question

SWolf2k9-4332 avatar image
0 Votes"
SWolf2k9-4332 asked jiayaozhu-MSFT answered

OpenSSH(7.7&8.1) windows server 2019 standard edition issue

Hi All,

We use OpenSSH(7.7 & 8.1) OS: Windows Server 2019 Standard.

From time to time, the service hangs - although the state of the service is running (in service management),

it stops listening on port 22.

In some cases, when trying to connect using telnet, we get a "black screen" without the local version string,

in other cases, telnet cannot connect at all. This can happen after a random time.

After restarting the service, it works normally.

Please find the configuration file and the related part of the log below.

Thank you in advance.

Configuration file :

 SyslogFacility LOCAL0
 LogLevel DEBUG3
 PermitRootLogin prohibit-password
 StrictModes yes
 PubkeyAuthentication no
 AuthorizedKeysFile  .ssh/authorized_keys
 PasswordAuthentication yes
 AllowTcpForwarding no
 Subsystem   sftp    sftp-server.exe 
    
 Match User Upload031
     ChrootDirectory D:\SFTP\Upload031
        
 Match User Upload032
     ChrootDirectory D:\SFTP\Upload032
        
 Match User Upload033
     ChrootDirectory D:\SFTP\Upload033
        
 Match User Upload034
     ChrootDirectory D:\SFTP\Upload034
        
 Match User Upload035
     ChrootDirectory D:\SFTP\Upload035
        
 Match User Upload036
     ChrootDirectory D:\SFTP\Upload036
        
 Match User Upload037
     ChrootDirectory D:\SFTP\Upload037
        
 Match all
     ChrootDirectory D:\sftp_dump\

Log :

 6152 2021-03-30 10:21:19.913 debug3: fd 5 is not O_NONBLOCK
 6152 2021-03-30 10:21:19.913 debug3: spawning "C:\\openssh\\sshd.exe" -R
 6152 2021-03-30 10:21:19.913 debug3: send_rexec_state: entering fd = 8 config len 5262
 6152 2021-03-30 10:21:19.913 debug3: ssh_msg_send: type 0
 6152 2021-03-30 10:21:19.944 debug3: send_rexec_state: done
 7984 2021-03-30 10:21:19.975 debug1: inetd sockets after dupping: 4, 4
 7984 2021-03-30 10:21:19.975 Connection from 192.168.XXX.XXX port 57853 on 10.XXX.XXX.XXX port 22
 7984 2021-03-30 10:21:19.975 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
 7984 2021-03-30 10:21:19.975 error: kex_exchange_identification: Connection closed by remote host
 6152 2021-03-30 10:21:19.991 debug3: fd 5 is not O_NONBLOCK
 6152 2021-03-30 10:21:19.991 debug3: spawning "C:\\openssh\\sshd.exe" -R
 6152 2021-03-30 10:21:20.007 debug3: send_rexec_state: entering fd = 9 config len 5262
 6152 2021-03-30 10:21:20.007 debug3: ssh_msg_send: type 0
 3808 2021-03-30 10:21:20.053 debug1: inetd sockets after dupping: 4, 4
 3808 2021-03-30 10:21:20.053 Connection from 192.168.XXX.XXX port 57854 on 10.XXX.XXX.XXX port 22
 3808 2021-03-30 10:21:20.053 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
 3808 2021-03-30 10:21:20.053 debug1: Remote protocol version 2.0, remote software version RebexSSH_1.0.6264.1
 3808 2021-03-30 10:21:20.053 debug1: no match: RebexSSH_1.0.6264.1
 3808 2021-03-30 10:21:20.053 debug2: fd 4 setting O_NONBLOCK
 3808 2021-03-30 10:21:20.163 debug3: spawning "C:\\openssh\\sshd.exe" -y
 3808 2021-03-30 10:21:20.163 debug2: Network child is on pid 7008
 3808 2021-03-30 10:21:20.163 debug3: send_rexec_state: entering fd = 6 config len 5262
 3808 2021-03-30 10:21:20.163 debug3: ssh_msg_send: type 0
 3808 2021-03-30 10:21:20.210 debug3: send_rexec_state: done
 3808 2021-03-30 10:21:20.210 debug3: ssh_msg_send: type 0
 3808 2021-03-30 10:21:20.210 debug3: ssh_msg_send: type 0
 3808 2021-03-30 10:21:20.210 debug3: preauth child monitor started
 3808 2021-03-30 10:21:20.210 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
 3808 2021-03-30 10:21:20.210 debug3: send packet: type 20 [preauth]
 3808 2021-03-30 10:21:20.210 debug1: SSH2_MSG_KEXINIT sent [preauth]
 3808 2021-03-30 10:21:20.210 debug3: receive packet: type 20 [preauth]
 3808 2021-03-30 10:21:20.210 debug1: SSH2_MSG_KEXINIT received [preauth]
 3808 2021-03-30 10:21:20.210 debug2: local server KEXINIT proposal [preauth]
 3808 2021-03-30 10:21:20.210 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
 3808 2021-03-30 10:21:20.210 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
 3808 2021-03-30 10:21:20.210 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: compression ctos: none,zlib@openssh.com [preauth]
 3808 2021-03-30 10:21:20.210 debug2: compression stoc: none,zlib@openssh.com [preauth]
 3808 2021-03-30 10:21:20.210 debug2: languages ctos:  [preauth]
 3808 2021-03-30 10:21:20.210 debug2: languages stoc:  [preauth]
 3808 2021-03-30 10:21:20.210 debug2: first_kex_follows 0  [preauth]
 3808 2021-03-30 10:21:20.210 debug2: reserved 0  [preauth]
 3808 2021-03-30 10:21:20.210 debug2: peer client KEXINIT proposal [preauth]
 3808 2021-03-30 10:21:20.210 debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group15-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: host key algorithms: ssh-dss,rsa-sha2-256,ssh-rsa-sha256@ssh.com,rsa-sha2-512,ssh-rsa,x509v3-sign-rsa-sha256@ssh.com,x509v3-sign-rsa,x509v3-sign-dss,ecdsa-sha2-nistp256 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: ciphers ctos: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,3des-cbc,twofish256-ctr,twofish192-ctr,twofish128-ctr,twofish256-cbc,twofish192-cbc,twofish128-cbc,twofish-cbc,blowfish-ctr,blowfish-cbc,arcfour256,arcfour128 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: ciphers stoc: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,3des-cbc,twofish256-ctr,twofish192-ctr,twofish128-ctr,twofish256-cbc,twofish192-cbc,twofish128-cbc,twofish-cbc,blowfish-ctr,blowfish-cbc,arcfour256,arcfour128 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
 3808 2021-03-30 10:21:20.210 debug2: compression ctos: none,zlib,zlib@openssh.com [preauth]
 3808 2021-03-30 10:21:20.210 debug2: compression stoc: none,zlib,zlib@openssh.com [preauth]
 3808 2021-03-30 10:21:20.210 debug2: languages ctos:  [preauth]
 3808 2021-03-30 10:21:20.210 debug2: languages stoc:  [preauth]
 3808 2021-03-30 10:21:20.210 debug2: first_kex_follows 0  [preauth]
 3808 2021-03-30 10:21:20.210 debug2: reserved 0  [preauth]
 3808 2021-03-30 10:21:20.210 debug1: kex: algorithm: diffie-hellman-group-exchange-sha256 [preauth]
 3808 2021-03-30 10:21:20.210 debug1: kex: host key algorithm: rsa-sha2-256 [preauth]
 3808 2021-03-30 10:21:20.210 debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
 3808 2021-03-30 10:21:20.210 debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
 3808 2021-03-30 10:21:20.210 debug1: expecting SSH2_MSG_KEX_DH_GEX_REQUEST [preauth]
 3808 2021-03-30 10:21:20.225 debug3: receive packet: type 34 [preauth]
 3808 2021-03-30 10:21:20.225 debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
 3808 2021-03-30 10:21:20.225 debug3: mm_request_send entering: type 0 [preauth]
 3808 2021-03-30 10:21:20.225 debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI [preauth]
 3808 2021-03-30 10:21:20.225 debug3: mm_request_receive_expect entering: type 1 [preauth]
 3808 2021-03-30 10:21:20.225 debug3: mm_request_receive entering [preauth]
 3808 2021-03-30 10:21:20.225 debug3: mm_request_receive entering
 3808 2021-03-30 10:21:20.225 debug3: monitor_read: checking request 0
 3808 2021-03-30 10:21:20.225 debug3: mm_answer_moduli: got parameters: 2048 2048 4096
 3808 2021-03-30 10:21:20.225 debug3: Failed to open file:C:/ProgramData/ssh/moduli error:2
 3808 2021-03-30 10:21:20.225 WARNING: could not open __PROGRAMDATA__\\ssh/moduli (No such file or directory), using fixed modulus
 3808 2021-03-30 10:21:20.225 debug3: dh_new_group_fallback: requested max size 4096
 3808 2021-03-30 10:21:20.225 debug3: using 4k bit group 16
 3808 2021-03-30 10:21:20.225 debug3: mm_request_send entering: type 1
 3808 2021-03-30 10:21:20.225 debug2: monitor_read: 0 used once, disabling now
 3808 2021-03-30 10:21:20.225 debug3: mm_choose_dh: remaining 0 [preauth]
 3808 2021-03-30 10:21:20.225 debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]
 3808 2021-03-30 10:21:20.225 debug3: send packet: type 31 [preauth]
 3808 2021-03-30 10:21:20.272 debug2: bits set: 2055/4096 [preauth]
 3808 2021-03-30 10:21:20.272 debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth]
 3808 2021-03-30 10:21:20.569 debug3: receive packet: type 32 [preauth]
 3808 2021-03-30 10:21:20.569 debug2: bits set: 2050/4096 [preauth]
 3808 2021-03-30 10:21:20.616 debug3: mm_sshkey_sign entering [preauth]
 3808 2021-03-30 10:21:20.616 debug3: mm_request_send entering: type 6 [preauth]
 3808 2021-03-30 10:21:20.616 debug3: mm_request_receive entering
 3808 2021-03-30 10:21:20.616 debug3: monitor_read: checking request 6
 3808 2021-03-30 10:21:20.616 debug3: mm_answer_sign
 3808 2021-03-30 10:21:20.632 debug3: mm_answer_sign: KEX signature 0000017C5ECCB7E0(276)
 3808 2021-03-30 10:21:20.632 debug3: mm_request_send entering: type 7
 3808 2021-03-30 10:21:20.632 debug2: monitor_read: 6 used once, disabling now
 3808 2021-03-30 10:21:20.632 debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
 3808 2021-03-30 10:21:20.632 debug3: mm_request_receive_expect entering: type 7 [preauth]
 3808 2021-03-30 10:21:20.632 debug3: mm_request_receive entering [preauth]
 3808 2021-03-30 10:21:20.632 debug3: send packet: type 33 [preauth]
 3808 2021-03-30 10:21:20.632 debug3: send packet: type 21 [preauth]
 3808 2021-03-30 10:21:20.632 debug2: set_newkeys: mode 1 [preauth]
 3808 2021-03-30 10:21:20.632 debug1: rekey out after 4294967296 blocks [preauth]
 3808 2021-03-30 10:21:20.632 debug1: SSH2_MSG_NEWKEYS sent [preauth]
 3808 2021-03-30 10:21:20.632 debug1: expecting SSH2_MSG_NEWKEYS [preauth]
 3808 2021-03-30 10:21:20.944 debug3: receive packet: type 21 [preauth]
 3808 2021-03-30 10:21:20.944 debug1: SSH2_MSG_NEWKEYS received [preauth]
 3808 2021-03-30 10:21:20.944 debug2: set_newkeys: mode 0 [preauth]
 3808 2021-03-30 10:21:20.944 debug1: rekey in after 4294967296 blocks [preauth]
 3808 2021-03-30 10:21:20.944 debug1: KEX done [preauth]
 3808 2021-03-30 10:21:20.944 debug3: receive packet: type 1 [preauth]
 3808 2021-03-30 10:21:20.944 Received disconnect from 192.168.XXX.XXX port 57854:11: Session closed [preauth]
 3808 2021-03-30 10:21:20.944 Disconnected from 192.168.XXX.XXX port 57854 [preauth]
 3808 2021-03-30 10:21:20.944 debug1: do_cleanup [preauth]
 3808 2021-03-30 10:21:20.944 debug3: mm_request_receive entering
 3808 2021-03-30 10:21:20.944 debug1: do_cleanup
 3808 2021-03-30 10:21:20.944 debug1: Killing privsep child 7008



windows-server-2019
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

jiayaozhu-MSFT avatar image
0 Votes"
jiayaozhu-MSFT answered

Hi,

Thank you for your posting!

Based on your logs and descriptions, I suggest to focus on:

"Failed to open file:C:/ProgramData/ssh/moduli error:2",

"could not open PROGRAMDATA\\ssh/moduli (No such file or directory), using fixed modulus",

to troubleshoot your issue.

According to the two error messages. You may encounter permission issues (your system no longer has the permission to get access to your file location), or your file location has been changed so your system cannot find your file in the previous location.

You can refer to these two blogs to find if there are any useful solutions for you:

https://github.com/PowerShell/Win32-OpenSSH/issues/1499

https://github.com/PowerShell/Win32-OpenSSH/issues/826

(Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)

I will conduct further research for you. Thank you for your support and patience!

Best regards
Joann


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.