Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kex_exchange_identification: Connection closed by remote host #4719

Open
richardleeps opened this issue Apr 25, 2024 · 3 comments
Open

kex_exchange_identification: Connection closed by remote host #4719

richardleeps opened this issue Apr 25, 2024 · 3 comments
Labels
bug Something isn't working

Comments

@richardleeps
Copy link

Describe the bug
Unable to connect to ssh target through an egress worker. Getting the error message "Connection closed by 127.0.0.1 port 52471"
The SSH target is a managed application. We are able to connect to other ssh targets such as ubuntu VM's through the same egress worker.

Error message when connection with the client

ssh 127.0.0.1 -p 52471 -o NoHostAuthenticationForLocalhost=yes

debug1: Local version string SSH-2.0-OpenSSH_9.6
kex_exchange_identification: Connection closed by remote host
Connection closed by 127.0.0.1 port 52471

When we connect from the egress worker directly to the target its working

ssh admin@10.10.1.1

debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
debug1: compat_banner: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.11 pat OpenSSH* compat 0x04000000

To Reproduce
Steps to reproduce the behavior:

  1. Start Boundary Client
  2. Connect the target
  3. Error is there
    MacBook-Pro-2 ~ % ssh 127.0.0.1 -p 52471 -o NoHostAuthenticationForLocalhost=yes
    Connection closed by 127.0.0.1 port 52471

Expected behavior
A succesfull connection directly from a boundary client

Additional context
Similar issue was dropped (#765) but was closed due to no response
@richardleeps richardleeps added the bug Something isn't working label Apr 25, 2024
@AdamBouhmad
Copy link
Contributor

Hey @richardleeps, what version of Boundary are you running(client & controller)? Also curious if you're able to reproduce on 0.16.

@richardleeps
Copy link
Author

@AdamBouhmad - All boundary nodes are on v0.16.0+ent
I just tried and still the same result.

If I compare the SSH debug this is what I see


ssh 127.0.0.1 -p 63924 -o NoHostAuthenticationForLocalhost=yes -vv
OpenSSH_9.6p1, LibreSSL 3.3.6
<snip>
debug1: Local version string SSH-2.0-OpenSSH_9.6
kex_exchange_identification: Connection closed by remote host
Connection closed by 127.0.0.1 port 63924

While direct from the egress worker this is wat we get

ssh vmadmin@10.10.1.1 -vvv
OpenSSH_8.9p1 Ubuntu-3ubuntu0.6, OpenSSL 3.0.2 15 Mar 2022
<snip>
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
debug1: compat_banner: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.11 pat OpenSSH* compat 0x04000000

@AdamBouhmad
Copy link
Contributor

Thanks for the quick response @richardleeps. Do you mind sharing over your worker logs so we can dig into this further? Feel free to email me at adam.bouhmad@hashicorp.com.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AdamBouhmad @richardleeps