OpenSSH(7.7&8.1) windows server 2019 standard edition issue

SWolf2k9 1 Reputation point
2021-03-31T07:11:19.113+00:00

Hi All,

We use OpenSSH(7.7 & 8.1) OS: Windows Server 2019 Standard.

From time to time, the service hangs - although the state of the service is running (in service management),

it stops listening on port 22.

In some cases, when trying to connect using telnet, we get a "black screen" without the local version string,

in other cases, telnet cannot connect at all. This can happen after a random time.

After restarting the service, it works normally.

Please find the configuration file and the related part of the log below.

Thank you in advance.

Configuration file :

SyslogFacility LOCAL0
LogLevel DEBUG3
PermitRootLogin prohibit-password
StrictModes yes
PubkeyAuthentication no
AuthorizedKeysFile  .ssh/authorized_keys
PasswordAuthentication yes
AllowTcpForwarding no
Subsystem   sftp    sftp-server.exe 

Match User Upload031
    ChrootDirectory D:\SFTP\Upload031

Match User Upload032
    ChrootDirectory D:\SFTP\Upload032

Match User Upload033
    ChrootDirectory D:\SFTP\Upload033

Match User Upload034
    ChrootDirectory D:\SFTP\Upload034

Match User Upload035
    ChrootDirectory D:\SFTP\Upload035

Match User Upload036
    ChrootDirectory D:\SFTP\Upload036

Match User Upload037
    ChrootDirectory D:\SFTP\Upload037

Match all
    ChrootDirectory D:\sftp_dump\

Log :

6152 2021-03-30 10:21:19.913 debug3: fd 5 is not O_NONBLOCK
6152 2021-03-30 10:21:19.913 debug3: spawning "C:\\openssh\\sshd.exe" -R
6152 2021-03-30 10:21:19.913 debug3: send_rexec_state: entering fd = 8 config len 5262
6152 2021-03-30 10:21:19.913 debug3: ssh_msg_send: type 0
6152 2021-03-30 10:21:19.944 debug3: send_rexec_state: done
7984 2021-03-30 10:21:19.975 debug1: inetd sockets after dupping: 4, 4
7984 2021-03-30 10:21:19.975 Connection from 192.168.XXX.XXX port 57853 on 10.XXX.XXX.XXX port 22
7984 2021-03-30 10:21:19.975 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
7984 2021-03-30 10:21:19.975 error: kex_exchange_identification: Connection closed by remote host
6152 2021-03-30 10:21:19.991 debug3: fd 5 is not O_NONBLOCK
6152 2021-03-30 10:21:19.991 debug3: spawning "C:\\openssh\\sshd.exe" -R
6152 2021-03-30 10:21:20.007 debug3: send_rexec_state: entering fd = 9 config len 5262
6152 2021-03-30 10:21:20.007 debug3: ssh_msg_send: type 0
3808 2021-03-30 10:21:20.053 debug1: inetd sockets after dupping: 4, 4
3808 2021-03-30 10:21:20.053 Connection from 192.168.XXX.XXX port 57854 on 10.XXX.XXX.XXX port 22
3808 2021-03-30 10:21:20.053 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
3808 2021-03-30 10:21:20.053 debug1: Remote protocol version 2.0, remote software version RebexSSH_1.0.6264.1
3808 2021-03-30 10:21:20.053 debug1: no match: RebexSSH_1.0.6264.1
3808 2021-03-30 10:21:20.053 debug2: fd 4 setting O_NONBLOCK
3808 2021-03-30 10:21:20.163 debug3: spawning "C:\\openssh\\sshd.exe" -y
3808 2021-03-30 10:21:20.163 debug2: Network child is on pid 7008
3808 2021-03-30 10:21:20.163 debug3: send_rexec_state: entering fd = 6 config len 5262
3808 2021-03-30 10:21:20.163 debug3: ssh_msg_send: type 0
3808 2021-03-30 10:21:20.210 debug3: send_rexec_state: done
3808 2021-03-30 10:21:20.210 debug3: ssh_msg_send: type 0
3808 2021-03-30 10:21:20.210 debug3: ssh_msg_send: type 0
3808 2021-03-30 10:21:20.210 debug3: preauth child monitor started
3808 2021-03-30 10:21:20.210 debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
3808 2021-03-30 10:21:20.210 debug3: send packet: type 20 [preauth]
3808 2021-03-30 10:21:20.210 debug1: SSH2_MSG_KEXINIT sent [preauth]
3808 2021-03-30 10:21:20.210 debug3: receive packet: type 20 [preauth]
3808 2021-03-30 10:21:20.210 debug1: SSH2_MSG_KEXINIT received [preauth]
3808 2021-03-30 10:21:20.210 debug2: local server KEXINIT proposal [preauth]
3808 2021-03-30 10:21:20.210 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [preauth]
3808 2021-03-30 10:21:20.210 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
3808 2021-03-30 10:21:20.210 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
3808 2021-03-30 10:21:20.210 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
3808 2021-03-30 10:21:20.210 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3808 2021-03-30 10:21:20.210 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3808 2021-03-30 10:21:20.210 debug2: compression ctos: none,zlib@openssh.com [preauth]
3808 2021-03-30 10:21:20.210 debug2: compression stoc: none,zlib@openssh.com [preauth]
3808 2021-03-30 10:21:20.210 debug2: languages ctos:  [preauth]
3808 2021-03-30 10:21:20.210 debug2: languages stoc:  [preauth]
3808 2021-03-30 10:21:20.210 debug2: first_kex_follows 0  [preauth]
3808 2021-03-30 10:21:20.210 debug2: reserved 0  [preauth]
3808 2021-03-30 10:21:20.210 debug2: peer client KEXINIT proposal [preauth]
3808 2021-03-30 10:21:20.210 debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group15-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1 [preauth]
3808 2021-03-30 10:21:20.210 debug2: host key algorithms: ssh-dss,rsa-sha2-256,ssh-rsa-sha256@ssh.com,rsa-sha2-512,ssh-rsa,x509v3-sign-rsa-sha256@ssh.com,x509v3-sign-rsa,x509v3-sign-dss,ecdsa-sha2-nistp256 [preauth]
3808 2021-03-30 10:21:20.210 debug2: ciphers ctos: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,3des-cbc,twofish256-ctr,twofish192-ctr,twofish128-ctr,twofish256-cbc,twofish192-cbc,twofish128-cbc,twofish-cbc,blowfish-ctr,blowfish-cbc,arcfour256,arcfour128 [preauth]
3808 2021-03-30 10:21:20.210 debug2: ciphers stoc: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-ctr,3des-cbc,twofish256-ctr,twofish192-ctr,twofish128-ctr,twofish256-cbc,twofish192-cbc,twofish128-cbc,twofish-cbc,blowfish-ctr,blowfish-cbc,arcfour256,arcfour128 [preauth]
3808 2021-03-30 10:21:20.210 debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3808 2021-03-30 10:21:20.210 debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
3808 2021-03-30 10:21:20.210 debug2: compression ctos: none,zlib,zlib@openssh.com [preauth]
3808 2021-03-30 10:21:20.210 debug2: compression stoc: none,zlib,zlib@openssh.com [preauth]
3808 2021-03-30 10:21:20.210 debug2: languages ctos:  [preauth]
3808 2021-03-30 10:21:20.210 debug2: languages stoc:  [preauth]
3808 2021-03-30 10:21:20.210 debug2: first_kex_follows 0  [preauth]
3808 2021-03-30 10:21:20.210 debug2: reserved 0  [preauth]
3808 2021-03-30 10:21:20.210 debug1: kex: algorithm: diffie-hellman-group-exchange-sha256 [preauth]
3808 2021-03-30 10:21:20.210 debug1: kex: host key algorithm: rsa-sha2-256 [preauth]
3808 2021-03-30 10:21:20.210 debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
3808 2021-03-30 10:21:20.210 debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256 compression: none [preauth]
3808 2021-03-30 10:21:20.210 debug1: expecting SSH2_MSG_KEX_DH_GEX_REQUEST [preauth]
3808 2021-03-30 10:21:20.225 debug3: receive packet: type 34 [preauth]
3808 2021-03-30 10:21:20.225 debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
3808 2021-03-30 10:21:20.225 debug3: mm_request_send entering: type 0 [preauth]
3808 2021-03-30 10:21:20.225 debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI [preauth]
3808 2021-03-30 10:21:20.225 debug3: mm_request_receive_expect entering: type 1 [preauth]
3808 2021-03-30 10:21:20.225 debug3: mm_request_receive entering [preauth]
3808 2021-03-30 10:21:20.225 debug3: mm_request_receive entering
3808 2021-03-30 10:21:20.225 debug3: monitor_read: checking request 0
3808 2021-03-30 10:21:20.225 debug3: mm_answer_moduli: got parameters: 2048 2048 4096
3808 2021-03-30 10:21:20.225 debug3: Failed to open file:C:/ProgramData/ssh/moduli error:2
3808 2021-03-30 10:21:20.225 WARNING: could not open __PROGRAMDATA__\\ssh/moduli (No such file or directory), using fixed modulus
3808 2021-03-30 10:21:20.225 debug3: dh_new_group_fallback: requested max size 4096
3808 2021-03-30 10:21:20.225 debug3: using 4k bit group 16
3808 2021-03-30 10:21:20.225 debug3: mm_request_send entering: type 1
3808 2021-03-30 10:21:20.225 debug2: monitor_read: 0 used once, disabling now
3808 2021-03-30 10:21:20.225 debug3: mm_choose_dh: remaining 0 [preauth]
3808 2021-03-30 10:21:20.225 debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]
3808 2021-03-30 10:21:20.225 debug3: send packet: type 31 [preauth]
3808 2021-03-30 10:21:20.272 debug2: bits set: 2055/4096 [preauth]
3808 2021-03-30 10:21:20.272 debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth]
3808 2021-03-30 10:21:20.569 debug3: receive packet: type 32 [preauth]
3808 2021-03-30 10:21:20.569 debug2: bits set: 2050/4096 [preauth]
3808 2021-03-30 10:21:20.616 debug3: mm_sshkey_sign entering [preauth]
3808 2021-03-30 10:21:20.616 debug3: mm_request_send entering: type 6 [preauth]
3808 2021-03-30 10:21:20.616 debug3: mm_request_receive entering
3808 2021-03-30 10:21:20.616 debug3: monitor_read: checking request 6
3808 2021-03-30 10:21:20.616 debug3: mm_answer_sign
3808 2021-03-30 10:21:20.632 debug3: mm_answer_sign: KEX signature 0000017C5ECCB7E0(276)
3808 2021-03-30 10:21:20.632 debug3: mm_request_send entering: type 7
3808 2021-03-30 10:21:20.632 debug2: monitor_read: 6 used once, disabling now
3808 2021-03-30 10:21:20.632 debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
3808 2021-03-30 10:21:20.632 debug3: mm_request_receive_expect entering: type 7 [preauth]
3808 2021-03-30 10:21:20.632 debug3: mm_request_receive entering [preauth]
3808 2021-03-30 10:21:20.632 debug3: send packet: type 33 [preauth]
3808 2021-03-30 10:21:20.632 debug3: send packet: type 21 [preauth]
3808 2021-03-30 10:21:20.632 debug2: set_newkeys: mode 1 [preauth]
3808 2021-03-30 10:21:20.632 debug1: rekey out after 4294967296 blocks [preauth]
3808 2021-03-30 10:21:20.632 debug1: SSH2_MSG_NEWKEYS sent [preauth]
3808 2021-03-30 10:21:20.632 debug1: expecting SSH2_MSG_NEWKEYS [preauth]
3808 2021-03-30 10:21:20.944 debug3: receive packet: type 21 [preauth]
3808 2021-03-30 10:21:20.944 debug1: SSH2_MSG_NEWKEYS received [preauth]
3808 2021-03-30 10:21:20.944 debug2: set_newkeys: mode 0 [preauth]
3808 2021-03-30 10:21:20.944 debug1: rekey in after 4294967296 blocks [preauth]
3808 2021-03-30 10:21:20.944 debug1: KEX done [preauth]
3808 2021-03-30 10:21:20.944 debug3: receive packet: type 1 [preauth]
3808 2021-03-30 10:21:20.944 Received disconnect from 192.168.XXX.XXX port 57854:11: Session closed [preauth]
3808 2021-03-30 10:21:20.944 Disconnected from 192.168.XXX.XXX port 57854 [preauth]
3808 2021-03-30 10:21:20.944 debug1: do_cleanup [preauth]
3808 2021-03-30 10:21:20.944 debug3: mm_request_receive entering
3808 2021-03-30 10:21:20.944 debug1: do_cleanup
3808 2021-03-30 10:21:20.944 debug1: Killing privsep child 7008
Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,480 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JiayaoZhu 3,911 Reputation points
    2021-04-01T09:44:33.633+00:00

    Hi,

    Thank you for your posting!

    Based on your logs and descriptions, I suggest to focus on:

    "Failed to open file:C:/ProgramData/ssh/moduli error:2",

    "could not open PROGRAMDATA\ssh/moduli (No such file or directory), using fixed modulus",

    to troubleshoot your issue.

    According to the two error messages. You may encounter permission issues (your system no longer has the permission to get access to your file location), or your file location has been changed so your system cannot find your file in the previous location.

    You can refer to these two blogs to find if there are any useful solutions for you:

    https://github.com/PowerShell/Win32-OpenSSH/issues/1499

    https://github.com/PowerShell/Win32-OpenSSH/issues/826

    (Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.)

    I will conduct further research for you. Thank you for your support and patience!

    Best regards
    Joann

    --------------------------------------------------------------------------------------------------------------------

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments