From a previous email it looks like you only have an rsa key debug1: Connection established. debug1: identity file /home/pcp/.ssh/id_rsa type 0 debug1: identity file /home/pcp/.ssh/id_rsa-cert type -1 debug1: identity file /home/pcp/.ssh/id_ecdsa type -1 debug1: identity file /home/pcp/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/pcp/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/pcp/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/pcp/.ssh/id_ed25519 type -1 debug1: identity file /home/pcp/.ssh/id_ed25519-cert type -1 debug1: identity file /home/pcp/.ssh/id_ed25519_sk type -1 debug1: identity file /home/pcp/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/pcp/.ssh/id_xmss type -1 debug1: identity file /home/pcp/.ssh/id_xmss-cert type -1 debug1: identity file /home/pcp/.ssh/id_dsa type -1 debug1: identity file /home/pcp/.ssh/id_dsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.9 On Fri, Oct 14, 2022 at 10:01:57PM +0200, dabbede@gmail.com wrote: > On Fri, Oct 14, 2022 at 7:06 PM Felix Lechner > wrote: > > > > Hi, > > > > On Fri, Oct 14, 2022 at 1:54 AM dabbede@gmail.com wrote: > > > > > > Finally, I also tried to manually start sshd on port 2222 > > > > I think that is a fabulous idea, especially if you can prevent > > daemonization with -d (or -D). > > > > > this is the output /etc/ssh/sshd_config: No such file or directory > > > > The sshd_config is in /gnu/store. It is generated by 'guix system > > reconfigure'. You can see all available versions with > > > > ls -ld /gnu/store/*sshd-config > > > > In a bind, I would pick one that should work and pass it via -f. > > I just have 3 versions in /gnu/store/, all of them very similar one > another. I just picked up the first one and tried running sshd -d -p > 2222 -f /gnu/store/....path_to_sshd_config > The server starts up waiting for connections. Then, on another tty > (and another user), I try to connect to port 2222 in localhost: client > side receives "Connection reset by 127.0.0.1 port 2222", while the > server side reports this: > > debug1: sshd version OpenSSH_8.9, OpenSSL 1.1.1q 5 Jul 2022 > debug1: private host key #0: ssh-rsa > SHA256:stg5akPHR8JGdXPXmqUYJhhZFj1UmEmWx19el4EiHGM > debug1: private host key #1: ecdsa-sha2-nistp256 > SHA256:zfyEMyjDdSOHX3e9byADPp5sm7Pu6zdq2jnQSWbDo+4 > debug1: private host key #2: ssh-ed25519 > SHA256:tBpk8+XR3GalUmNqIxT6ITf5Tyy8WKVSxBULZjAmQqI > debug1: rexec_argv[0]='/gnu/store/jgw64z5w2q6b4nph7a74jc97ihfxkfsf-openssh-8.9p1/sbin/sshd' > debug1: rexec_argv[1]='-d' > debug1: rexec_argv[2]='-f' > debug1: rexec_argv[3]='/gnu/store/h5hri15x24vljfahpwv1b4dva69nbis3-sshd_config' > debug1: rexec_argv[4]='-p' > debug1: rexec_argv[5]='2222' > debug1: Set /proc/self/oom_score_adj from 0 to -1000 > debug1: Bind to port 2222 on 0.0.0.0. > Server listening on 0.0.0.0 port 2222. > debug1: Bind to port 2222 on ::. > Server listening on :: port 2222. > debug1: Server will not fork when running in debugging mode. > debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 > debug1: sshd version OpenSSH_8.9, OpenSSL 1.1.1q 5 Jul 2022 > debug1: private host key #0: ssh-rsa > SHA256:stg5akPHR8JGdXPXmqUYJhhZFj1UmEmWx19el4EiHGM > debug1: private host key #1: ecdsa-sha2-nistp256 > SHA256:zfyEMyjDdSOHX3e9byADPp5sm7Pu6zdq2jnQSWbDo+4 > debug1: private host key #2: ssh-ed25519 > SHA256:tBpk8+XR3GalUmNqIxT6ITf5Tyy8WKVSxBULZjAmQqI > debug1: inetd sockets after dupping: 3, 3 > Connection from 127.0.0.1 port 33818 on 127.0.0.1 port 2222 rdomain "" > debug1: Local version string SSH-2.0-OpenSSH_8.9 > debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9 > debug1: compat_banner: match: OpenSSH_8.9 pat OpenSSH* compat 0x04000000 > debug1: permanently_set_uid: 989/983 [preauth] > debug1: list_hostkey_types: > rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] ^^^ There are rsa keys listed here, so the server should have rsa keys in /etc/ssh. > debug1: SSH2_MSG_KEXINIT sent [preauth] > debug1: monitor_read_log: child log fd closed > debug1: do_cleanup > debug1: Killing privsep child 366 > > I'm puzzled, as I don't understand exactly what went wrong... > > > To find the version that is actually used by your current system > > generation and corresponds to your latest config.scm would require > > some sleuthing. You may have to examine the symbolic links in the > > system profile and, possibly, in /gnu/store. You may be able to get > > better advice about that in #guix on IRC. > > > > Either way, please do not make any manual changes to /gnu/store, > > however tempting it may appear. > > > > Kind regards > > Felix Lechner > > Thanks again, regards There was recently a change in openssh to deprecate support for rsa-sha1 keys. Try generating new ssh keys using a newish version of openssh and using that as your keys for pcp or test, and see if that works for connecting using a key. -- Efraim Flashner אפרים פלשנר GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted