I am trying to configure a Windows node running OpenSSH (https://github.com/PowerShell/Win32-OpenSSH) via Ansible. While normal SSH connection works, Ansible seems to fail to connect to the node.
Normal SSH connection:
sysadmin#MY_LINUX_SERVER:~/ansible$ ssh administrator#MY_WINDOWS_HOST -vvvv
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to MY_WINDOWS_HOST [A.B.C.D] port 22.
debug1: Connection established.
debug1: identity file /home/sysadmin/.ssh/id_rsa type -1
debug1: identity file /home/sysadmin/.ssh/id_rsa-cert type -1
debug1: identity file /home/sysadmin/.ssh/id_dsa type -1
debug1: identity file /home/sysadmin/.ssh/id_dsa-cert type -1
debug1: identity file /home/sysadmin/.ssh/id_ecdsa type -1
debug1: identity file /home/sysadmin/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/sysadmin/.ssh/id_ed25519 type -1
debug1: identity file /home/sysadmin/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.1
debug1: match: OpenSSH_7.1 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "MY_WINDOWS_HOST" from file "/home/sysadmin/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/sysadmin/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,ssh-rsa-cert-v00#openssh.com,ssh-dss-cert-v00#openssh.com,ssh-ed25519,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm#openssh.com,aes256-gcm#openssh.com,chacha20-poly1305#openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm#openssh.com,aes256-gcm#openssh.com,chacha20-poly1305#openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-ripemd160-etm#openssh.com,hmac-sha1-96-etm#openssh.com,hmac-md5-96-etm#openssh.com,hmac-md5,hmac-sha1,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-ripemd160-etm#openssh.com,hmac-sha1-96-etm#openssh.com,hmac-md5-96-etm#openssh.com,hmac-md5,hmac-sha1,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: setup hmac-sha1-etm#openssh.com
debug1: kex: server->client aes128-ctr hmac-sha1-etm#openssh.com none
debug2: mac_setup: setup hmac-sha1-etm#openssh.com
debug1: kex: client->server aes128-ctr hmac-sha1-etm#openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 1b:1b:43:b9:74:34:48:0b:06:9d:11:9c:9b:51:56:61
debug3: load_hostkeys: loading entries for host "MY_WINDOWS_HOST" from file "/home/sysadmin/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/sysadmin/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "A.B.C.D" from file "/home/sysadmin/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /home/sysadmin/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys
debug1: Host 'MY_WINDOWS_HOST' is known and matches the ECDSA host key.
debug1: Found key in /home/sysadmin/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/sysadmin/.ssh/id_rsa ((nil)),
debug2: key: /home/sysadmin/.ssh/id_dsa ((nil)),
debug2: key: /home/sysadmin/.ssh/id_ecdsa ((nil)),
debug2: key: /home/sysadmin/.ssh/id_ed25519 ((nil)),
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/sysadmin/.ssh/id_rsa
debug3: no such identity: /home/sysadmin/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /home/sysadmin/.ssh/id_dsa
debug3: no such identity: /home/sysadmin/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/sysadmin/.ssh/id_ecdsa
debug3: no such identity: /home/sysadmin/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/sysadmin/.ssh/id_ed25519
debug3: no such identity: /home/sysadmin/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
administrator#MY_WINDOWS_HOST's password:
debug3: packet_send2: adding 48 (len 64 padlen 16 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
Authenticated to MY_WINDOWS_HOST ([A.B.C.D]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x10
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug3: Ignored env XDG_SESSION_ID
debug3: Ignored env TERM
debug3: Ignored env SHELL
debug3: Ignored env SSH_CLIENT
debug3: Ignored env OLDPWD
debug3: Ignored env SSH_TTY
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env MAIL
debug3: Ignored env PATH
debug3: Ignored env PWD
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env SHLVL
debug3: Ignored env HOME
debug3: Ignored env LOGNAME
debug3: Ignored env SSH_CONNECTION
debug3: Ignored env LESSOPEN
debug3: Ignored env XDG_RUNTIME_DIR
debug3: Ignored env LESSCLOSE
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.
administrator#MY_WINDOWS_HOST C:\Users\Administrator>exit
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow#openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
Connection to MY_WINDOWS_HOST closed.
Transferred: sent 3024, received 2792 bytes, in 166.9 seconds
Bytes per second: sent 18.1, received 16.7
debug1: Exit status 0
sysadmin#MY_LINUX_SERVER:~/ansible$
Attempt to connect with Ansible:
sysadmin#MY_LINUX_SERVER:~/ansible$ ansible -i staging iis -m win_ping -vvvv
<MY_WINDOWS_HOST> ESTABLISH CONNECTION FOR USER: Administrator
<MY_WINDOWS_HOST> REMOTE_MODULE win_ping
<MY_WINDOWS_HOST> EXEC sshpass -d6 ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/sysadmin/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=22 -o GSSAPIAuthentication=no -o PubkeyAuthentication=no -o User=Administrator -o ConnectTimeout=10 MY_WINDOWS_HOST /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1445861196.89-92060959437896 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1445861196.89-92060959437896 && echo $HOME/.ansible/tmp/ansible-tmp-1445861196.89-92060959437896'
MY_WINDOWS_HOST | FAILED => SSH Error: Failed to connect to new control master
while connecting to A.B.C.D:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.
sysadmin#MY_LINUX_SERVER:~/ansible$
Any clue why the connection is not working via Ansible?
I believe the guys from Microsoft still didn't solve the file-descriptor passing issue so ControlMaster function is probably not working, even though it is not announced in advance. Disabling it as the comment proposes, should solve your issue. You can use also ansible config in /etc/ansible/ansible.cfg:
ssh_args = -o ControlMaster=no
Related
I was using the following command to execute the remote commands:
ssh -T -F ${ssh_config_path} ${remote_user}#{remote_host} '... here is command string ...'
And the ssh_config file likes the following:
Host __DASUSM__
User MES
Hostname ${remote_gateway_host}
Port ${remote_gateway_port}
IdentityFile ${identity_file_path}
Host *
ProxyCommand ssh -F ${ssh_config_path} -q __DASUSM__ -W %h:%p
ForwardAgent yes
For example, I have tried the following command in the host server, it's works as expected.
ssh -F ${ssh_config_path} ${remote_user}#{remote_host} ls
But, it's not works when I using "Execute Shell" in jenkins to execute it.
Below is the detail errors:
+ ssh -vv -F /root/.ssh/usm/ssh_config root#172.16.8.52 ls
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /root/.ssh/usm/ssh_config
debug1: /root/.ssh/usm/ssh_config line 9: Applying options for 1*
debug1: Executing proxy command: exec ssh -F /root/.ssh/usm/ssh_config -q __DASUSM__ -W 172.16.8.52:22
debug1: permanently_set_uid: 0/0
debug1: permanently_drop_suid: 0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 usm-0.6.3
debug1: match: OpenSSH_7.2p2 usm-0.6.3 pat OpenSSH* compat 0x04000000
debug2: fd 5 setting O_NONBLOCK
debug2: fd 4 setting O_NONBLOCK
debug1: Authenticating to 172.16.8.52:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ssh-ed25519-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256#libssh.org,ecdh-sha2-nistp256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-dss,ssh-rsa
debug2: ciphers ctos: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
debug2: ciphers stoc: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
debug2: MACs ctos: hmac-sha1
debug2: MACs stoc: hmac-sha1
debug2: compression ctos: none,zlib,zlib#openssh.com
debug2: compression stoc: none,zlib,zlib#openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256#libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none
debug1: kex: curve25519-sha256#libssh.org need=20 dh_need=20
debug1: kex: curve25519-sha256#libssh.org need=20 dh_need=20
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:BkGoheN4LCmlpju9x4E2eEqcQthgf8gaNqo3OQTrx1o
debug1: Host '172.16.8.52' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:3
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /root/.ssh/id_rsa (0x55881a7de690)
debug2: key: /root/.ssh/id_dsa ((nil))
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug2: key: /root/.ssh/id_ed25519 ((nil))
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentication succeeded (none).
Authenticated to 172.16.8.52 (via proxy).
debug2: fd 3 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: pledge: proc
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending command: ls
debug2: channel 0: request exec confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 32000 rmax 35000
debug1: Received SSH2_MSG_UNIMPLEMENTED for 6
debug2: channel 0: read<=0 rfd 3 len 0
debug2: channel 0: read failed
debug2: channel 0: close_read
debug2: channel 0: input open -> drain
debug2: channel 0: ibuf empty
debug2: channel 0: send eof
debug2: channel 0: input drain -> closed
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 1848, received 1200 bytes, in 0.0 seconds
Bytes per second: sent 86776.8, received 56348.5
debug1: Exit status -1
Build step 'Execute shell' marked build as failure
Finished: FAILURE
===== Additional Information (2018/11/05-1) =====
For comparison, I paste the log which works well in host server.
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /root/.ssh/usm/ssh_config
debug1: /root/.ssh/usm/ssh_config line 9: Applying options for 1*
debug1: Executing proxy command: exec ssh -F /root/.ssh/usm/ssh_config -q __DASUSM__ -W 172.16.8.52:22
debug1: permanently_set_uid: 0/0
debug1: permanently_drop_suid: 0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 usm-0.6.3
debug1: match: OpenSSH_7.2p2 usm-0.6.3 pat OpenSSH* compat 0x04000000
debug2: fd 5 setting O_NONBLOCK
debug2: fd 4 setting O_NONBLOCK
debug1: Authenticating to 172.16.8.52:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ssh-ed25519-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256#libssh.org,ecdh-sha2-nistp256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-dss,ssh-rsa
debug2: ciphers ctos: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
debug2: ciphers stoc: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
debug2: MACs ctos: hmac-sha1
debug2: MACs stoc: hmac-sha1
debug2: compression ctos: none,zlib,zlib#openssh.com
debug2: compression stoc: none,zlib,zlib#openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256#libssh.org
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none
debug1: kex: curve25519-sha256#libssh.org need=20 dh_need=20
debug1: kex: curve25519-sha256#libssh.org need=20 dh_need=20
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:BkGoheN4LCmlpju9x4E2eEqcQthgf8gaNqo3OQTrx1o
debug1: Host '172.16.8.52' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:3
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /root/.ssh/id_rsa (0x55aa83f1e8b0)
debug2: key: /root/.ssh/id_dsa ((nil))
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug2: key: /root/.ssh/id_ed25519 ((nil))
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentication succeeded (none).
Authenticated to 172.16.8.52 (via proxy).
debug2: fd 6 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: pledge: proc
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending command: ls
debug2: channel 0: request exec confirm 1
debug2: callback done
debug2: channel 0: open confirm rwindow 32000 rmax 35000
debug1: Received SSH2_MSG_UNIMPLEMENTED for 6
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
anaconda-ks.cfg
jar-content
uvp-tools-linux-2.3.0.144-590
uvp-tools-linux-2.3.0.144-590.tar.bz2
xvdd
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 1 clearing O_NONBLOCK
Transferred: sent 1832, received 1376 bytes, in 0.4 seconds
Bytes per second: sent 4833.1, received 3630.1
debug1: Exit status 0
At the same time, I had tested the followings, they got the same result read failed.
/bin/bash << EOF
ssh -vv -F ${ssh_config_path} ${remote_user}#{remote_host} '... here is command string ...'
EOF
/bin/bash <<< "ssh -vv -F ${ssh_config_path} ${remote_user}#{remote_host} '... here is command string ...'"
ssh 127.0.0.1 << EOF
ssh -vv -F ${ssh_config_path} ${remote_user}#{remote_host} '... here is command string ...'
EOF
But if I not using the input redirection, it's works.
/bin/bash -c "ssh -vv -F ${ssh_config_path} ${remote_user}#{remote_host} '... here is command string ...'"
Even so, I still can not get the scripts works on jenkins.
Expecting your answers...
===== Additional Information (2018/11/05-2) =====
As temporary workaround, using python to execute the remote commands through the third/current server which one is not behind the gateway.
python << EOF
import paramiko
with paramiko.SSHClient() as ssh:
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy)
ssh.load_system_host_keys()
ssh.connect("127.0.0.1", username="root")
_, stdout, stderr = ssh.exec_command("ssh -T -F ${ssh_config_path} ${remote_user}#{remote_host} \"${command}\"")
exit_status = stdout.channel.recv_exit_status()
if exit_status != 0:
# this is a demo, maybe you should raise an error
print("error: " + "".join(stderr.readlines()))
else:
print("result: " + "".join(stdout.readlines()))
EOF
Actually, using python to execute it directly still get error (like subprocess.run), so using the paramiko module to workaround it.
I am trying to ssh to another machine using Perl CGI script and I am executing the script on a remote machine. I am facing the issue.
Note: I am calling below command in Perl CGI Script: Below is just code snippet which is not working as expected i.e it is not executing the script in remote system.
This is just Code Snipped in heap.pl (This is the code from Perf CGI Script). I am using backtick () for executing system commands in Perl Script
`rm -rf /home/noc/.ssh/known_hosts ;ssh -i /home/noc/.ssh/noc_offshore_key -vvv -o LogLevel=DEBUG3 -o StrictHostKeyChecking=no -o BatchMode=yes -o ConnectTimeout=5 noc\#10.208.9.88 "sh /tmp/jetty_change.sh 4020 4678 accservice"`;
Error in apache Error Log:
[Sat Jan 20 01:44:33.369848 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: rm: cannot remove '/home/noc/.ssh/known_hosts': Permission denied, referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.375508 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: Warning: Identity file /home/noc/.ssh/noc_offshore_key not accessible: Permission denied., referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.376656 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017\r, referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.376702 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: debug1: Reading configuration data /etc/ssh/ssh_config\r, referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.376745 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: debug1: /etc/ssh/ssh_config line 56: Applying options for *\r, referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.376981 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: debug2: resolving "10.208.9.88" port 22\r, referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.377000 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: debug2: ssh_connect_direct: needpriv 0\r, referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.377016 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: debug1: Connecting to 10.208.9.88 [10.208.9.88] port 22.\r, referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.377362 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: debug2: fd 3 setting O_NONBLOCK\r, referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.377495 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: debug1: connect to address 10.208.9.88 port 22: Permission denied\r, referer: http://10.208.8.27/heapmemory.html
[Sat Jan 20 01:44:33.377518 2018] [cgi:error] [pid 7722] [client 183.82.99.86:43419] AH01215: ssh: connect to host 10.208.9.88 port 22: Permission denied\r, referer: http://10.208.8.27/heapmemory.html
Note: When i execute the same command as NOC user it is working fine and i see that it is working as expected. So we can safely assume that permissions and key is correct
Permissions of file and ownership details
[noc#noc-automation tmp]$ ls -lrt /home/noc/.ssh/noc_offshore_key
-rw-------. 1 noc noc 1675 Jan 18 15:06 /home/noc/.ssh/noc_offshore_key
[noc#noc-automation cgi-bin]$ ls -lrt /var/www/cgi-bin/heap.pl
-rwxrwxr-x. 1 noc noc 1137 Jan 20 01:44 /var/www/cgi-bin/heap.pl
Manually executing same command works, below is the Output. So we can safely assume that Keys and permissions are correct
[noc#noc-automation tmp]$ rm -rf /home/noc/.ssh/known_hosts ;ssh -i /home/noc/.ssh/noc_offshore_key -vvv -o LogLevel=DEBUG3 -o StrictHostKeyChecking=no -o BatchMode=yes -o ConnectTimeout=5 noc#10.208.9.88 "sh /tmp/jetty_change.sh 2000 2001 accservice"
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug2: resolving "10.208.9.88" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 10.208.9.88 [10.208.9.88] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.
debug3: timeout: 4999 ms remain after connect
debug1: key_load_public: No such file or directory
debug1: identity file /home/noc/.ssh/noc_offshore_key type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/noc/.ssh/noc_offshore_key-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.208.9.88:22 as 'noc'
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ssh-ed25519-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com
debug2: compression stoc: none,zlib#openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64-etm#openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64-etm#openssh.com compression: none
debug1: kex: curve25519-sha256 need=16 dh_need=16
debug1: kex: curve25519-sha256 need=16 dh_need=16
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:QavXuYKfJLVm+oEiYiX+wQPcy5q5RvZ7Uki560dzg0c
Warning: Permanently added '10.208.9.88' (ECDSA) to the list of known hosts.
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /home/noc/.ssh/noc_offshore_key ((nil)), explicit
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 53
debug3: input_userauth_banner
################################################################################
# #
# UNAUTHORIZED ACCESS TO THIS SYSTEM IS PROHIBITED. ACTIVITY MAY BE LOGGED AND #
# MONITORED. USE IS FOR AUTHORIZED BUSINESS PURPOSES ONLY. VIOLATORS OF THIS #
# POLICY ARE SUBJECT TO DISCIPLINARY ACTION UP TO AND INCLUDING LEGAL ACTION. #
# #
################################################################################
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred: ,gssapi-with-mic,publickey
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/noc/.ssh/noc_offshore_key
debug3: sign_and_send_pubkey: RSA SHA256:blgxJvtpeU6gpkzAO6hRXG9DIHzMfPGajptL8OAUs7E
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to 10.208.9.88 ([10.208.9.88]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions#openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 80
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug3: receive packet: type 91
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x08
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug3: Ignored env XDG_SESSION_ID
debug3: Ignored env HOSTNAME
debug3: Ignored env SELINUX_ROLE_REQUESTED
debug3: Ignored env TERM
debug3: Ignored env SHELL
debug3: Ignored env HISTSIZE
debug3: Ignored env SSH_CLIENT
debug3: Ignored env SELINUX_USE_CURRENT_RANGE
debug3: Ignored env SSH_TTY
debug3: Ignored env USER
debug3: Ignored env LS_COLORS
debug3: Ignored env MAIL
debug3: Ignored env PATH
debug3: Ignored env PWD
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug3: send packet: type 98
debug3: Ignored env SELINUX_LEVEL_REQUESTED
debug3: Ignored env HISTCONTROL
debug3: Ignored env SHLVL
debug3: Ignored env HOME
debug3: Ignored env LOGNAME
debug3: Ignored env SSH_CONNECTION
debug3: Ignored env LESSOPEN
debug3: Ignored env XDG_RUNTIME_DIR
debug3: Ignored env _
debug3: Ignored env OLDPWD
debug1: Sending command: sh /tmp/jetty_change.sh 2000 2001 accservice
debug2: channel 0: request exec confirm 1
debug3: send packet: type 98
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
2000 2001 accservice JAVA_OPTS="${JAVA_OPTS} -Xms2000m -Xmx2001m"
accservice
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype eow#openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: receive packet: type 96
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug3: receive packet: type 97
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug3: send packet: type 97
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
debug3: send packet: type 1
Transferred: sent 2572, received 2820 bytes, in 2.9 seconds
Bytes per second: sent 888.1, received 973.8
debug1: Exit status 0
Note: This script is involved by Perl CGI and apache is running as noc user only
[noc#noc-automation tmp]$ ps -ef|grep httpd|grep -v grep
noc 1925 2637 0 Jan19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
noc 2143 2637 0 Jan19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
noc 2229 2637 0 Jan19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
root 2637 1 0 Jan18 ? 00:00:09 /usr/sbin/httpd -DFOREGROUND
noc 4681 2637 0 Jan19 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
noc 6878 2637 0 Jan18 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
noc 7722 2637 0 00:31 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
noc 12575 2637 0 Jan18 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
noc 20192 2637 0 Jan18 ? 00:00:01 /usr/sbin/httpd -DFOREGROUND
noc 23163 2637 0 Jan19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
noc 25275 2637 0 Jan19 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
I am running this script in RHEL7 OS
Can you please check and help me why from Perl CGI, script is not getting executed in remote system?
try disabling SELINUX and check this again. It should work
I am looking for some helps, pointers to documentation or to contacts.
Context of issue environment: a MS Windows 7 workstation has to execute a homemade bash script on a CentOS 6.5 server. This is done by a homemade MS batch script using installed OpenSSH client.
The called bash script opens a SSH connection to other CentOS 6.5 server and executes the command
ssh userLogin#remoteClient "pidof gnome-panel"
This script works fine if it is executed from server X11 environment (yes, this server has the X11 environment). However, when it is executed from Windows by the batch script, the SSH subcommand of "pidof gnome-panel" is blocked. I executed using SSH option "-vvv" (EDIT: complete log)
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /home/userLogin/.ssh/config
debug1: Applying options for remoteClient
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to remoteClient [209.0.0.63] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /home/userLogin/.ssh/id_rsa.pub.
debug1: identity file /home/userLogin/.ssh/id_rsa.pub type 1
debug1: identity file /home/userLogin/.ssh/id_rsa.pub-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 960 bytes for a total of 981
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,ssh-rsa-cert-v00#openssh.com,ssh-dss-cert-v00#openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 1005
debug2: dh_gen_key: priv key bits set: 143/256
debug2: bits set: 508/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 144 bytes for a total of 1149
debug3: check_host_in_hostfile: host remoteclient filename /dev/null
debug3: check_host_in_hostfile: host remoteclient filename /dev/null
debug3: check_host_in_hostfile: host remoteclient filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host remoteclient filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host 209.0.0.63 filename /dev/null
debug3: check_host_in_hostfile: host 209.0.0.63 filename /dev/null
debug3: check_host_in_hostfile: host 209.0.0.63 filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host 209.0.0.63 filename /etc/ssh/ssh_known_hosts
Warning: Permanently added 'remoteclient,209.0.0.63' (RSA) to the list of known hosts.
debug2: bits set: 544/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1165
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1213
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/userLogin/.ssh/id_rsa.pub (0x21933e0)
debug3: Wrote 64 bytes for a total of 1277
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address 209.0.0.63.
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/userLogin/.ssh/id_rsa.pub
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug2: input_userauth_pk_ok: SHA1 fp f1:80:80:b0:8b:2c:26:a4:ea:4f:73:c0:28:bc:cc:88:10:b1:d0:2b
debug3: sign_and_send_pubkey: RSA f1:80:80:b0:8b:2c:26:a4:ea:4f:73:c0:28:bc:cc:88:10:b1:d0:2b
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
OK log:
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /home/userLogin/.ssh/config
debug1: Applying options for remoteClient
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to remoteClient [209.0.0.63] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /home/userLogin/.ssh/id_rsa.pub.
debug1: identity file /home/userLogin/.ssh/id_rsa.pub type 1
debug1: identity file /home/userLogin/.ssh/id_rsa.pub-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 960 bytes for a total of 981
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,ssh-rsa-cert-v00#openssh.com,ssh-dss-cert-v00#openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 1005
debug2: dh_gen_key: priv key bits set: 125/256
debug2: bits set: 537/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 144 bytes for a total of 1149
debug3: check_host_in_hostfile: host remoteclient filename /dev/null
debug3: check_host_in_hostfile: host remoteclient filename /dev/null
debug3: check_host_in_hostfile: host remoteclient filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host remoteclient filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host 209.0.0.63 filename /dev/null
debug3: check_host_in_hostfile: host 209.0.0.63 filename /dev/null
debug3: check_host_in_hostfile: host 209.0.0.63 filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host 209.0.0.63 filename /etc/ssh/ssh_known_hosts
Warning: Permanently added 'remoteclient,209.0.0.63' (RSA) to the list of known hosts.
debug2: bits set: 492/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1165
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1213
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/userLogin/.ssh/id_rsa.pub (0x1c5e3e0)
debug3: Wrote 64 bytes for a total of 1277
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive
debug3: authmethod_lookup gssapi-keyex
debug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive
debug3: authmethod_is_enabled gssapi-keyex
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug2: we did not send a packet, disable method
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey,keyboard-interactive
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug3: Trying to reverse map address 209.0.0.63.
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_500' not found
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/userLogin/.ssh/id_rsa.pub
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1645
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug2: input_userauth_pk_ok: SHA1 fp f1:80:80:b0:8b:2c:26:a4:ea:4f:73:c0:28:bc:cc:88:10:b1:d0:2b
debug3: sign_and_send_pubkey: RSA f1:80:80:b0:8b:2c:26:a4:ea:4f:73:c0:28:bc:cc:88:10:b1:d0:2b
debug3: Wrote 640 bytes for a total of 2285
debug1: Authentication succeeded (publickey).
debug2: fd 5 setting O_NONBLOCK
debug3: fd 6 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug3: Wrote 128 bytes for a total of 2413
debug2: callback start
debug2: x11_get_proto: /usr/bin/xauth list displayTMC:0.0 2>/dev/null
Warning: No xauth data; using fake authentication data for X11 forwarding.
debug1: Requesting X11 forwarding with authentication spoofing.
debug2: channel 0: request x11-req confirm 0
debug3: Wrote 112 bytes for a total of 2525
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug3: Ignored env userLogin_THREAD_MEMORY_SIZE
debug3: Ignored env ORBIT_SOCKETDIR
debug3: Ignored env userLogin_ATT_TIMEOUT_READY_MODE
debug3: Ignored env SNMP_PRIV_TYPE
debug3: Ignored env userLogin_REFRESH_PEER_MODE
debug3: Ignored env HOSTNAME
debug3: Ignored env GIO_LAUNCHED_DESKTOP_FILE_PID
debug3: Ignored env SNMP_ENCRYPT_PASS_PHRASE
debug3: Ignored env SHELL
debug3: Ignored env TERM
debug3: Ignored env userLogin_TIMEOUT_SWITCH_OPER_EVAL
debug3: Ignored env XDG_SESSION_COOKIE
debug3: Ignored env HISTSIZE
debug3: Ignored env SNMP_AUTH_TYPE
debug3: Ignored env userLogin_NB_SEC_STANDBY_STARTUP
debug3: Ignored env GTK_RC_FILES
debug3: Ignored env WINDOWID
debug3: Ignored env TRACE_TEMPS
debug3: Ignored env QTDIR
debug3: Ignored env QTINC
debug3: Ignored env userLogin_UDP_BUFFER_SIZE
debug3: Ignored env XTERM_SHELL
debug3: Ignored env USER
debug3: Ignored env LD_LIBRARY_PATH
debug3: Ignored env userLogin_INSTALLATION_MODE
debug3: Ignored env userLogin_OPEREVAL_ACTIVATION
debug3: Ignored env userLogin_PIPE_BUFFER_SIZE
debug3: Ignored env userLogin_TRAINING_REINITIALIZE_TIMEOUT
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env GNOME_KEYRING_SOCKET
debug3: Ignored env TERMCAP
debug3: Ignored env userLogin_NB_ATT_STANDBY_STARTUP
debug3: Ignored env SESSION_MANAGER
debug3: Ignored env USERNAME
debug3: Ignored env userLogin_PERIOD_OF_CHECK_READY_MODE
debug3: Ignored env SNMP_COMMUNITY
debug3: Ignored env GIO_LAUNCHED_DESKTOP_FILE
debug3: Ignored env userLogin_NETPRI
debug3: Ignored env userLogin_CHECK_ENVIRONMENT_LEVEL
debug3: Ignored env userLogin_HUNTER_PROCESS_PERIOD
debug3: Ignored env userLogin_NB_FLOATING_IP_CHECK
debug3: Ignored env DESKTOP_SESSION
debug3: Ignored env PATH
debug3: Ignored env MAIL
debug3: Ignored env STY
debug3: Ignored env PWD
debug3: Ignored env GDM_KEYBOARD_LAYOUT
debug1: Sending env LANG = en_GB.UTF-8
debug2: channel 0: request env confirm 0
debug3: Ignored env KDE_IS_PRELINKED
debug3: Ignored env userLogin_MODE_STANDBY_PERIODIC_CHECK
debug3: Ignored env GDM_LANG
debug3: Ignored env SNMP_SECURITY_LEVEL
debug3: Ignored env userLogin_NB_PERSISTENCY_CHECK
debug3: Ignored env KDEDIRS
debug3: Ignored env userLogin_STANDBY_PERIODIC_PERSISTENCY_CHECK
debug3: Ignored env userLogin_ATT_TIMEOUT_PERSISTENCY_CHECK
debug3: Ignored env GDMSESSION
debug3: Ignored env XTERM_LOCALE
debug3: Ignored env XTERM_VERSION
debug3: Ignored env userLogin_REASON_OF_WAIT
debug3: Ignored env HISTCONTROL
debug3: Ignored env SSH_ASKPASS
debug3: Ignored env SHLVL
debug3: Ignored env HOME
debug3: Ignored env userLogin_HOME
debug3: Ignored env userLogin_ADAPTER_INTERNAL_NETWORK
debug3: Ignored env GNOME_DESKTOP_SESSION_ID
debug3: Ignored env TARGET_CLUSTER_STATUS_AFTER_SWITCH
debug3: Ignored env LOGNAME
debug3: Ignored env CVS_RSH
debug3: Ignored env QTLIB
debug3: Ignored env WINDOW
debug3: Ignored env userLogin_SNMP_TRAPVERSION
debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
debug3: Ignored env LESSOPEN
debug3: Ignored env PROMPT_COMMAND
debug3: Ignored env userLogin_CC_LOG_PATH
debug3: Ignored env WINDOWPATH
debug3: Ignored env DISPLAY
debug3: Ignored env userLogin_NETSEC
debug3: Ignored env userLogin_KILLER_PROCESS_PERIOD
debug3: Ignored env SNMP_AUTH_PASS_PHRASE
debug3: Ignored env SNMP_SECURITY_NAME
debug3: Ignored env userLogin_UDP_MULTICAST_TTL
debug3: Ignored env userLogin_CC_MAINMENU_FILENAME
debug3: Ignored env userLogin_CC_CUSTOM_SCRIPTS_PATH
debug3: Ignored env userLogin_CC_MENUS_PATH
debug3: Ignored env G_BROKEN_FILENAMES
debug3: Ignored env XAUTHORITY
debug3: Ignored env _
debug1: Sending command: /sbin/pidof gnome-panel
debug2: channel 0: request exec confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: Wrote 144 bytes for a total of 2669
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
2409
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow#openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cfd -1)
debug3: channel 0: close_fds r -1 w -1 e 6 c -1
debug3: Wrote 32 bytes for a total of 2701
debug3: Wrote 64 bytes for a total of 2765
debug1: fd 1 clearing O_NONBLOCK
debug3: fd 2 is not O_NONBLOCK
Transferred: sent 2568, received 2368 bytes, in 0.1 seconds
Bytes per second: sent 44382.9, received 40926.3
debug1: Exit status 0
I compared these captured logs but I did not note explanation of observed behaviour; the differences of logs:
debug2: dh_gen_key: priv key bits set: 143/256
debug2: bits set: 508/1024
debug2: bits set: 544/1024
debug2: key: /home/snet/.ssh/id_rsa.pub (0x21933e0)
where 143, 508, 544 and 0x21933e0 are different.
I absolutely does not understand why in this environment, the SSH connection is blocked...
I will appreciate any help.
Thank you. Best regards,
EDIT: the used private RSA key is not encrypted and ssh-agent is down.
EDIT: the content of userLogin/.ssh/config file
Host remoteClient
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
EDIT: the SELinux config
SELINUX=disabled
SELINUXTYPE=targeted
CLOSED: FYI, the issued server has been reinstalled without a fix. after re-installation, it works fine :(
I'm trying to automate ssh connection. The main goal - avoid being asked of passphrase. Here's ssh command:
#!/bin/bash
chmod 600 ssh_key
chmod +x passhrase_script.sh
DISPLAY=":0" SSH_ASKPASS="passhrase_script.sh"
ssh -i ssh_key -F /dev/null -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$#"
It works for Ubuntu(OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014) and doesn't for CentOS(OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013)
debug output:
`OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /dev/null
debug2: ssh_connect: needpriv 0
debug1: Connecting to xxx [172.20.240.99] port 2222.
debug1: Connection established.
debug3: Not a RSA1 key file /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/ssh_key_8.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/ssh_key_8 type -1
debug1: identity file /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/ssh_key_8-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 960 bytes for a total of 981
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01#openssh.com,ssh-dss-cert-v01#openssh.com,ssh-rsa-cert-v00#openssh.com,ssh-dss-cert-v00#openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc#lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-ctr,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 1005
debug2: dh_gen_key: priv key bits set: 138/256
debug2: bits set: 518/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 144 bytes for a total of 1149
debug3: put_host_port: [172.20.240.99]:2222
debug3: put_host_port: [xxx]:2222
debug3: check_host_in_hostfile: host [xxx]:2222 filename /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/known_hosts_8
debug3: check_host_in_hostfile: host [xx]:2222 filename /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/known_hosts_8
debug3: check_host_in_hostfile: host [xx]:2222 filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host [xx]:2222 filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host [172.20.240.99]:2222 filename /vcs-hosting/tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/known_hosts_8
debug3: check_host_in_hostfile: host [172.20.240.99]:2222 filename /vcs-hosting/tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/known_hosts_8
debug3: check_host_in_hostfile: host [172.20.240.99]:2222 filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host [172.20.240.99]:2222 filename /etc/ssh/ssh_known_hosts
debug1: checking without port identifier
debug3: check_host_in_hostfile: host xxx filename //tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/known_hosts_8
debug3: check_host_in_hostfile: host xxx filename /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/known_hosts_8
debug3: check_host_in_hostfile: host xxx filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host xxx filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host 172.20.240.99 filename /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/known_hosts_8
debug3: check_host_in_hostfile: host 172.20.240.99 filename /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/known_hosts_8
debug3: check_host_in_hostfile: host 172.20.240.99 filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: host 172.20.240.99 filename /etc/ssh/ssh_known_hosts
Warning: Permanently added '[xxx]:2222,[172.20.240.99]:2222' (RSA) to the list of known hosts.
debug2: bits set: 526/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1165
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1213
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/ssh_key_8 ((nil))
debug3: Wrote 64 bytes for a total of 1277
debug1: Authentications that can continue: keyboard-interactive,publickey
debug3: start over, passed a different list keyboard-interactive,publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /tests/tests-war-loader-impl/build/apps/slave/temp/repo/project-44-1473687324554/git-temp/ssh_key_8
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
debug1: read_passphrase: can't open /dev/tty: No such device or address
debug2: no passphrase given, try next key
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: Wrote 96 bytes for a total of 1373
debug1: Authentications that can continue: keyboard-interactive,publickey
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (keyboard-interactive,publickey)`
As you can see it says debug2: no passphrase given, try next key by the end. SSH_ASKPASS is set and works fine
I am trying to ssh into a remote machine and I get the following debug messages:
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to xxx.xxx.x.xx [xxx.xxx.xx.x] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /home/hadoop/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/hadoop/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-6ubuntu2
debug1: match: OpenSSH_5.1p1 Debian-6ubuntu2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-6ubuntu2
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc#lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc#lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib#openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc#lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc#lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64#openssh.com,hmac-ripemd160,hmac-ripemd160#openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit: none,zlib#openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 128/256
debug2: bits set: 511/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/hadoop/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 20
debug1: Host '192.168.1.63' is known and matches the RSA host key.
debug1: Found key in /home/hadoop/.ssh/known_hosts:20
debug2: bits set: 511/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/hadoop/.ssh/id_rsa (0x241c110)
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/hadoop/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,password).
What seems to be the problem?? I have tried everything, this is driving me nuts.
You say that you are having trouble with a "new" node, however, there seems to be an entry for that ip in ~/.ssh/known_hosts It seems likely that it is trying to use the setup from a previous session. You say that you copied id_rsa, but you should have tried moving it to prevent it from being found and used. You can see the file mentioned in your post, particularly the line " Offering public key: /home/hadoop/.ssh/id_rsa"
Try moving both of those files (id_rsa and known_hosts) and see if that changes things.
Looks like a bad private key. I would start by moving /home/hadoop/.ssh/id_rsa to /home/hadoop/.ssh/id_rsa.bak and seeing if that helps anything
As the answer above states, it looks to be a bad key. Run ssh-keygen and create a new one with the existing one being backed up.
Then try doing an
id_rsa.pub >> authorized_keys
no copying/pasting. Copying/pasting from VIM can lead to user error.