我需要使用附带的“teemtalk”应用程序 (teemtalk 7.3.4) 将 HP T520 连接到 OpenSSH 7.2 sshd。 Teemtalk 说“远程主机已关闭连接”。我知道瘦客户端中包含一个嵌入式 ssh 客户端,但这不适用于我们的特定应用程序,因此我必须坚持使用 teemtalk。
我无法从客户端获得任何有用的日志。我从 sshd 得到这个:
# /usr/sbin/sshd -Dddd -p 2222
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 1542
debug2: parse_server_config: config /etc/ssh/sshd_config len 1542
debug3: /etc/ssh/sshd_config:28 setting HostKey /etc/ssh/ssh_host_rsa_key
debug3: /etc/ssh/sshd_config:29 setting HostKey /etc/ssh/ssh_host_dsa_key
debug3: /etc/ssh/sshd_config:30 setting HostKey /etc/ssh/ssh_host_ecdsa_key
debug3: /etc/ssh/sshd_config:31 setting HostKey /etc/ssh/ssh_host_ed25519_key
debug3: /etc/ssh/sshd_config:75 setting PasswordAuthentication yes
debug3: /etc/ssh/sshd_config:130 setting Subsystem sftp /usr/libexec/sftp-server
debug3: /etc/ssh/sshd_config:141 setting KexAlgorithms +diffie-hellman-group1-sha1,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug3: kex names ok: [diffie-hellman-group1-sha1,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]
debug3: /etc/ssh/sshd_config:142 setting Ciphers +aes128-cbc,blowfish-cbc,aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[email protected],[email protected],[email protected],blowfish-cbc,arcfour256,arcfour128,3des-cbc
debug3: /etc/ssh/sshd_config:143 setting HostKeyAlgorithms [email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ssh-ed25519,ssh-rsa,ssh-dss
debug3: /etc/ssh/sshd_config:144 setting PubkeyAcceptedKeyTypes [email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss
debug3: /etc/ssh/sshd_config:145 setting Macs [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96
debug1: sshd version OpenSSH_7.2, OpenSSL 1.0.2k-freebsd 26 Jan 2017
debug1: private host key #0: ssh-rsa SHA256:Z0lkq88Cn2mCAQlE4P1qan3cXVQvRPnyEjZx544K5Vw
debug1: private host key #1: ssh-dss SHA256:Hr8WF2O7iwzgGjMLkfjn6MgwGtfXNe9i9hhbwQ2q9Sc
debug1: private host key #2: ecdsa-sha2-nistp256 SHA256:ooVzNV0Jtb1P9c2Pq0VVKwiA5i1223ZcTRc+45KTmkQ
debug1: private host key #3: ssh-ed25519 SHA256:chYvmYC7jxgBwWuNbTPmc4aE4kA1ihPuqw6go1wcy+M
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-Dddd'
debug1: rexec_argv[2]='-p'
debug1: rexec_argv[3]='2222'
debug2: fd 3 setting O_NONBLOCK
debug3: Fssh_sock_set_v6only: set socket 3 IPV6_V6ONLY
debug1: Bind to port 2222 on ::.
debug1: Server TCP RWIN socket size: 65536
Server listening on :: port 2222.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 2222 on 0.0.0.0.
debug1: Server TCP RWIN socket size: 65536
Server listening on 0.0.0.0 port 2222.
debug1: fd 5 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 8 config len 1542
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
debug1: res_init()
Connection from 10.20.7.22 port 32790 on 10.20.0.171 port 2222
debug1: Client protocol version 2.0; client software version HP-Client
debug1: no match: HP-Client
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2 FreeBSD-20161230
debug2: fd 3 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing capsicum sandbox
debug2: Network child is on pid 99007
debug3: preauth child monitor started
debug3: privsep user:group 22:22 [preauth]
debug1: permanently_set_uid: 22/22 [preauth]
debug1: list_hostkey_types: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug3: send packet: type 20 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug3: receive packet: type 20 [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug2: local server KEXINIT proposal [preauth]
debug2: KEX algorithms: [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth]
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,arcfour256,arcfour128,3des-cbc [preauth]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,arcfour256,arcfour128,3des-cbc [preauth]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96 [preauth]
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-md5-96 [preauth]
debug2: compression ctos: none,[email protected] [preauth]
debug2: compression stoc: none,[email protected] [preauth]
debug2: languages ctos: [preauth]
debug2: languages stoc: [preauth]
debug2: first_kex_follows 0 [preauth]
debug2: reserved 0 [preauth]
debug2: peer client KEXINIT proposal [preauth]
debug2: KEX algorithms: diffie-hellman-group1-sha1 [preauth]
debug2: host key algorithms: ssh-rsa,ssh-dss [preauth]
debug2: ciphers ctos: aes128-cbc,aes192-cbc,aes256-cbc,none, [preauth]
debug2: ciphers stoc: aes128-cbc,aes192-cbc,aes256-cbc,none, [preauth]
debug2: MACs ctos: hmac-sha256,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,none [preauth]
debug2: MACs stoc: hmac-sha256,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-sha1,none [preauth]
debug2: compression ctos: none [preauth]
debug2: compression stoc: none [preauth]
debug2: languages ctos: [preauth]
debug2: languages stoc: [preauth]
debug2: first_kex_follows 0 [preauth]
debug2: reserved 0 [preauth]
debug1: kex: algorithm: diffie-hellman-group1-sha1 [preauth]
debug1: kex: host key algorithm: ssh-rsa [preauth]
debug1: kex: client->server cipher: aes128-cbc MAC: hmac-sha1 compression: none [preauth]
debug1: kex: server->client cipher: aes128-cbc MAC: hmac-md5 compression: none [preauth]
debug2: bits set: 544/1024 [preauth]
debug1: expecting SSH2_MSG_KEXDH_INIT [preauth]
debug3: receive packet: type 30 [preauth]
debug2: bits set: 504/1024 [preauth]
debug3: mm_key_sign entering [preauth]
debug3: mm_request_send entering: type 6 [preauth]
debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN [preauth]
debug3: mm_request_receive_expect entering: type 7 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 6
debug3: mm_answer_sign
debug3: mm_answer_sign: hostkey proof signature 0x804066780(271)
debug3: mm_request_send entering: type 7
debug2: monitor_read: 6 used once, disabling now
debug3: send packet: type 31 [preauth]
debug3: send packet: type 21 [preauth]
debug2: set_newkeys: mode 1 [preauth]
debug1: rekey after 4294967296 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug3: receive packet: type 21 [preauth]
debug2: set_newkeys: mode 0 [preauth]
debug1: rekey after 4294967296 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: KEX done [preauth]
debug3: receive packet: type 5 [preauth]
debug3: send packet: type 6 [preauth]
debug3: receive packet: type 50 [preauth]
debug3: Trying to reverse map address 10.20.7.22. [preauth]
debug1: userauth-request for user tctest service ssh-connection method password [preauth]
debug1: attempt 0 failures 0 [preauth]
debug3: mm_getpwnamallow entering [preauth]
debug3: mm_request_send entering: type 8 [preauth]
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
debug3: mm_request_receive_expect entering: type 9 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 8
debug3: mm_answer_pwnamallow
debug3: Trying to reverse map address 10.20.7.22.
debug2: parse_server_config: config reprocess config len 1542
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send entering: type 9
debug2: monitor_read: 8 used once, disabling now
debug2: input_userauth_request: setting up authctxt for tctest [preauth]
debug3: mm_start_pam entering [preauth]
debug3: mm_request_send entering: type 100 [preauth]
debug3: mm_inform_authserv entering [preauth]
debug3: mm_request_send entering: type 4 [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 100
debug1: PAM: initializing for "tctest"
debug1: PAM: setting PAM_RHOST to "10.20.7.22"
debug2: monitor_read: 100 used once, disabling now
debug2: input_userauth_request: try method password [preauth]
debug3: mm_auth_password entering [preauth]
debug3: mm_request_send entering: type 12 [preauth]
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD [preauth]
debug3: mm_request_receive_expect entering: type 13 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_request_receive entering
debug3: monitor_read: checking request 4
debug3: mm_answer_authserv: service=ssh-connection, style=
debug2: monitor_read: 4 used once, disabling now
debug3: mm_request_receive entering
debug3: monitor_read: checking request 12
debug3: PAM: sshpam_passwd_conv called with 1 messages
debug1: PAM: password authentication accepted for tctest
debug3: mm_answer_authpassword: sending result 1
debug3: mm_request_send entering: type 13
debug3: mm_request_receive_expect entering: type 102
debug3: mm_request_receive entering
debug1: do_pam_account: called
debug3: PAM: do_pam_account pam_acct_mgmt = 0 (success)
debug3: mm_request_send entering: type 103
Accepted password for tctest from 10.20.7.22 port 32790 ssh2
debug1: monitor_child_preauth: tctest has been authenticated by privileged process
debug3: mm_get_keystate: Waiting for new keys
debug3: mm_request_receive_expect entering: type 26
debug3: mm_request_receive entering
debug3: mm_get_keystate: GOT new keys
debug3: mm_auth_password: user authenticated [preauth]
debug3: mm_do_pam_account entering [preauth]
debug3: mm_request_send entering: type 102 [preauth]
debug3: mm_request_receive_expect entering: type 103 [preauth]
debug3: mm_request_receive entering [preauth]
debug3: mm_do_pam_account returning 1 [preauth]
debug3: send packet: type 52 [preauth]
debug3: mm_request_send entering: type 26 [preauth]
debug3: mm_send_keystate: Finished sending state [preauth]
debug1: monitor_read_log: child log fd closed
debug3: mm_share_sync: Share sync
debug3: mm_share_sync: Share sync end
debug3: ssh_sandbox_parent_finish: finished
debug1: PAM: establishing credentials
debug3: PAM: opening session
User child is on pid 99008
debug1: PAM: establishing credentials
debug3: monitor_apply_keystate: packet_set_state
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: ssh_packet_set_postauth: called
debug3: Fssh_ssh_packet_set_state: done
debug3: notify_hostkeys: key 0: ssh-rsa SHA256:Z0lkq88Cn2mCAQlE4P1qan3cXVQvRPnyEjZx544K5Vw
debug3: notify_hostkeys: key 1: ssh-dss SHA256:Hr8WF2O7iwzgGjMLkfjn6MgwGtfXNe9i9hhbwQ2q9Sc
debug3: notify_hostkeys: key 2: ecdsa-sha2-nistp256 SHA256:ooVzNV0Jtb1P9c2Pq0VVKwiA5i1223ZcTRc+45KTmkQ
debug3: notify_hostkeys: key 3: ssh-ed25519 SHA256:chYvmYC7jxgBwWuNbTPmc4aE4kA1ihPuqw6go1wcy+M
debug3: notify_hostkeys: sent 4 hostkeys
debug3: send packet: type 80
debug1: Entering interactive session for SSH2.
debug2: fd 5 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug3: receive packet: type 90
debug1: server_input_channel_open: ctype session rchan 16777216 win 32768 max 1024
debug1: input_session_request
debug1: channel 0: new [server-session]
debug2: session_new: allocate (allocated 0 max 10)
debug3: session_unused: session id 0 unused
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug3: send packet: type 91
Connection closed by 10.20.7.22
debug1: channel 0: free: server-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 server-session (t10 r16777216 i0/0 o0/0 fd -1/-1 cc -1)
Close session: user tctest from 10.20.7.22 port 32790 id 0
debug3: session_unused: session id 0 unused
debug1: do_cleanup
debug3: PAM: sshpam_thread_cleanup entering
Transferred: sent 2936, received 1360 bytes
Closing connection to 10.20.7.22 port 32790
debug3: mm_audit_event entering
debug3: mm_request_send entering: type 112
debug3: mm_request_receive entering
debug3: mm_request_send entering: type 50
debug3: monitor_read: checking request 112
debug3: mm_answer_audit_event entering
debug3: mm_request_receive entering
debug3: monitor_read: checking request 50
debug3: mm_answer_term: tearing down sessions
debug1: PAM: cleanup
debug1: PAM: closing session
debug1: PAM: deleting credentials
答案1
我在 teemtalk 和 ssh v7 方面遇到了与您相同的问题,我已经启用了所有禁用的算法、密码等,就像您一样并且可以看到密码身份验证通过,但随后 teemtalk 关闭了连接。如果无法访问 teemtalk 日志(实际上没有)或 HP 支持,我也遇到了同样的问题。对我来说唯一的选择是退出 ssh v7 并返回到有效的 v6。顺便说一句,我正在 AIX 上工作。