7

I have been ssh'ing to this computer (also Ubuntu 16) for months, today it's not working.

running ssh -v [ip] yields

OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g  1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 192.168.0.211 [192.168.0.211] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.0.211:22 as 'user'
debug1: SSH2_MSG_KEXINIT sent
Connection reset by 192.168.0.211 port 22

Running nmap -v [ip] yields

Starting Nmap 7.01 ( https://nmap.org ) at 2018-09-06 08:44 MDT
Initiating Ping Scan at 08:44
Scanning 192.168.0.211 [2 ports]
Completed Ping Scan at 08:44, 0.09s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 08:44
Completed Parallel DNS resolution of 1 host. at 08:44, 0.03s elapsed
Initiating Connect Scan at 08:44
Scanning 192.168.0.211 [1000 ports]
Discovered open port 22/tcp on 192.168.0.211
Discovered open port 80/tcp on 192.168.0.211
Completed Connect Scan at 08:44, 0.49s elapsed (1000 total ports)
Nmap scan report for 192.168.0.211
Host is up (0.012s latency).
Not shown: 998 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
80/tcp open  http
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.63 seconds

I can ssh from the destination to my computer just fine.

The IP is not inside /etc/hosts.deny

ChumiestBucket
  • 261
  • Possible duplicate of: https://unix.stackexchange.com/questions/321968/trying-to-ssh-into-server-and-getting-key-load-public-no-such-file-or-directory – game0ver Sep 06 '18 at 15:35
  • 1
    You should check the ssh server log on the remote server. It looks like it's crashing or getting some kind of internal error during key exchange with the client. – Kenster Sep 06 '18 at 18:34
  • @Kenster perfect, checking /var/log/auth.log revealed that permissions to keys inside /etc/ssh/ were set to 0755. For future reference, changing permissions to 400 solved this issue. – ChumiestBucket Sep 07 '18 at 14:05

1 Answers1

8

Putting this here to prevent some future headaches for people googling this issue. I had a tough time finding a good solution. I didn't know there was a log file for ssh-related stuff.

Looking in the log file on the server (/var/log/auth.log) revealed the permissions for various keys in /etc/ssh/ were set to 755, which is too open. Only the user should have perms to see these. So using chmod 400 on all the affected keys solved my problem.

ChumiestBucket
  • 261
  • 1
    In my case, I had removed ~/.ssh/known_hosts and was trying to connect using sshpass. I had to try a normal ssh connection in order to get the "are you sure?" prompt so that known_hosts would update. – nullromo Oct 13 '22 at 22:16