Since OpenBSD 6.4(i386) SSH to a remote host from a virtual machine
hosted on Vmware Fusion (10 and 11) is not working when network interface is in NAT mode. Moving the interface to bridge mode "fixes" the problem. After sending the password it drops the connection with the message: packet_write_wait: Connection to XXX.XX.X.XX port 22: Broken pipe More debug log below. With OBSD version 6.3(i386) all was working fine. Tried also with a fresh new installed vm, same issue. obsdws$ ssh -vvv [hidden email] OpenSSH_7.9, LibreSSL 2.8.2 debug1: Reading configuration data /etc/ssh/ssh_config debug2: resolve_canonicalize: hostname XXX.XX.X.XX is address debug2: ssh_connect_direct debug1: Connecting to XXX.XX.X.XX [XXX.XX.X.XX] port 22. debug1: Connection established. debug1: identity file /home/peter/.ssh/id_rsa type -1 debug1: identity file /home/peter/.ssh/id_rsa-cert type -1 debug1: identity file /home/peter/.ssh/id_dsa type -1 debug1: identity file /home/peter/.ssh/id_dsa-cert type -1 debug1: identity file /home/peter/.ssh/id_ecdsa type -1 debug1: identity file /home/peter/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/peter/.ssh/id_ed25519 type -1 debug1: identity file /home/peter/.ssh/id_ed25519-cert type -1 debug1: identity file /home/peter/.ssh/id_xmss type -1 debug1: identity file /home/peter/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_7.9 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6 debug1: match: OpenSSH_7.6 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to XXX.XX.X.XX:22 as 'myusername' debug3: hostkeys_foreach: reading file "/home/peter/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /home/peter/.ssh/known_hosts:6 debug3: load_hostkeys: loaded 1 keys from XXX.XX.X.XX debug3: order_hostkeyalgs: prefer hostkeyalgs: [hidden email],[hidden email],[hidden email],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,[hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c debug2: host key algorithms: [hidden email],[hidden email],[hidden email],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[hidden email],[hidden email],[hidden email],[hidden email],ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa debug2: ciphers ctos: [hidden email],aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],[hidden email] debug2: ciphers stoc: [hidden email],aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],[hidden email] debug2: MACs ctos: [hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: [hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,[hidden email],zlib debug2: compression stoc: none,[hidden email],zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,[hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 debug2: ciphers ctos: [hidden email],aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],[hidden email] debug2: ciphers stoc: [hidden email],aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],[hidden email] debug2: MACs ctos: [hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: [hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,[hidden email] debug2: compression stoc: none,[hidden email] debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: [hidden email] MAC: <implicit> compression: none debug1: kex: client->server cipher: [hidden email] MAC: <implicit> compression: none debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: Server host key: ecdsa-sha2-nistp256 SHA256:jGpBDtsGB6YifcW+9VYwVGlKv4HXb4A+u0PPVgr71Dk debug3: hostkeys_foreach: reading file "/home/peter/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /home/peter/.ssh/known_hosts:6 debug3: load_hostkeys: loaded 1 keys from XXX.XX.X.XX debug1: Host 'XXX.XX.X.XX' is known and matches the ECDSA host key. debug1: Found key in /home/peter/.ssh/known_hosts:6 debug3: send packet: type 21 debug2: set_newkeys: mode 1 debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: receive packet: type 21 debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey after 134217728 blocks debug1: Will attempt key: /home/peter/.ssh/id_rsa debug1: Will attempt key: /home/peter/.ssh/id_dsa debug1: Will attempt key: /home/peter/.ssh/id_ecdsa debug1: Will attempt key: /home/peter/.ssh/id_ed25519 debug1: Will attempt key: /home/peter/.ssh/id_xmss debug2: pubkey_prepare: done debug3: send packet: type 5 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521> debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/peter/.ssh/id_rsa debug3: no such identity: /home/peter/.ssh/id_rsa: No such file or directory debug1: Trying private key: /home/peter/.ssh/id_dsa debug3: no such identity: /home/peter/.ssh/id_dsa: No such file or directory debug1: Trying private key: /home/peter/.ssh/id_ecdsa debug3: no such identity: /home/peter/.ssh/id_ecdsa: No such file or directory debug1: Trying private key: /home/peter/.ssh/id_ed25519 debug3: no such identity: /home/peter/.ssh/id_ed25519: No such file or directory debug1: Trying private key: /home/peter/.ssh/id_xmss debug3: no such identity: /home/peter/.ssh/id_xmss: No such file or directory debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug3: send packet: type 50 debug2: we sent a keyboard-interactive packet, wait for reply debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: userauth_kbdint: disable: no info_req_seen debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: debug3: authmethod_is_enabled password debug1: Next authentication method: password [hidden email]'s password: debug3: send packet: type 50 debug2: we sent a password packet, wait for reply debug3: receive packet: type 52 debug1: Authentication succeeded (password). Authenticated to XXX.XX.X.XX ([XXX.XX.X.XX]:22). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug3: send packet: type 90 debug1: Requesting [hidden email] debug3: send packet: type 80 debug1: Entering interactive session. debug1: pledge: network debug3: receive packet: type 80 debug1: client_input_global_request: rtype [hidden email] want_reply 0 debug3: receive packet: type 91 debug2: channel_input_open_confirmation: channel 0: callback start debug2: fd 3 setting TCP_NODELAY debug3: ssh_packet_set_tos: set IP_TOS 0x48 debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug3: send packet: type 98 debug2: channel 0: request shell confirm 1 debug3: send packet: type 98 debug2: channel_input_open_confirmation: channel 0: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug3: send packet: type 1 packet_write_wait: Connection to XXX.XX.X.XX port 22: Broken pipe |
On 2018/10/19 14:51, Peter van Oord van der Vlies wrote:
> Since OpenBSD 6.4(i386) SSH to a remote host from a virtual machine > > hosted on Vmware Fusion (10 and 11) is not working when network > > interface is in NAT mode. > > Moving the interface to bridge mode "fixes" the problem. VMware's NAT implementation is broken. It does not work with the normal standards used for IP QoS (OpenSSH switched to using DSCP instead of deprecated "lowdelay"/"throughput" in this release cycle). You can workaround with "IPQoS lowdelay throughput" in ssh/sshd config. https://marc.info/?t=153535113300003&r=1&w=2 https://marc.info/?t=153548553700004&r=1&w=2 |
Free forum by Nabble | Edit this page |