This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

ssh 5.8p1 vs 5.5 on VPN (5.5 works, 5.6, 5.8 don't)


I had a problem with ssh 5.6 or 5.8 connecting across a VPN.  I solved
it by going back to ssh 5.5.

But I don't understand the reason why 5.8 or 5.6 do not work.  Here's the story:

Actors:
 - laptop with cygwin 1.7 and openssh 5.8p1 on windows XP
 - desktop with redhat EL linux 5 with openssh 4.3p2

When the machines are on the LAN, I can ssh from one to the other.

Not so when the laptop is connecting to the company network via a VPN.
 - I can connect from the desktop to the laptop
 - I cannot connect from the laptop to the desktop

Here is the trace when connecting from laptop to dekstop:
OpenSSH_5.8p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /home/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to a.b.c.d [a.b.c.d] port 22.
debug1: Connection established.
debug1: identity file /home/.ssh/id_rsa type 1
debug1: identity file /home/.ssh/id_rsa-cert type -1
debug1: identity file /home/.ssh/id_dsa type 2
debug1: identity file /home/.ssh/id_dsa-cert type -1
debug1: identity file /home/.ssh/id_ecdsa type -1
debug1: identity file /home/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

On the desktop (/var/log/secure), seconds after trying to establish
the connection
from the laptop I see:
"fatal: Read from socket fails. Connection reset by peer"

Luckily I found the 5.5 tar.bz2 file in my dist directories.  Once I
installed it using
setup, I was able to connect using ssh (and unison)

I did not see anything in the /usr/share/doc/Cygwin or
/usr/share/doc/openssh/ that
would point to a difference between 5.5 and 5.6, 5.8.

Any thoughts on what could be causing the problem?

Thanks,

Mirko

Attachment: cygcheck.out
Description: Binary data

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]