Recently ran into a hardware issue on my CentOS machine. After a PSU, ram, mobo and CPU replacement I think I have the hardware issue resolved.
However, I believe I have a network configuration issue causing SSH remote connection failures.
I tried regular ssh using my original account and key and I receive a connection timeout after server is expecting: debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP.
From the server itself with a new account:
$ ssh -v -o PubkeyAuthentication=no chris@localhost
Last login: ...
[chris@dev ~]$
From a remote connection on the LAN to try remote SSH:
chris::Internets|10 ~ $ ssh -v -o PubkeyAuthentication=no chris@pug
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /Users/chris/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 102: Applying options for *
debug1: Connecting to pug [192.168.1.175] port 22.
debug1: Connection established.
debug1: identity file /Users/chris/.ssh/id_rsa type 1
debug1: identity file /Users/chris/.ssh/id_rsa-cert type -1
debug1: identity file /Users/chris/.ssh/id_dsa type -1
debug1: identity file /Users/chris/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Operation timed out
I have verified I can:
- ping remote boxes on lan and internet from server
- cannot wget web pages from server
- ping server from lan
- can access ssh port from lan or remote connection (still receive ssh errors)
I did see a post regarding DNS resolution issues causing an issue, I have UseDNS No which should avoid DNS entirely and not cause issues.
Any ideas here as I am scratching my head for what else to look for?
Edit:
/var/log/secure has the following contents:
Nov 29 11:19:45 dev sshd[5978]: fatal: Read from socket failed: Connection reset by peer
Also, I checked and SSH is listening on 22 as it should be.
[root@dev ~]# lsof -i TCP:22 | grep LISTEN
sshd 5424 root 3u IPv4 39030 0t0 TCP *:ssh (LISTEN)
sshd 5424 root 3u IPv6 39032 0t0 TCP *:ssh (LISTEN)
To avoid complications, I flushed iptables:
[root@dev ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Best Answer
I suspect a change in networking configuration because your MAC address has changed. If you swap out mainboards on an existing Linux installation, the file
/etc/udev/rules.d/70-persistent-net.ruleswill create new entries for your devices and give them new names. So, if you had eth0 and eth1 before, you will now probably have eth2 and eth3. You need to manually update that file after changing network adapters.Additionally, can you show your firewall rules (
iptables -L -n)?