$ssh ores-compute.eqiad.wmflabs -vvv OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/user/.ssh/config debug1: /home/user/.ssh/config line 13: Applying options for *.eqiad.wmflabs debug1: /home/user/.ssh/config line 16: Applying options for *.wmflabs debug1: /home/user/.ssh/config line 21: Applying options for * debug3: ciphers ok: [chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr] debug3: kex names ok: [curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256] debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug3: ciphers ok: [aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc] debug3: macs ok: [hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160] debug3: key names ok: [ssh-rsa,ssh-dss] debug1: Executing proxy command: exec ssh -a -W ores-compute.eqiad.wmflabs:22 bastion1.eqiad.wmflabs debug1: permanently_drop_suid: 1000 debug3: Incorrect RSA1 identifier debug3: Could not load "/home/user/.ssh/id_rsa" as a RSA1 public key debug1: identity file /home/user/.ssh/id_rsa type 1 debug1: identity file /home/user/.ssh/id_rsa-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-8 no matching mac found: client hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 server hmac-sha2-512,hmac-sha2-256 $cat .ssh/config Host bastion1.eqiad.wmflabs Hostname bastion.wmflabs.org ProxyCommand none Host bastion2.eqiad.wmflabs Hostname bastion2.wmflabs.org ProxyCommand none Host bastion3.eqiad.wmflabs Hostname bastion3.wmflabs.org ProxyCommand none Host *.eqiad.wmflabs ProxyCommand ssh -a -W %h:%p bastion1.eqiad.wmflabs Host *.wmflabs User he7d3r IdentityFile ~/.ssh/id_rsa IdentitiesOnly yes Host * !gerrit.wikimedia.org Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Description
Description
Event Timeline
Comment Actions
Ok, I commented out the line which starts with MACs in my /etc/ssh/ssh_config and this error doesn't happens anymore. I also had to comment out the line HostKeyAlgorithms, to get the ECDSA fingerprint from the server, instead of the RSA one.