Troubleshooting AutoSSH

L. V. Lammert lvl@omnitec.net
Fri Jul 12 16:47:00 GMT 2013


On Fri, 12 Jul 2013, Andrew Schulman wrote:

> > Trying to debug a session, .. neither AUTOSSH_DEBUG nor AUTOSSH_LOGLEVEL:
> >
> > $ env | grep AUTO
> > AUTOSSH_DEBUG=1
> > AUTOSSH_LOGLEVEL=7
> >
> > nor -vv:
> >
> > cygrunsrv -I AutoSSH -f "remote_link" -p /usr/bin/autossh -a " -vv \
> >
> > change the logging info always ("Host key verification filed"); what is
> > the correct way to increase the log level?
>
> Your command line looks wrong.  Did it get cut off?
>
Yes, I only included the first half where I inserted the "-vv", which does
not work. The entire command works on other systems, so that is not the
problem.

The problem is, nothing seems to raise the debug level for autossh when
starting as a service, .. [see below].

> (1) Get the ssh command working.
>
Works fine, .. keys setup.

> (2) Get the autossh command working.
>
Bingo - looks like -v *DOES* work when starting as a user! ON startup:

$ autossh -v -M 5661:6661 -N -R 4661:127.0.0.1:2206
wtadmin@nagios.winningtech.com
2013/07/12 11:10:09 autossh[5128]: checking for grace period, tries = 0
2013/07/12 11:10:09 autossh[5128]: starting ssh (count 1)
2013/07/12 11:10:09 autossh[5128]: ssh child pid is 5060
2013/07/12 11:10:09 autossh[5128]: check on child 5060
2013/07/12 11:10:09 autossh[5128]: set alarm for 600 secs
2013/07/12 11:10:09 autossh[5060]: execing /usr/bin/ssh
OpenSSH_6.2p2, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to <remote server> [<IP>] port 2206.
debug1: Connection established.
debug1: identity file /home/<admin user>/.ssh/id_rsa type 1
debug1: identity file /home/<admin user>/.ssh/id_rsa-cert type -1
debug1: identity file /home/<admin user>/.ssh/id_dsa type -1
debug1: identity file /home/<admin user>/.ssh/id_dsa-cert type -1
debug1: identity file /home/<admin user>/.ssh/id_ecdsa type -1
debug1: identity file /home/<admin user>/.ssh/id_ecdsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
debug1: match: OpenSSH_5.8 pat OpenSSH_5*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA
70:5c:35:ee:86:19:23:15:32:1a:e7:d6:99:95:9a:e4
debug1: Host '[<remote server>]:2206' is known and matches the ECDSA host key.
debug1: Found key in /home/<admin user>n/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/<admin user>/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to <remote server> ([<IP>]:2206).
debug1: Local connections to LOCALHOST:5661 forwarded to remote address
127.0.0.1:6661
debug1: Local forwarding listening on ::1 port 5661.
				  ^^^^^^^^^

<connection attempt fails with "Connection closed by ::1">!!!!

It looks like the problem is that AutoSSH is binding to IPV6, *NOT*
IPv4! sshd is set to "AddressFamily inet", .. so the problem appears to be
that AutoSSH is not binding properly.

Don't see anything in the man pages or a quick search, .. how would one
force AutoSSH to bind to IPv4? IPV6 is installed on this box, but not
used.

	Thanks!!!!

	Lee

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list