cf7/ittavern.com
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

DEL HTML anchors from posts as they are going to be added automaticly with new ssg

Browse source
This commit is contained in:
Caffeine Fueled 2025-10-27 20:20:04 +01:00
parent 3484b45045
commit 3d28d5eee9
Signed by: cf7
GPG key ID: CA295D643074C68C
26 changed files with 263 additions and 263 deletions
Download patch file Download diff file Expand all files Collapse all files

20
items/2023-01-17_long_ssh-troubleshooting-guide.md
View file

@ -5,7 +5,7 @@ I won't go into specific cases in this blog post. This is a general guide on how
In this post, I'll use a **Linux** client and server as a reference.
## Logging <a href="#logging" id="logging">#</a>
## Logging
**Client**
@ -31,7 +31,7 @@ Thanks to [youRFate on Lobste.rs](https://lobste.rs/s/wombsw/ssh_troubleshooting
As mentioned, there are many more, but the following list will give you a great starting point.
#### Hostname resolution <a href="#hostname" id="hostname">#</a>
#### Hostname resolution
```markdown
error output
@ -45,7 +45,7 @@ This error message implies a problem with the DNS.
- check hostname resolution with `nslookup` or other tools
#### Connection timeout <a href="#timeout" id="timeout">#</a>
#### Connection timeout
```markdown
Error output
@ -63,7 +63,7 @@ Routing:
Firewalls:
: check the firewalls on the client, server, and network firewalls and make sure that the connection is allowed.
#### Connection refused <a href="#refused" id="refused">#</a>
#### Connection refused
```markdown
Error output
@ -83,7 +83,7 @@ SSH server running:
: make sure that the SSH server is running, e.x. with `systemctl status sshd`
#### Permission denied <a href="#permission" id="permission">#</a>
#### Permission denied
`Permission denied (publickey,password)`
@ -124,7 +124,7 @@ Private key no longer accepted on the server:
: a workaround would be to add the insecure key algorithm to the SSH server config to the accepted keys `PubkeyAcceptedKeyTypes`.
#### SSH protocol version <a href="#ssh-version" id="ssh-version">#</a>
#### SSH protocol version
`Protocol major versions differ: 1 vs. 2`
@ -147,7 +147,7 @@ On the server, you can check the provided SSH protocol version in the configurat
If this option is missing, the mordern SSH server will use SSHv2 by default. It is worth adding it just to be sure and have it documented.
#### Failed host key verification <a href="#hostkey" id="hostkey">#</a>
#### Failed host key verification
```markdown
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ -162,7 +162,7 @@ Clearing the host key from `~/.ssh/known_hosts` our use `ssh-keygen -R <ip-of-de
If you were not informed about any changes, please contact the SSH server administrator to verify that everything is still secure.
#### Unable to negotiate ciphers, MACs, or KexAlgorithms <a href="#ciphers" id="ciphers">#</a>
#### Unable to negotiate ciphers, MACs, or KexAlgorithms
```
Unable to negotiate with 10.10.10.10: no matching key exchange method found.
@ -187,14 +187,14 @@ There are workarounds with the `-o` flag to set temporary options, but I am not
`ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 user@10.10.10.10`
#### Connect without startup file <a href="#startup-file" id="startup-file">#</a>
#### Connect without startup file
This is not that common but there are ways to lock you out after changes to the startup files like `.bashrc`, `.profile`, and so on. You simply can avoid loading those profile files with the following command.
`ssh -t user@host bash --norc --noprofile`
#### Handling SSH sessions with escape sequences <a href="#escape-sequence" id="escape-sequence">#</a>
#### Handling SSH sessions with escape sequences
SSH provides some **escape sequences** with which you can kill the session on the client.