Default ssh_config file

Questions about networking
Forum rules
Before you post please read this
Post Reply
webtarget
Level 3
Level 3
Posts: 165
Joined: Sat Mar 24, 2012 10:20 am

Default ssh_config file

Post by webtarget » Fri Aug 05, 2016 10:16 am

I can't seem to get my ssh working. I keep getting a connection reset by peer message when testing ssh. I was following the directions in:
https://wiki.debian.org/SSH

Just wondering though after looking at my ssh_config file. Can someone confirm if these options are supposed to be commented out?

Am I supposed to uncomment them?

Host *
# ForwardAgent no
# ForwardX11 no
# ForwardX11Trusted yes
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# GSSAPIKeyExchange no
# GSSAPITrustDNS no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h

Laurent85
Level 14
Level 14
Posts: 5291
Joined: Tue May 26, 2015 10:11 am

Re: Default ssh_config file

Post by Laurent85 » Fri Aug 05, 2016 12:30 pm

Connect to remote host in verbose mode to diagnose the problem:

Code: Select all

ssh -v remote.host.name
or 
ssh -v username@remote.host.name
Image

Habitual
Level 13
Level 13
Posts: 4871
Joined: Sun Nov 21, 2010 8:31 pm
Location: 0.0.0.0

Re: Default ssh_config file

Post by Habitual » Fri Aug 05, 2016 1:08 pm

You shouldn't edit that file. but rather ~/.ssh/config and here's mine. I had time out issues years ago, this fixed it.

Code: Select all

Host *
ServerAliveInterval 120
ServerAliveCountMax 30
ConnectTimeout 30
UseRoaming no
in my ~/.ssh/config

Have fun.

webtarget
Level 3
Level 3
Posts: 165
Joined: Sat Mar 24, 2012 10:20 am

Re: Default ssh_config file

Post by webtarget » Fri Aug 05, 2016 4:33 pm

Laurent85 wrote:Connect to remote host in verbose mode to diagnose the problem:

Code: Select all

ssh -v remote.host.name
or 
ssh -v username@remote.host.name

I'm getting the message:

Code: Select all

OpenSSH_6.7p1 Debian-5+deb8u3, OpenSSL 1.0.1t  3 May 2016
debug1: Reading configuration data /home/<username>/.ssh/config
debug1: /home/<username>/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to <ip address> [<ip address>] port 22.
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.
debug1: identity file /home/<username>/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/<username>/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/<username>/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/<username>/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/<username>/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/<username>/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/<username>/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/<username>/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
ssh_exchange_identification: read: Connection reset by peer
I'm looking that up now, but, if you know how to fix that, please let me know.

Thanks.
Last edited by webtarget on Fri Aug 05, 2016 4:45 pm, edited 2 times in total.

webtarget
Level 3
Level 3
Posts: 165
Joined: Sat Mar 24, 2012 10:20 am

Re: Default ssh_config file

Post by webtarget » Fri Aug 05, 2016 4:36 pm

Habitual wrote:You shouldn't edit that file. but rather ~/.ssh/config and here's mine. I had time out issues years ago, this fixed it.

Code: Select all

Host *
ServerAliveInterval 120
ServerAliveCountMax 30
ConnectTimeout 30
UseRoaming no
in my ~/.ssh/config

Have fun.

This didn't do it, but, it's giving me an idea about how to fix another issue I had with Samba where I was connected to my main computer and my main computer would shut off on me after a certain period.

Laurent85
Level 14
Level 14
Posts: 5291
Joined: Tue May 26, 2015 10:11 am

Re: Default ssh_config file

Post by Laurent85 » Sat Aug 06, 2016 5:53 am

webtarget wrote: debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
ssh_exchange_identification: read: Connection reset by peer
The problem is on server side, access to the service was denied for some reason. See the ssh server configuration and logs.
Image

webtarget
Level 3
Level 3
Posts: 165
Joined: Sat Mar 24, 2012 10:20 am

Re: Default ssh_config file

Post by webtarget » Sat Aug 06, 2016 4:38 pm

the /var/log/auth.log just says:

Code: Select all

sshd[6198]: refused connect from ::1 (::1)
- when I used the command: ssh localhost

I also tried user@<ip address> and the log would say:

Code: Select all

sshd[6089]: refused connect from <ip address> (<ip address>)
This is after a purge and re-install of openssh-server and deleting my .ssh directory and recreating keys using:

Code: Select all

ssh-keygen -t rsa
Unless there are other suggestions, can someone tell me what steps to take to start from scratch without re-installing the OS. I remember when this worked and it was quite easy. So, I'd rather just restart from scratch if possible. I thought a purge and deleting my .ssh directory would do it. Is there anything else I need to do to make it seem like it's a brand new install?

Laurent85
Level 14
Level 14
Posts: 5291
Joined: Tue May 26, 2015 10:11 am

Re: Default ssh_config file

Post by Laurent85 » Sun Aug 07, 2016 4:39 am

webtarget wrote:the /var/log/auth.log just says:

Code: Select all

sshd[6198]: refused connect from ::1 (::1)
The message is pretty clear, sshd refused the connection from localhost ::1 ipv6 address, have you changed the default /etc/hosts.deny and /etc/hosts.allow files content ?
Image

webtarget
Level 3
Level 3
Posts: 165
Joined: Sat Mar 24, 2012 10:20 am

Re: Default ssh_config file

Post by webtarget » Sun Aug 07, 2016 7:32 am

Laurent85 wrote:
webtarget wrote:the /var/log/auth.log just says:

Code: Select all

sshd[6198]: refused connect from ::1 (::1)
The message is pretty clear, sshd refused the connection from localhost ::1 ipv6 address, have you changed the default /etc/hosts.deny and /etc/hosts.allow files content ?
OMG, I forgot about that! I didn't know about those files actually and learned about them and changed them one time when I was reading some article. I was only thinking that my firewall was disabled so nothing should be stopping my connection.

Thanks a lot!

Post Reply

Return to “Networking”