Если начал отваливаться ssh
Недавное у меня ни с того ни с сего начали возникать проблемы с ssh. А так как, у меня для нескольких проектов в phpStorm настроен AutoDeploy через ssh-туннель, то проблемы начали появлятьс и там.
Примеры ошибок и странного поведения
При обычном ssh-коннекте из консоли постоянно вылетала ошибка:
1 |
kex_exchange_identification: read: Connection reset by peer |
При работе ssh-туннеля в phpStorm вылатела ошибка “Can’t connect to remote host”
Включил отладку ssh-тоннелей в phpStorm, чтобы посмотреть логи, а там такое:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 |
2024-08-15 16:45:22,217 [ 80872] FINE - c.i.s.i.s.KeyCheckingSshClientConfig - Available cipher factories: [chacha20-poly1305@openssh.com, aes128-cbc, aes128-ctr, aes192-cbc, aes192-ctr, aes256-cbc, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com, blowfish-cbc, blowfish-ctr, cast128-cbc, cast128-ctr, idea-cbc, idea-ctr, serpent128-cbc, serpent128-ctr, serpent192-cbc, serpent192-ctr, serpent256-cbc, serpent256-ctr, 3des-cbc, 3des-ctr, twofish128-cbc, twofish128-ctr, twofish192-cbc, twofish192-ctr, twofish256-cbc, twofish256-ctr, twofish-cbc, arcfour, arcfour128, arcfour256] 2024-08-15 16:45:22,218 [ 80873] INFO - com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile - Read key type: ssh-rsa 2024-08-15 16:45:22,219 [ 80874] FINE - c.i.s.i.s.KeyCheckingSshClientConfig - Available cipher factories: [chacha20-poly1305@openssh.com, aes128-cbc, aes128-ctr, aes192-cbc, aes192-ctr, aes256-cbc, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com, blowfish-cbc, blowfish-ctr, cast128-cbc, cast128-ctr, idea-cbc, idea-ctr, serpent128-cbc, serpent128-ctr, serpent192-cbc, serpent192-ctr, serpent256-cbc, serpent256-ctr, 3des-cbc, 3des-ctr, twofish128-cbc, twofish128-ctr, twofish192-cbc, twofish192-ctr, twofish256-cbc, twofish256-ctr, twofish-cbc, arcfour, arcfour128, arcfour256] 2024-08-15 16:45:22,219 [ 80874] INFO - com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile - Read key type: ssh-rsa 2024-08-15 16:45:22,229 [ 80884] FINE - #c.i.s.c.SshConnectionConfig - Change after applying remote credentials for host 172.30.2.39: authMethods: PublicKey(privateKeys=[/Users/andrey/.ssh/id_rsa, /Users/andrey/.ssh/id_dsa, /Users/andrey/.ssh/id_ecdsa, /Users/andrey/.ssh/id_ed25519, /Users/andrey/.ssh/id_xmss], agent=ALL), Password, KeyboardInteractive -> PublicKey(privateKeys=[/Users/andrey/.ssh/id_rsa, /Users/andrey/.ssh/id_dsa, /Users/andrey/.ssh/id_ecdsa, /Users/andrey/.ssh/id_ed25519, /Users/andrey/.ssh/id_xmss], agent=NO), Password, KeyboardInteractive user: andrey -> admin 2024-08-15 16:45:22,231 [ 80886] FINE - #c.i.s.i.SshConnection - Checking that can authenticate admin@172.30.2.39:22 2024-08-15 16:45:22,233 [ 80888] INFO - net.schmizz.sshj.transport.random.JCERandom - Creating new SecureRandom. 2024-08-15 16:45:22,235 [ 80890] FINE - #c.i.s.i.s.sshj - Full connection config: authMethods: PublicKey(privateKeys=[/Users/andrey/.ssh/id_rsa, /Users/andrey/.ssh/id_dsa, /Users/andrey/.ssh/id_ecdsa, /Users/andrey/.ssh/id_ed25519, /Users/andrey/.ssh/id_xmss], agent=NO), Password, KeyboardInteractive ciphers: [aes128-cbc, aes128-ctr, aes192-cbc, aes192-ctr, aes256-cbc, aes256-ctr, blowfish-cbc, blowfish-ctr, cast128-cbc, cast128-ctr, idea-cbc, idea-ctr, serpent128-cbc, serpent128-ctr, serpent192-cbc, serpent192-ctr, serpent256-cbc, serpent256-ctr, 3des-cbc, 3des-ctr, twofish128-cbc, twofish128-ctr, twofish192-cbc, twofish192-ctr, twofish256-cbc, twofish256-ctr, twofish-cbc, arcfour, arcfour128, arcfour256] compression: false connectTimeout: PT10S forwardAgent: false host: 172.30.2.39 hostKeyAlgorithms: [ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, sk-ecdsa-sha2-nistp256@openssh.com, ssh-ed25519, sk-ssh-ed25519@openssh.com, rsa-sha2-512, rsa-sha2-256, ssh-rsa] hostKeyVerifier: OpenSSH-like host key verifier (knownHostsFile=[/Users/andrey/.ssh/known_hosts], strictHostKeyChecking=ASK, hashKnownHosts=false) identityAgent: null initialLocalTcpForwardings: [] initialRemoteTcpForwardings: [] kexAlgorithms: [curve25519-sha256, curve25519-sha256@libssh.org, diffie-hellman-group-exchange-sha256, ecdh-sha2-nistp521, ecdh-sha2-nistp384, ecdh-sha2-nistp256, diffie-hellman-group-exchange-sha1, diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, diffie-hellman-group14-sha256, diffie-hellman-group15-sha512, diffie-hellman-group16-sha512, diffie-hellman-group17-sha512, diffie-hellman-group18-sha512, diffie-hellman-group14-sha256@ssh.com, diffie-hellman-group15-sha256, diffie-hellman-group15-sha256@ssh.com, diffie-hellman-group15-sha384@ssh.com, diffie-hellman-group16-sha256, diffie-hellman-group16-sha384@ssh.com, diffie-hellman-group16-sha512@ssh.com, diffie-hellman-group18-sha512@ssh.com] macs: [hmac-sha1, hmac-sha1-etm@openssh.com, hmac-sha1-96, hmac-sha1-96@openssh.com, hmac-md5, hmac-md5-etm@openssh.com, hmac-md5-96, hmac-md5-96-etm@openssh.com, hmac-sha2-256, hmac-sha2-256-etm@openssh.com, hmac-sha2-512, hmac-sha2-512-etm@openssh.com, hmac-ripemd160, hmac-ripemd160-etm@openssh.com, hmac-ripemd160-96, hmac-ripemd160@openssh.com] port: 22 proxyConfig: null serverAlive: null user: admin x11Forwarding: null 2024-08-15 16:45:22,260 [ 80915] SEVERE - #c.i.o.a.i.ApplicationImpl - RSA modulus has a small prime factor java.lang.IllegalArgumentException: RSA modulus has a small prime factor at org.bouncycastle.crypto.params.RSAKeyParameters.validate(Unknown Source) at org.bouncycastle.crypto.params.RSAKeyParameters.(Unknown Source) at org.bouncycastle.crypto.params.RSAKeyParameters.(Unknown Source) at org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey.(Unknown Source) at org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi.engineGeneratePublic(Unknown Source) at java.base/java.security.KeyFactory.generatePublic(KeyFactory.java:345) at net.schmizz.sshj.common.KeyType$1.readPubKeyFromBuffer(KeyType.java:62) at net.schmizz.sshj.common.Buffer.readPublicKey(Buffer.java:489) at net.schmizz.sshj.transport.verification.OpenSSHKnownHosts$EntryFactory.parseEntry(OpenSSHKnownHosts.java:278) at net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.readEntries(OpenSSHKnownHosts.java:81) at net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.(OpenSSHKnownHosts.java:62) at net.schmizz.sshj.transport.verification.OpenSSHKnownHosts.(OpenSSHKnownHosts.java:52) at com.intellij.ssh.SingleKnownHostsDelegate.(OpenSshLikeHostKeyVerifierImpl.kt:190) at com.intellij.ssh.OpenSshLikeHostKeyVerifierImpl.(OpenSshLikeHostKeyVerifierImpl.kt:42) at com.intellij.ssh.impl.sshj.SshjConnectionUtilKt.setUpSessionForSshJ(SshjConnectionUtil.kt:142) at com.intellij.ssh.impl.SshConnection.doSshjSshConnection(SshConnection.kt:211) at com.intellij.ssh.impl.SshConnection.access$doSshjSshConnection(SshConnection.kt:27) at com.intellij.ssh.impl.SshConnection$createSshSessionForSshj$1.invoke(SshConnection.kt:204) at com.intellij.ssh.impl.SshConnection$createSshSessionForSshj$1.invoke(SshConnection.kt:201) at com.intellij.ssh.Ssh.wrapBlockingSshCall(ssh.kt:394) at com.intellij.ssh.Ssh.wrapBlockingSshCall$default(ssh.kt:375) at com.intellij.ssh.impl.SshConnection.createSshSessionForSshj(SshConnection.kt:201) at com.intellij.ssh.impl.SshConnection.access$createSshSessionForSshj(SshConnection.kt:27) at com.intellij.ssh.impl.SshConnection$checkCanAuthenticate$1.invoke(SshConnection.kt:136) at com.intellij.ssh.impl.SshConnection$checkCanAuthenticate$1.invoke(SshConnection.kt:131) at com.intellij.ssh.Ssh.wrapBlockingSshCall(ssh.kt:394) at com.intellij.ssh.Ssh.wrapBlockingSshCall$default(ssh.kt:375) at com.intellij.ssh.impl.SshConnection.checkCanAuthenticate(SshConnection.kt:131) at com.intellij.ssh.SshConnectionService.checkCanAuthenticate(SshConnectionService.kt:210) at com.intellij.ssh.Ssh.checkCanAuthenticate(ssh.kt:263) at com.intellij.ssh.Ssh.access$checkCanAuthenticate(ssh.kt:1) at com.intellij.ssh.ConnectionBuilder.checkCanAuthenticate(ssh.kt:108) at com.intellij.ssh.ui.unified.SshCredentialsEditorEx$1.lambda$actionPerformed$0(SshCredentialsEditorEx.java:68) at com.intellij.openapi.application.impl.ApplicationImpl$2.run(ApplicationImpl.java:272) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1$1.run(Executors.java:702) at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1$1.run(Executors.java:699) at java.base/java.security.AccessController.doPrivileged(AccessController.java:399) at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1.run(Executors.java:699) at java.base/java.lang.Thread.run(Thread.java:833) 2024-08-15 16:45:22,261 [ 80916] SEVERE - #c.i.o.a.i.ApplicationImpl - PhpStorm 2023.2.2 Build #PS-232.9921.55 2024-08-15 16:45:22,261 [ 80916] SEVERE - #c.i.o.a.i.ApplicationImpl - JDK: 17.0.8; VM: OpenJDK 64-Bit Server VM; Vendor: JetBrains s.r.o. 2024-08-15 16:45:22,261 [ 80916] SEVERE - #c.i.o.a.i.ApplicationImpl - OS: Mac OS X 2024-08-15 16:45:38,446 [ 97101] INFO - #com.tabnineCommon.lifecycle.WorkspaceListenerService - All root paths collected: [/Users/andrey/sandbox/xxxxx/current] |
В общем очень все странно, в консоле то коннект устанавливается, то рвется, то вообще сразу не коннектит. А ssh-туннель работает через пень-колоду. Я перепробовал кучу всего, а решение оказалось очень простым.
Решение
1 |
rm -rf ~/.ssh/known_hosts |