from manually editing the ssh_config file and use [WayBack] GitHub – moul/advanced-ssh-config: make your ssh client smarter to generate it for me.

–jeroen

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Power User, SSH, ssh/sshd, TCP | Leave a Comment »

Good read for starting to intermediate ssh users is “SSH Essentials: Working with SSH Servers, Clients, and Keys | DigitalOcean” and pointers to more advanced reading material

Posted by jpluimers on 2020/06/08

For a really nice overview of most basic and intermediate usage of ssh, read [WayBackSSH Essentials: Working with SSH Servers, Clients, and Keys | DigitalOcean.

It is large (printed to PDF it is 30+ pages in either A4 or Letter format) but well worth reading as it covers a lot in manageable bits.

Does it mean I won’t write about ssh again?

I will continue, as most of my blog posts are relatively short highlighting a small thing at a time (that is how I learn best, hopefully some of you do as well).

It does not explain really advanced stuff (like ProxyCommand), so here is a start of things I want to learn more about:

–jeroen

Posted in *nix, *nix-tools, Power User, ssh/sshd | Leave a Comment »

 
%d bloggers like this: