[arch-general] Recent updates cause ssh sessions to disconnect/reauth repeatedly for ~20 seconds?
All, After updates in the past day or two, I see new behavior for my idle ssh connections that authorize as normal, but then are systematically disconnected forcing a reauth at regular intervals of one-per second, for about 20 seconds. Aug 12 17:46:11 valhalla sshd[3095]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth] Aug 12 17:46:11 valhalla sshd[3095]: Accepted publickey for david from 192.168.6.104 port 50778 ssh2: ECDSA SHA256:foo Aug 12 17:46:11 valhalla sshd[3095]: pam_unix(sshd:session): session opened for user david by (uid=0) Aug 12 17:46:11 valhalla systemd-logind[466]: New session c15 of user david. Aug 12 17:46:11 valhalla systemd[1]: Started Session c15 of user david. Aug 12 17:46:11 valhalla sshd[3097]: Received disconnect from 192.168.6.104 port 50778:11: disconnected by user Aug 12 17:46:11 valhalla sshd[3097]: Disconnected from user david 192.168.6.104 port 50778 Aug 12 17:46:11 valhalla sshd[3095]: pam_unix(sshd:session): session closed for user david Aug 12 17:46:11 valhalla systemd-logind[466]: Removed session c15. ... Aug 12 17:46:11 valhalla systemd[1]: Started Session c16 of user david. Aug 12 17:46:11 valhalla sshd[3102]: Received disconnect from 192.168.6.104 port 50780:11: disconnected by user Aug 12 17:46:11 valhalla sshd[3102]: Disconnected from user david 192.168.6.104 port 50780 Aug 12 17:46:11 valhalla sshd[3100]: pam_unix(sshd:session): session closed for user david Aug 12 17:46:11 valhalla systemd-logind[466]: Removed session c16. ... Aug 12 17:46:12 valhalla systemd[1]: Started Session c17 of user david. Aug 12 17:46:12 valhalla sshd[3107]: Received disconnect from 192.168.6.104 port 50782:11: disconnected by user Aug 12 17:46:12 valhalla sshd[3107]: Disconnected from user david 192.168.6.104 port 50782 Aug 12 17:46:12 valhalla sshd[3105]: pam_unix(sshd:session): session closed for user david Aug 12 17:46:12 valhalla systemd-logind[466]: Removed session c17. It says "Received disconnect from 192.168.6.104 port 50778:11: disconnected by user", but that has never happened in the past. It also causes the connection port to jump +2 each iteration. Can anyone else confirm this as new behavior? At least it stops after about 20 iterations and seems to settle down. I have connections on a LAN that may be up for 3-4 days at a time. (If it were continually iterating/logging 9-lines per-second over that period, it would grow quickly.) -- David C. Rankin, J.D.,P.E.
On 13-08-17 01:09, David C. Rankin wrote:
All,
After updates in the past day or two, I see new behavior for my idle ssh connections that authorize as normal, but then are systematically disconnected forcing a reauth at regular intervals of one-per second, for about 20 seconds.
Aug 12 17:46:11 valhalla sshd[3095]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Hi, that type of keys was disabled for security reasons in 2015, are you sure these connections from 192.168.6.104 are genuine ? What kind of device is at 192.168.6.104 ? https://wiki.archlinux.org/index.php/Secure_Shell#id_dsa_refused_by_OpenSSH_... LW
On 08/13/2017 07:03 AM, LoneVVolf wrote:
On 13-08-17 01:09, David C. Rankin wrote:
All,
After updates in the past day or two, I see new behavior for my idle ssh connections that authorize as normal, but then are systematically disconnected forcing a reauth at regular intervals of one-per second, for about 20 seconds.
Aug 12 17:46:11 valhalla sshd[3095]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]
Hi, that type of keys was disabled for security reasons in 2015, are you sure these connections from 192.168.6.104 are genuine ? What kind of device is at 192.168.6.104 ?
https://wiki.archlinux.org/index.php/Secure_Shell#id_dsa_refused_by_OpenSSH_...
LW
That's just an old key in the .ssh directory. It isn't used to connect. The ECDSA key is the one that connects: Aug 12 17:46:11 valhalla sshd[3095]: userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth] Aug 12 17:46:11 valhalla sshd[3095]: Accepted publickey for david from 192.168.6.104 port 50778 ssh2: ECDSA SHA256:foo -- David C. Rankin, J.D.,P.E.
participants (2)
-
David C. Rankin
-
LoneVVolf