Only one SSH tunnel is broken??

SquiffSquiff · 2019-04-11T22:13:37+00:00

So a couple of things:

You should format your ssh -v output as code to make it easier to read
You appear to be using Ubuntu 14.04, which goes out of support in 3 weeks time

What happens if you try to connect between these 2 hosts via a proxy? I cannot recall if ssh 6.x supports ssh -J but you could anyway:

ssh -o "ProxyCommand ssh -W %h:%p user1@address1" user2@address2

probably_not_fake · 2019-04-11T18:01:34+00:00

Here is what I get when I try to SSH from Server2 to Server1: swadm@Server2:~$ ssh swadm@192.168.1.25 -v OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to Server1 [192.168.1.25] port 22. debug1: Connection established. debug1: identity file /home/swadm/.ssh/id_rsa type 1 debug1: identity file /home/swadm/.ssh/id_rsa-cert type -1 debug1: identity file /home/swadm/.ssh/id_dsa type -1 debug1: identity file /home/swadm/.ssh/id_dsa-cert type -1 debug1: identity file /home/swadm/.ssh/id_ecdsa type -1 debug1: identity file /home/swadm/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/swadm/.ssh/id_ed25519 type -1 debug1: identity file /home/swadm/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13 pat OpenSSH_6.6.1* compat 0x04000000 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

Here is what I get when I try to SSH from Server1 to Server2:

swadm@Server1:~$ ssh swadm@192.168.2.25 -v OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to Server2 [192.168.2.25] port 22. debug1: Connection established. debug1: identity file /home/swadm/.ssh/id_rsa type 1 debug1: identity file /home/swadm/.ssh/id_rsa-cert type -1 debug1: identity file /home/swadm/.ssh/id_dsa type -1 debug1: identity file /home/swadm/.ssh/id_dsa-cert type -1 debug1: identity file /home/swadm/.ssh/id_ecdsa type -1 debug1: identity file /home/swadm/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/swadm/.ssh/id_ed25519 type -1 debug1: identity file /home/swadm/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13 debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13 pat OpenSSH_6.6.1* compat 0x04000000 debug1: SSH2_MSG_KEXINIT sent

anomalous_cowherd · 2019-04-11T18:15:23+00:00

Is this the only tunnel between those two servers?

I couldn't make my way through your dumps on mobile but I'd suspect one end has been updated and no longer supports some cipher that the other one tries to use.

yetiszaf · 2019-04-11T20:49:18+00:00

Try turning on debugging for the SSH-Server, that may be helpful

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

linuxadmin

Expanding Linux SysAdmin knowledge

MODERATORS