We help IT Professionals succeed at work.

Not able to SSH

beer9
beer9 asked
on
I am not able to ssh to one of the EC2 host in AWS:

bash-3.2$ ssh -vvvv -i ~/.ssh/id_rsa_APP_GIT 54.12.34.56 -l b123
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /Users/user1/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 102: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 54.12.34.56 [54.12.34.56] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/Users/user1/.ssh/id_rsa_APP_GIT" as a RSA1 public key
debug1: identity file /Users/user1/.ssh/id_rsa_APP_GIT type 1
debug1: identity file /Users/user1/.ssh/id_rsa_APP_GIT-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
ssh_exchange_identification: read: Operation timed out

Open in new window


Though I can telnet it:
bash-3.2$ telnet 54.12.34.56 22
Trying 54.12.34.56...
Connected to ec2-54-12-34-56.compute-1.amazonaws.com.
Escape character is '^]'.
^]
telnet> q
Connection closed.

Open in new window


Appreciate if someone can help in suggesting how to troubleshoot it
Comment
Watch Question

Zephyr ICTCloud Architect

Commented:
It seems to get stuck on the exchange of SSH versions:

debug1: Local version string SSH-2.0-OpenSSH_6.2
ssh_exchange_identification: read: Operation timed out

Open in new window


Might want to check versions on your local machine... Or check local ssh config... Or try by removing old ssh config files if any exist.

Author

Commented:
Thanks for hint, here my local ssh config, I am using SSH:

bash-3.2$ cat /etc/ssh_config  | grep -v ^# | grep -v ^$
 Host *
   SendEnv LANG LC_*
Host *
    XAuthLocation /opt/X11/bin/xauth
bash-3.2$ cat /etc/sshd_config  | grep -v ^# | grep -v ^$
SyslogFacility AUTHPRIV
AuthorizedKeysFile	.ssh/authorized_keys
UsePrivilegeSeparation sandbox		# Default for new installations.
AcceptEnv LANG LC_*
Subsystem	sftp	/usr/libexec/sftp-server
XAuthLocation /opt/X11/bin/xauth

Open in new window

I think that the problem is here

debug3: Incorrect RSA1 identifier
debug3: Could not load "/Users/user1/.ssh/id_rsa_APP_GIT" as a RSA1 public key

Can you show us the contents of /Users/user1/.ssh/authorized_keys ? This is the user1 public key on the server, not your private key, and it is supposed to be shared so you are not at risk.
Zephyr ICTCloud Architect

Commented:
Can you check versions on both client and server?

dpkg -s openssh | grep Version

Open in new window


or

yum info openssh

Open in new window

Author

Commented:
Server:
$ dpkg -s openssh-server | grep Version
Version: 1:6.6p1-2ubuntu2

Client:
bash-3.2$ ssh -V
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 201
Zephyr ICTCloud Architect

Commented:
Could you check if you can upgrade OpenSSH on your client?

apt-get update/upgrade OpenSSH

Open in new window

Author

Commented:
I am using Mac laptop on client side, not sure how to upgrade the SSH client
Cloud Architect
Commented:
Ah, ok, didn't know that ...

Well, if you already tried regenerating your ssh key and or clear out your ssh config, and that didn't work, there's a way to upgrade OpenSSH on Mac OS X that you can check out here.