jba Posted October 1, 2021 Posted October 1, 2021 Just started my new odroid HC2 with armbian (Armbian_21.08.1_Odroidxu4_buster_current_5.4.142). However, I could not log in via ssh. I got the message kex_exchange_identification: read: Connection reset by peer Connection reset by 192.168.0.89 port 22 The reason was, that in /etc/sshd_config PubkeyAuthentication was enabled. After commenting out I was able to login via ssh. I think this should be corrected as it makes no sense. Or at least the documentation should be changed (it says you can do your first login via ssh). Jürgen 0 Quote
Igor Posted October 1, 2021 Posted October 1, 2021 7 minutes ago, jba said: I think this should be corrected as it makes no sense. Until this is not confirmed, its not even a bug. I agree that SSH login should work. It works even via serial console(s), but things can and do break down ... 8 minutes ago, jba said: Or at least the documentation should be changed Welcome! Check FAQ first, then check if you can help somehow https://docs.armbian.com/Process_Contribute/ 0 Quote
Paco Hope Posted September 29, 2024 Posted September 29, 2024 I found this post because it was the first result in a DuckDuckGo search for "armbian kex_exchange_identification" If your armbian device is at IP address 192.168.1.5, then the short answer is to simply do the following for first login: ssh -o HostkeyAlgorithms=+ssh-rsa root@192.168.1.5 The answer is sorta described on this answer elsewhere in the forums. Back in 2022, OpenSSH decided to retire (to deprecate) the SHA-1 hash combined with the RSA public key algorithm (read more here). This means that in most major operating systems (Windows, Linux, Mac) that use OpenSSH as their ssh client, the rsa-sha key exchange is deactivated by default. I'm not sure why, but it appears that the sshd on Armbian doesn't offer any other KexAlgorithms, even though it could. So your Armbian device doesn't offer a KexAlgorithm that your laptop/desktop/other device likes. I installed v24.11 rolling for Orange Pi PC running Armbian Linux 6.6.44-current-sunxi yesterday (29 Sept 2024) and sshd was still configured this way. If you want a permanent fix, you can add 2 lines to your /etc/ssh/sshd_config file on your Armbian device: KexAlgorithms ecdh-sha2-nistp256 HostKeyAlgorithms rsa-sha2-256 Then run sudo service sshd restart and it will restart using the new key exchange algorithms and you'll be able to connect without special effort. 0 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.