Join Log in
Score:0
avatar Server

SSH with ProxyCommand fails after update to Fedora 35

ve flag
User789

The command I use looks like:

ssh -o ProxyCommand='ncat --proxy-type socks5 --proxy 127.0.0.1:3744 %h %p' [email protected]

Since updating to Fedora 35, the connection fails with the error message

kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535

I confirmed that the proxy still works by using it with a web browser. The connection to the server still works using another computer or using Fedora 34 in a container. It fails when using Fedora 35 in a container. I can also reproduce the results with a different server.

Verbose output doesn't seem helpful

OpenSSH_8.7p1, OpenSSL 1.1.1l  FIPS 24 Aug 2021
debug1: Reading configuration data /home/me/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: configuration requests final Match pass
debug1: re-parsing configuration
debug1: Reading configuration data /home/me/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: Executing proxy command: exec ncat -v --proxy-type socks5 --proxy 127.0.0.1:3744 example.com 22
debug1: identity file /home/me/.ssh/id_rsa type 0
debug1: identity file /home/me/.ssh/id_rsa-cert type -1
debug1: identity file /home/me/.ssh/id_dsa type -1
debug1: identity file /home/me/.ssh/id_dsa-cert type -1
debug1: identity file /home/me/.ssh/id_ecdsa type -1
debug1: identity file /home/me/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/me/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/me/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/me/.ssh/id_ed25519 type -1
debug1: identity file /home/me/.ssh/id_ed25519-cert type -1
debug1: identity file /home/me/.ssh/id_ed25519_sk type -1
debug1: identity file /home/me/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/me/.ssh/id_xmss type -1
debug1: identity file /home/me/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.7
Ncat: Version 7.91 ( https://nmap.org/ncat )
Ncat: Connected to proxy 127.0.0.1:3744
Ncat: No authentication needed.
Ncat: Host example.com will be resolved by the proxy.
Ncat: connection succeeded.
Ncat: 0 bytes sent, 0 bytes received in 0.04 seconds.
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535
182
0 + 0
ssh
Score:0
avatar Server
mm flag
M1ch43lk

Having the same problem. Something seems broken with the nmap-ncat in fedora 35 (i.e nmap-ncat-7.91-8.fc35.x86_64)

As a work around you can use netcat-1.218-2.fc35.x86_64

or install directly rpm -vhU https://nmap.org/dist/ncat-7.92-1.x86_64.rpm

From https://nmap.org/download.html

0 + 0
mm flag
M1ch43lk
FYI, I logged a bug for the issue https://bugzilla.redhat.com/show_bug.cgi?id=2044364
0
Reply
ve flag
User789
This works, thanks. I wasn't sure how to determine where the issue occured
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.