[résolu] connexions ssh impossibles

Debian Alain · 30-03-2019 20:51:59

bonsoir .

j'ai un souci avec ssh .

je pense que j'ai dû planter le client .

je n'ai plus aucune connexion en ssh sur mes vm .

ssh buster@192.168.1.2

Received disconnect from 192.168.1.2 port 22:2: Too many authentication failures

Disconnected from 192.168.1.2 port 22

ssh vmstretch

Received disconnect from 192.168.1.32 port 22:2: Too many authentication failures

Disconnected from 192.168.1.32 port 22

ssh root@192.168.1.2 -o PubkeyAuthentication=no

root@192.168.1.2's password: 

Permission denied, please try again.

root@192.168.1.2's password: 

Permission denied, please try again.

root@192.168.1.2's password: 

root@192.168.1.2: Permission denied (publickey,password).

il n'y a que cette commande qui semble fonctionner :

ssh buster@192.168.1.2 -o PubkeyAuthentication=no

buster@192.168.1.2's password: 

Linux Host-002 4.19.0-4-amd64 #1 SMP Debian 4.19.28-2 (2019-03-15) x86_64

The programs included with the Debian GNU/Linux system are free software;

the exact distribution terms for each program are described in the

individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent

permitted by applicable law.

Last login: Sat Mar 30 20:59:56 2019 from 192.168.1.68

buster@Host-002:~$

http://geekeries.de-labrusse.fr/?p=2645

avec un

MaxAuthTries 24 (6 à l'origine)

çà ne fonctionne toujours pas .

j'ai cherché sur le web mais je n'ai rien compris aux solutions proposées .

le site de D-F ne m'a pas beaucoup plus aidé .

j'ai réinstallé le client et le serveur : pas de résultat .

si vous pouvez m'expliquer la panne et me donner la soluce ...

merci d'avance .

Dernière modification par Debian Alain (31-03-2019 10:37:17)

bendia · 30-03-2019 21:03:44

Salut

Avec une entrée dans ~/.ssh/config de ce genre ?

Host un_petit_nom_pour_se__rappeller

Hostname IP_ ou_nom_d_hôte

User le_user_qui_va_bien

IdentitiesOnly=yes

Debian Alain · 30-03-2019 21:14:05

modif' faite , je teste ...

Host vmbuster

Hostname 192.168.1.2

User buster

IdentitiesOnly=yes

Port 22

Dernière modification par Debian Alain (30-03-2019 21:14:55)

David5647 · 30-03-2019 21:14:36

Ca serait pas un trop grand nombre de clés dans .ssh/key_xxx
D'après ce que j'ai compris, ssh teste toutes les clés dans .ssh
et donc si il en teste un nombre supérieure à la limite fixée dans ton fichier de conf, ça bloque

pour voir si c'est ça :
que renvoient les mêmes commandes avec plus de "verbose" (-v)

Debian Alain · 30-03-2019 21:21:14

oui , David5647 , tu as raison . il y a trop de clés .

je te réponds mais saches que bendia m'a donné la bonne commande .

ssh -v vmbuster

OpenSSH_7.9p1 Debian-9, OpenSSL 1.1.1b  26 Feb 2019

debug1: Reading configuration data /home/alain/.ssh/config

debug1: /home/alain/.ssh/config line 36: Applying options for vmbuster

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

debug1: Connecting to 192.168.1.2 [192.168.1.2] port 22.

debug1: Connection established.

debug1: identity file /home/alain/.ssh/id_rsa type 0

debug1: identity file /home/alain/.ssh/id_rsa-cert type -1

debug1: identity file /home/alain/.ssh/id_dsa type -1

debug1: identity file /home/alain/.ssh/id_dsa-cert type -1

debug1: identity file /home/alain/.ssh/id_ecdsa type -1

debug1: identity file /home/alain/.ssh/id_ecdsa-cert type -1

debug1: identity file /home/alain/.ssh/id_ed25519 type -1

debug1: identity file /home/alain/.ssh/id_ed25519-cert type -1

debug1: identity file /home/alain/.ssh/id_xmss type -1

debug1: identity file /home/alain/.ssh/id_xmss-cert type -1

debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Debian-9

debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9p1 Debian-9

debug1: match: OpenSSH_7.9p1 Debian-9 pat OpenSSH* compat 0x04000000

debug1: Authenticating to 192.168.1.2:22 as 'buster'

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: algorithm: curve25519-sha256

debug1: kex: host key algorithm: ecdsa-sha2-nistp256

debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ecdsa-sha2-nistp256 SHA256:FzlfO7Gn923I0i8WtVlX2rUHmYkEOhLzgAUHY/e5KZY

debug1: Host '192.168.1.2' is known and matches the ECDSA host key.

debug1: Found key in /home/alain/.ssh/known_hosts:12

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: rekey after 134217728 blocks

debug1: Will attempt key: /home/alain/.ssh/id_rsa RSA SHA256:W8G8opHhRVembD3ViL9Ae8jk+UVomKM3jp3Fe/iGLVQ agent

debug1: Will attempt key: /home/alain/.ssh/id_dsa 

debug1: Will attempt key: /home/alain/.ssh/id_ecdsa 

debug1: Will attempt key: /home/alain/.ssh/id_ed25519 

debug1: Will attempt key: /home/alain/.ssh/id_xmss 

debug1: SSH2_MSG_EXT_INFO received

debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey,password

debug1: Next authentication method: publickey

debug1: Offering public key: /home/alain/.ssh/id_rsa RSA SHA256:W8G8opHhRVembD3ViL9Ae8jk+UVomKM3jp3Fe/iGLVQ agent

debug1: Authentications that can continue: publickey,password

debug1: Trying private key: /home/alain/.ssh/id_dsa

debug1: Trying private key: /home/alain/.ssh/id_ecdsa

debug1: Trying private key: /home/alain/.ssh/id_ed25519

debug1: Trying private key: /home/alain/.ssh/id_xmss

debug1: Next authentication method: password

buster@192.168.1.2's password: 

debug1: Authentication succeeded (password).

Authenticated to 192.168.1.2 ([192.168.1.2]:22).

debug1: channel 0: new [client-session]

debug1: Requesting no-more-sessions@openssh.com

debug1: Entering interactive session.

debug1: pledge: network

debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0

debug1: Sending environment.

debug1: Sending env LANG = fr_FR.UTF-8

Linux Host-002 4.19.0-4-amd64 #1 SMP Debian 4.19.28-2 (2019-03-15) x86_64

The programs included with the Debian GNU/Linux system are free software;

the exact distribution terms for each program are described in the

individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent

permitted by applicable law.

Last login: Sat Mar 30 21:15:14 2019 from 192.168.1.68

buster@Host-002:~$

je comprends rien à tous ce fatras .

on dirait qu'il cherche une quantité faramineuse de clés ...

Dernière modification par Debian Alain (30-03-2019 21:22:19)

David5647 · 30-03-2019 21:44:32

Oui, j'avais pas saisi la réponse de bendia,
D'après ce que je comprends, elle pallie justement à ce trop grand nombre de clé
IdentitiesOnly=yes désactive la recherche des clés dans .ssh/
du coup tu dois rajouter -i key_xxx ?

Je suis dans le vrai?

Debian Alain · 30-03-2019 21:50:06

par contre , j'ai parlé trop vite .

pour buster , çà a marché mais pas pour la vm stretch

alain@Alain-PC:~$ ssh root@192.168.1.32

Received disconnect from 192.168.1.32 port 22:2: Too many authentication failures

Disconnected from 192.168.1.32 port 22

alain@Alain-PC:~$ ssh root@192.168.1.32 -o PubkeyAuthentication=no

root@192.168.1.32's password: 

Permission denied, please try again.

root@192.168.1.32's password: 

Permission denied, please try again.

root@192.168.1.32's password: 

root@192.168.1.32: Permission denied (publickey,password).

alain@Alain-PC:~$ ssh debian@192.168.1.32

Received disconnect from 192.168.1.32 port 22:2: Too many authentication failures

Disconnected from 192.168.1.32 port 22

alain@Alain-PC:~$ ssh debian@192.168.1.32 -o PubkeyAuthentication=no

debian@192.168.1.32's password: 

Permission denied, please try again.

debian@192.168.1.32's password: 

Permission denied, please try again.

debian@192.168.1.32's password: 

debian@192.168.1.32: Permission denied (publickey,password).

alain@Alain-PC:~$ ssh -v debian@192.168.1.32

OpenSSH_7.9p1 Debian-9, OpenSSL 1.1.1b  26 Feb 2019

debug1: Reading configuration data /home/alain/.ssh/config

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

debug1: Connecting to 192.168.1.32 [192.168.1.32] port 22.

debug1: Connection established.

debug1: identity file /home/alain/.ssh/id_rsa type 0

debug1: identity file /home/alain/.ssh/id_rsa-cert type -1

debug1: identity file /home/alain/.ssh/id_dsa type -1

debug1: identity file /home/alain/.ssh/id_dsa-cert type -1

debug1: identity file /home/alain/.ssh/id_ecdsa type -1

debug1: identity file /home/alain/.ssh/id_ecdsa-cert type -1

debug1: identity file /home/alain/.ssh/id_ed25519 type -1

debug1: identity file /home/alain/.ssh/id_ed25519-cert type -1

debug1: identity file /home/alain/.ssh/id_xmss type -1

debug1: identity file /home/alain/.ssh/id_xmss-cert type -1

debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Debian-9

debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Debian-10+deb9u6

debug1: match: OpenSSH_7.4p1 Debian-10+deb9u6 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002

debug1: Authenticating to 192.168.1.32:22 as 'debian'

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: algorithm: curve25519-sha256

debug1: kex: host key algorithm: ecdsa-sha2-nistp256

debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ecdsa-sha2-nistp256 SHA256:FTftIJmQmRSwnrDeEKjKmHxZj4EUfuGbz/8/ACYJS4I

debug1: Host '192.168.1.32' is known and matches the ECDSA host key.

debug1: Found key in /home/alain/.ssh/known_hosts:9

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: rekey after 134217728 blocks

debug1: Will attempt key: /home/alain/.ssh/id_rsa RSA SHA256:W8G8opHhRVembD3ViL9Ae8jk+UVomKM3jp3Fe/iGLVQ agent

debug1: Will attempt key: alain@Alain-PC RSA SHA256:kAUPeDeqoxODKUMdD8tevk/Q1Gw4OtNKl35WRgq0DMQ agent

debug1: Will attempt key: alain@Alain-PC RSA SHA256:aX98Re2WXO/dplFw3k4OiS6g+x/S3JeAEGfCrf8uZNI agent

debug1: Will attempt key: alain@Alain-PC RSA SHA256:no8Ia66guvmytlxtvJLjqpTmCuNvxfcSJJI3srH+MFQ agent

debug1: Will attempt key: alain@Alain-PC RSA SHA256:cIje7Ou7KLJUW1vzsKtU6zpl1zBX/Li/CMjCD+H6Rb8 agent

debug1: Will attempt key: alain@Alain-PC RSA SHA256:HHsNU7myXeHfTPT/2+25xZNhsmAo45e9MKNon/bm+MI agent

debug1: Will attempt key: /home/alain/.ssh/id_dsa 

debug1: Will attempt key: /home/alain/.ssh/id_ecdsa 

debug1: Will attempt key: /home/alain/.ssh/id_ed25519 

debug1: Will attempt key: /home/alain/.ssh/id_xmss 

debug1: SSH2_MSG_EXT_INFO received

debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey,password

debug1: Next authentication method: publickey

debug1: Offering public key: /home/alain/.ssh/id_rsa RSA SHA256:W8G8opHhRVembD3ViL9Ae8jk+UVomKM3jp3Fe/iGLVQ agent

debug1: Authentications that can continue: publickey,password

debug1: Offering public key: alain@Alain-PC RSA SHA256:kAUPeDeqoxODKUMdD8tevk/Q1Gw4OtNKl35WRgq0DMQ agent

debug1: Authentications that can continue: publickey,password

debug1: Offering public key: alain@Alain-PC RSA SHA256:aX98Re2WXO/dplFw3k4OiS6g+x/S3JeAEGfCrf8uZNI agent

debug1: Authentications that can continue: publickey,password

debug1: Offering public key: alain@Alain-PC RSA SHA256:no8Ia66guvmytlxtvJLjqpTmCuNvxfcSJJI3srH+MFQ agent

debug1: Authentications that can continue: publickey,password

debug1: Offering public key: alain@Alain-PC RSA SHA256:cIje7Ou7KLJUW1vzsKtU6zpl1zBX/Li/CMjCD+H6Rb8 agent

debug1: Authentications that can continue: publickey,password

debug1: Offering public key: alain@Alain-PC RSA SHA256:HHsNU7myXeHfTPT/2+25xZNhsmAo45e9MKNon/bm+MI agent

Received disconnect from 192.168.1.32 port 22:2: Too many authentication failures

Disconnected from 192.168.1.32 port 22

https://superuser.com/questions/187779/ … r-username

https://www.tecmint.com/fix-ssh-too-man … res-error/

https://www.debian-fr.org/t/ssh-too-man … ures/32641

https://serverfault.com/questions/36291 … -user-root

https://www.linuxquestions.org/question … 175601824/

rien compris

Dernière modification par Debian Alain (31-03-2019 09:15:32)

Debian Alain · 31-03-2019 09:19:00

pourtant , j'ai pas gaffé , si ???

Host vmstretch

Hostname 192.168.1.32

User debian

IdentitiesOnly=yes

Port 22

Host vmbuster

Hostname 192.168.1.2

User buster

IdentitiesOnly=yes

Port 22

je reteste aujourd'hui

quoique je fasse , ssh refuse de me donner la connexion :

alain@Alain-PC:~$ ssh -v -p 22 vmstretch

OpenSSH_7.9p1 Debian-9, OpenSSL 1.1.1b  26 Feb 2019

debug1: Reading configuration data /home/alain/.ssh/config

debug1: /home/alain/.ssh/config line 30: Applying options for vmstretch

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

debug1: Connecting to 192.168.1.32 [192.168.1.32] port 22.

debug1: Connection established.

debug1: identity file /home/alain/.ssh/id_rsa type 0

debug1: identity file /home/alain/.ssh/id_rsa-cert type -1

debug1: identity file /home/alain/.ssh/id_dsa type -1

debug1: identity file /home/alain/.ssh/id_dsa-cert type -1

debug1: identity file /home/alain/.ssh/id_ecdsa type -1

debug1: identity file /home/alain/.ssh/id_ecdsa-cert type -1

debug1: identity file /home/alain/.ssh/id_ed25519 type -1

debug1: identity file /home/alain/.ssh/id_ed25519-cert type -1

debug1: identity file /home/alain/.ssh/id_xmss type -1

debug1: identity file /home/alain/.ssh/id_xmss-cert type -1

debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Debian-9

debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Debian-10+deb9u6

debug1: match: OpenSSH_7.4p1 Debian-10+deb9u6 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002

debug1: Authenticating to 192.168.1.32:22 as 'debian'

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: algorithm: curve25519-sha256

debug1: kex: host key algorithm: ecdsa-sha2-nistp256

debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ecdsa-sha2-nistp256 SHA256:FTftIJmQmRSwnrDeEKjKmHxZj4EUfuGbz/8/ACYJS4I

debug1: Host '192.168.1.32' is known and matches the ECDSA host key.

debug1: Found key in /home/alain/.ssh/known_hosts:9

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: rekey after 134217728 blocks

debug1: Will attempt key: /home/alain/.ssh/id_rsa RSA SHA256:W8G8opHhRVembD3ViL9Ae8jk+UVomKM3jp3Fe/iGLVQ agent

debug1: Will attempt key: /home/alain/.ssh/id_dsa 

debug1: Will attempt key: /home/alain/.ssh/id_ecdsa 

debug1: Will attempt key: /home/alain/.ssh/id_ed25519 

debug1: Will attempt key: /home/alain/.ssh/id_xmss 

debug1: SSH2_MSG_EXT_INFO received

debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey,password

debug1: Next authentication method: publickey

debug1: Offering public key: /home/alain/.ssh/id_rsa RSA SHA256:W8G8opHhRVembD3ViL9Ae8jk+UVomKM3jp3Fe/iGLVQ agent

debug1: Authentications that can continue: publickey,password

debug1: Trying private key: /home/alain/.ssh/id_dsa

debug1: Trying private key: /home/alain/.ssh/id_ecdsa

debug1: Trying private key: /home/alain/.ssh/id_ed25519

debug1: Trying private key: /home/alain/.ssh/id_xmss

debug1: Next authentication method: password

debian@192.168.1.32's password: 

debug1: Authentications that can continue: publickey,password

Permission denied, please try again.

debian@192.168.1.32's password: 

debug1: Authentications that can continue: publickey,password

Permission denied, please try again.

debian@192.168.1.32's password: 

debug1: Authentications that can continue: publickey,password

debug1: No more authentication methods to try.

debian@192.168.1.32: Permission denied (publickey,password).

alain@Alain-PC:~$ ssh -o PubkeyAuthentication=no root@192.168.1.32

root@192.168.1.32's password: 

Permission denied, please try again.

root@192.168.1.32's password: 

Permission denied, please try again.

root@192.168.1.32's password: 

root@192.168.1.32: Permission denied (publickey,password).

alain@Alain-PC:~$ ssh -o PubkeyAuthentication=no debian@192.168.1.32

debian@192.168.1.32's password: 

Permission denied, please try again.

debian@192.168.1.32's password: 

Permission denied, please try again.

debian@192.168.1.32's password:

solution trouvée :

reinitialisation du ~/.ssh/known_hosts (R.A.Z.,effacement , quoi)
correction paramétrage de ~/.ssh/config .
il y avait une erreur dans le user distant du ssh de ma vm .

Dernière modification par Debian Alain (31-03-2019 10:36:25)

Debian-facile

#1 30-03-2019 20:51:59

[résolu] connexions ssh impossibles

#2 30-03-2019 21:03:44

Re : [résolu] connexions ssh impossibles

#3 30-03-2019 21:14:05

Re : [résolu] connexions ssh impossibles

#4 30-03-2019 21:14:36

Re : [résolu] connexions ssh impossibles

#5 30-03-2019 21:21:14

Re : [résolu] connexions ssh impossibles

#6 30-03-2019 21:44:32

Re : [résolu] connexions ssh impossibles

#7 30-03-2019 21:50:06

Re : [résolu] connexions ssh impossibles

#8 31-03-2019 09:19:00

Re : [résolu] connexions ssh impossibles

Pied de page des forums