I'm trying to utilize ssh's jump host option but for some reason it does not work, I get:
$ ssh -J user1@host1 user2@target
kex_exchange_identification: banner line contains invalid characters
banner exchange: Connection to UNKNOWN port 65535: invalid format
$ ssh -J user1@host1:22 user2@target:22
channel 0: open failed: connect failed: Name or service not known
stdio forwarding failed
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535
and I'm wondering why, I can login over ssh from user-notebook to host1 and then from host1 to target just fine. I have all keys setup too. I'm puzzled, what am I missing?
After adding -v
, I can observe the following:
debug1: kex_exchange_identification: banner line 39: \033[?25h\033[?7hSSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
kex_exchange_identification: banner line contains invalid characters
banner exchange: Connection to UNKNOWN port 65535: invalid format
debug1: channel 0: free: direct-tcpip: listening port 0 for target port 22, connect from 127.0.0.1 port 65535 to UNKNOWN port 65536, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
Killed by signal 1.
Note that I can connect fine to target
with ssh -J user1@host1 user2@target
from other hosts on the LAN but only this one doesn't seem to be able to connect.
When I change the line to ssh -J user1@host1:22 user2@target:22 -v
, I get the following:
debug1: client_input_hostkeys: no new or deprecated keys from server
debug1: Remote: /home/user1/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/user1/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
channel 0: open failed: connect failed: Name or service not known
stdio forwarding failed
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535
What is it trying to do with port 65535
?
I also ssh-ed to host1
and did a:
netcat target 22
SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
after the touch ~/.hushlogin
, adding more -v
s, with -vvv
appended I get;
debug2: channel 0: open confirm rwindow 2097152 rmax 32768
debug1: kex_exchange_identification: banner line 39: \033[?25h\033[?7hSSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
kex_exchange_identification: banner line contains invalid characters
banner exchange: Connection to UNKNOWN port 65535: invalid format
debug3: send packet: type 1
debug1: channel 0: free: direct-tcpip: listening port 0 for ghnvm port 22, connect from 127.0.0.1 port 65535 to UNKNOWN port 65536, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 direct-tcpip: listening port 0 for ghnvm port 22, connect from 127.0.0.1 port 65535 to UNKNOWN port 65536 (t4 r0 i0/0 o0/0 e[closed]/0 fd 4/5/-1 sock -1 cc -1)
debug1: fd 0 clearing O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
Killed by signal 1.
Even ssh -oProxyCommand='ssh -p22 user1@host1 -W %h:%p' -p22 user2@target
would return:
kex_exchange_identification: banner line contains invalid characters
banner exchange: Connection to UNKNOWN port 65535: invalid format
-v
option for verbose output. 2. check your ~/.ssh/config on host1. 3. just a wild stab in the dark, but does it work after first runningssh user1@host1 touch ~/.hushlogin
to suppress motd and all the other login-related noise from host1?-vvv
and pasted the ouput above, do you have any further suggestions?host1
) output a custom text banner when you connect to it? If so, this text may confuse the localssh
which does not expect it.ssh user@host:22
is not supported by ssh. You needssh -p22 user@host
(however-J user@host:22
is valid)ssh -oProxyCommand='ssh -p22 user1@host1 -W %h:%p' -p22 user2@target
instead of-J