Ubuntu
openssh package

  1. Bug #174168
  2. Comment #8

Comment 8 for bug 174168

Revision history for this message
tommymcguiver (tommymcguiver) wrote : Re: [Bug 174168] Re: expecting SSH2_MSG_KEX_DH_GEX_GROUP

Server might be getting DOS'd.

Tweak MaxStartups in sshd_conf

Ken.

________________________________
From: Paolo Stancato <email address hidden>
To: <email address hidden>
Sent: Monday, 1 June, 2009 10:22:11 AM
Subject: [Bug 174168] Re: expecting SSH2_MSG_KEX_DH_GEX_GROUP

Same problem trying to connect to Github, MTU trick did not help. I'm
running Jaunty

paolo@darkstar:~$ uname -a
Linux darkstar 2.6.28-12-generic #43-Ubuntu SMP Fri May 1 19:31:32 UTC 2009 x86_64 GNU/Linux
paolo@darkstar:~$ ssh -v <email address hidden>
OpenSSH_5.1p1 Debian-5ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /home/paolo/.ssh/config
debug1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to github.com [65.74.177.129] port 22.
debug1: Connection established.
debug1: identity file /home/paolo/.ssh/identity type -1
debug1: identity file /home/paolo/.ssh/id_rsa type -1
debug1: identity file /home/paolo/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-2048
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.7
debug1: match: OpenSSH_4.7 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Connection closed by 65.74.177.129

--
expecting SSH2_MSG_KEX_DH_GEX_GROUP
https://bugs.launchpad.net/bugs/174168
You received this bug notification because you are a direct subscriber
of the bug.

Status in “openssh” source package in Ubuntu: Invalid

Bug description:
Server
Connected to xxxxxxxx
Escape character is '^]'.
SSH-2.0-OpenSSH_4.5

Client
Local version string SSH-2.0-OpenSSH_4.6p1 Debian-5build1

=========================
The client can not log into the server - stops @ the last line (see below)
Client / server "speak" ver. 2.0

Connection server to client OK !!!
Connection client to server NOT OK!!

debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

      Need a Holiday? Win a $10,000 Holiday of your choice. Enter now.http://us.lrd.yahoo.com/_ylc=X3oDMTJxN2x2ZmNpBF9zAzIwMjM2MTY2MTMEdG1fZG1lY2gDVGV4dCBMaW5rBHRtX2xuawNVMTEwMzk3NwR0bV9uZXQDWWFob28hBHRtX3BvcwN0YWdsaW5lBHRtX3BwdHkDYXVueg--/SIG=14600t3ni/**http%3A//au.rd.yahoo.com/mail/tagline/creativeholidays/*http%3A//au.docs.yahoo.com/homepageset/%3Fp1=other%26p2=au%26p3=mailtagline