Ssh problems since update

Hi there,
since the newest update of manjaro i can not use ssh to login to my servers.
i read already about the ssh agent and i did install it:


systemctl  status --user ssh-agent                                                    ✔ 
● ssh-agent.service - SSH key agent
     Loaded: loaded (/usr/lib/systemd/user/ssh-agent.service; disabled; preset: enabled)
     Active: active (running) since Wed 2022-12-14 15:43:57 WET; 3min 38s ago
   Main PID: 2065 (ssh-agent)
      Tasks: 1 (limit: 19069)
     Memory: 1.0M
        CPU: 5ms
     CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/ssh-agent.service
             └─2065 /usr/bin/ssh-agent -D -a /run/user/1000/ssh-agent.socket

Dec 14 15:43:57 mini2 systemd[625]: Started SSH key agent.
Dec 14 15:43:57 mini2 ssh-agent[2065]: SSH_AUTH_SOCK=/run/user/1000/ssh-agent.socket; export SSH_AUT>
Dec 14 15:43:57 mini2 ssh-agent[2065]: echo Agent pid 2065;

KeepassXC sais: no agent running

i put in keepassXC:

enable SSH Agent integration
SSH_AUTH_SOCK override /run/uuser/1000/ssh-agent.socket

i use zsh konsole

however it does not work.
any idea how i get ssh running so i can connect via ssh to my servers?

thanks a lot for your kind help


Moderator edit: In the future, please use proper formatting: [HowTo] Post command output and file content as formatted text

FYI, it’s <pre><code> for code blocks.

Welcome to Manjaro! :smiling_face_with_three_hearts:

  1. Please read the information behind this link. It will help you to post necessary information. [HowTo] Provide System Information
  2. Please press the three dots below your post and then press the :pencil2:
  • If you give us information about your system, we can see what we’re talking about and make better suggestions.
  • You can do this by using inxi in a terminal or in console.
inxi --admin --verbosity=7 --filter --no-host --width
  • Personally identifiable information such as serial numbers and MAC addresses are filtered out by this command
  • Presenting the information in this way allows everyone to be familiar with the format and quickly find the items they need without missing anything.
  1. Copy the output from inxi (including the command) and paste it into your post.
  • To make it more readable, add 3 backticks ``` on an extra line before and after the pasted text.
    (Wisdom lies in reading :wink: )

Please post error-messages from ssh and from logfiles of ssh on server(sshd) and client(ssh)

Just to clarify, do you have a problem with ssh or your fancy ssh-agend, KeepassXC combo. Neither ssh-agend or KeepassXC are needed for ssh. This is just a fancy way so you don’t have to type in a password.

So what happens if you just use ssh and type in your password?

hi thanks a lot for your answer:

    ~  inxi --admin --verbosity=7 --filter --no-host --width                               1 ✘ 
System:
  Kernel: 5.15.81-1-MANJARO arch: x86_64 bits: 64 compiler: gcc v: 12.2.0
    parameters: BOOT_IMAGE=/boot/vmlinuz-5.15-x86_64
    root=UUID=3bc41958-c5d5-4d33-a5d5-da80bff9c294 rw quiet
    udev.log_priority=3
  Desktop: KDE Plasma v: 5.26.4 tk: Qt v: 5.15.7 wm: kwin_x11 vt: 1 dm: SDDM
    Distro: Manjaro Linux base: Arch Linux
Machine:
  Type: Laptop System: Apple product: Macmini5,1 v: 1.0
    serial: <superuser required> Chassis: type: 16 v: Mac-8ED6AF5B48C039E1
    serial: <superuser required>
  Mobo: Apple model: Mac-8ED6AF5B48C039E1 v: Macmini5,1
    serial: <superuser required> UEFI: Apple v: MM51.88Z.0080.B00.1804091930
    date: 04/09/2018
Battery:
  Device-1: hidpp_battery_0 model: Logitech Wireless Mouse serial: <filter>
    charge: 55% (should be ignored) rechargeable: yes status: discharging
Memory:
  RAM: total: 15.54 GiB used: 3.18 GiB (20.4%)
  RAM Report: permissions: Unable to run dmidecode. Root privileges required.
CPU:
  Info: model: Intel Core i5-2415M bits: 64 type: MT MCP arch: Sandy Bridge
    gen: core 2 level: v2 built: 2010-12 process: Intel 32nm family: 6
    model-id: 0x2A (42) stepping: 7 microcode: 0x2F
  Topology: cpus: 1x cores: 2 tpc: 2 threads: 4 smt: enabled cache:
    L1: 128 KiB desc: d-2x32 KiB; i-2x32 KiB L2: 512 KiB desc: 2x256 KiB
    L3: 3 MiB desc: 1x3 MiB
  Speed (MHz): avg: 823 high: 858 min/max: 800/2900 scaling:
    driver: intel_cpufreq governor: schedutil cores: 1: 858 2: 798 3: 840 4: 798
    bogomips: 18367
  Flags: acpi aes aperfmperf apic arat arch_perfmon avx bts clflush cmov
    constant_tsc cpuid cx16 cx8 de ds_cpl dtes64 dtherm dts ept est
    flexpriority flush_l1d fpu fxsr ht ibpb ibrs ida lahf_lm lm mca mce
    md_clear mmx monitor msr mtrr nonstop_tsc nopl nx pae pat pbe pcid
    pclmulqdq pdcm pebs pge pln pni popcnt pse pse36 pti pts rdtscp rep_good
    sep ssbd sse sse2 sse4_1 sse4_2 ssse3 stibp syscall tm tm2 tpr_shadow tsc
    tsc_deadline_timer vme vmx vnmi vpid x2apic xsave xsaveopt xtopology xtpr
  Vulnerabilities:
  Type: itlb_multihit status: KVM: VMX disabled
  Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT
    vulnerable
  Type: mds mitigation: Clear CPU buffers; SMT vulnerable
  Type: meltdown mitigation: PTI
  Type: mmio_stale_data status: Unknown: No mitigations
  Type: retbleed status: Not affected
  Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via
    prctl and seccomp
  Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer
    sanitization
  Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, IBRS_FW,
    STIBP: conditional, RSB filling, PBRSB-eIBRS: Not affected
  Type: srbds status: Not affected
  Type: tsx_async_abort status: Not affected
Graphics:
  Device-1: Intel 2nd Generation Core Processor Family Integrated Graphics
    vendor: Apple driver: i915 v: kernel arch: Gen-6 process: Intel 32nm
    built: 2011 ports: active: DP-1,HDMI-A-3 empty: DP-2, DP-3, HDMI-A-1,
    HDMI-A-2, VGA-1 bus-ID: 00:02.0 chip-ID: 8086:0126 class-ID: 0300
  Display: x11 server: X.Org v: 21.1.4 with: Xwayland v: 22.1.5
    compositor: kwin_x11 driver: X: loaded: modesetting alternate: fbdev,vesa
    dri: crocus gpu: i915 display-ID: :0 screens: 1
  Screen-1: 0 s-res: 3840x1080 s-dpi: 96 s-size: 1016x285mm (40.00x11.22")
    s-diag: 1055mm (41.54")
  Monitor-1: DP-1 pos: primary,left model: ASUS VA24E serial: <filter>
    built: 2020 res: 1920x1080 hz: 60 dpi: 93 gamma: 1.2
    size: 527x296mm (20.75x11.65") diag: 604mm (23.8") ratio: 16:9 modes:
    max: 1920x1080 min: 720x400
  Monitor-2: HDMI-A-3 mapped: HDMI-3 pos: right model: ASUS VA24E
    serial: <filter> built: 2020 res: 1920x1080 hz: 60 dpi: 93 gamma: 1.2
    size: 527x296mm (20.75x11.65") diag: 604mm (23.8") ratio: 16:9 modes:
    max: 1920x1080 min: 720x400
  API: OpenGL v: 3.3 Mesa 22.2.4 renderer: Mesa Intel HD Graphics 3000 (SNB
    GT2) direct render: Yes
Audio:
  Device-1: Intel 6 Series/C200 Series Family High Definition Audio
    driver: snd_hda_intel v: kernel bus-ID: 00:1b.0 chip-ID: 8086:1c20
    class-ID: 0403
  Sound API: ALSA v: k5.15.81-1-MANJARO running: yes
  Sound Server-1: JACK v: 1.9.21 running: no
  Sound Server-2: PulseAudio v: 16.1 running: yes
  Sound Server-3: PipeWire v: 0.3.61 running: yes
Network:
  Device-1: Broadcom NetXtreme BCM57765 Gigabit Ethernet PCIe driver: tg3
    v: kernel pcie: gen: 1 speed: 2.5 GT/s lanes: 1 port: N/A bus-ID: 02:00.0
    chip-ID: 14e4:16b4 class-ID: 0200
  IF: enp2s0f0 state: down mac: <filter>
  Device-2: Broadcom BCM4331 802.11a/b/g/n driver: bcma-pci-bridge v: N/A
    modules: bcma pcie: gen: 1 speed: 2.5 GT/s lanes: 1 bus-ID: 03:00.0
    chip-ID: 14e4:4331 class-ID: 0280
  Device-3: Edimax EW-7811Un 802.11n Wireless Adapter [Realtek RTL8188CUS]
    type: USB driver: rtl8192cu bus-ID: 1-1.2:4 chip-ID: 7392:7811 class-ID: 0000
    serial: <filter>
  IF: wlp0s26f7u1u2 state: down mac: <filter>
  IF-ID-1: wlp3s0b1 state: up mac: <filter>
  IP v4: <filter> type: dynamic noprefixroute scope: global
    broadcast: <filter>
  IP v6: <filter> type: noprefixroute scope: link
  WAN IP: <filter>
Bluetooth:
  Device-1: Apple Bluetooth Host Controller type: USB driver: btusb v: 0.8
    bus-ID: 1-1.1.3:8 chip-ID: 05ac:8281 class-ID: fe01
  Report: rfkill ID: hci0 rfk-id: 0 state: up address: see --recommends
Logical:
  Message: No logical block device data found.
RAID:
  Message: No RAID data found.
Drives:
  Local Storage: total: 465.76 GiB used: 19.35 GiB (4.2%)
  SMART Message: Unable to run smartctl. Root privileges required.
  ID-1: /dev/sda maj-min: 8:0 vendor: Samsung model: SSD 850 EVO 500GB
    size: 465.76 GiB block-size: physical: 512 B logical: 512 B speed: 6.0 Gb/s
    type: SSD serial: <filter> rev: 2B6Q scheme: GPT
  Message: No optical or floppy data found.
Partition:
  ID-1: / raw-size: 465.46 GiB size: 457.09 GiB (98.20%) used: 19.35 GiB (4.2%)
    fs: ext4 dev: /dev/sda2 maj-min: 8:2 label: N/A
    uuid: 3bc41958-c5d5-4d33-a5d5-da80bff9c294
  ID-2: /boot/efi raw-size: 300 MiB size: 299.4 MiB (99.80%)
    used: 312 KiB (0.1%) fs: vfat dev: /dev/sda1 maj-min: 8:1 label: NO_LABEL
    uuid: 2679-22AA
Swap:
  Alert: No swap data was found.
Unmounted:
  Message: No unmounted partitions found.
USB:
  Hub-1: 1-0:1 info: Full speed or root hub ports: 6 rev: 2.0 speed: 480 Mb/s
    chip-ID: 1d6b:0002 class-ID: 0900
  Hub-2: 1-1:2 info: Microchip (formerly SMSC) 2.0 Hub ports: 3 rev: 2.0
    speed: 480 Mb/s power: 2mA chip-ID: 0424:2513 class-ID: 0900
  Hub-3: 1-1.1:3 info: Broadcom BCM2046B1 USB 2.0 Hub (part of BCM2046
    Bluetooth) ports: 3 rev: 2.0 speed: 12 Mb/s power: 94mA chip-ID: 0a5c:4500
    class-ID: 0900
  Device-1: 1-1.1.3:8 info: Apple Bluetooth Host Controller type: Bluetooth
    driver: btusb interfaces: 4 rev: 2.0 speed: 12 Mb/s chip-ID: 05ac:8281
    class-ID: fe01
  Device-2: 1-1.2:4 info: Edimax EW-7811Un 802.11n Wireless Adapter [Realtek
    RTL8188CUS] type: Network driver: rtl8192cu interfaces: 1 rev: 2.0
    speed: 480 Mb/s power: 500mA chip-ID: 7392:7811 class-ID: 0000
    serial: <filter>
  Device-3: 1-1.3:5 info: Logitech Unifying Receiver type: Keyboard,Mouse,HID
    driver: logitech-djreceiver,usbhid interfaces: 3 rev: 2.0 speed: 12 Mb/s
    power: 98mA chip-ID: 046d:c52b class-ID: 0300
  Hub-4: 2-0:1 info: Full speed or root hub ports: 8 rev: 2.0 speed: 480 Mb/s
    chip-ID: 1d6b:0002 class-ID: 0900
  Hub-5: 2-1:2 info: Microchip (formerly SMSC) 2.0 Hub ports: 3 rev: 2.0
    speed: 480 Mb/s power: 2mA chip-ID: 0424:2513 class-ID: 0900
  Device-1: 2-1.1:3 info: Apple Built-in IR Receiver type: HID
    driver: appleir,usbhid interfaces: 1 rev: 2.0 speed: 1.5 Mb/s power: 100mA
    chip-ID: 05ac:8242 class-ID: 0300
  Device-2: 2-1.3:4 info: Cherry GmbH Keyboard type: Keyboard,HID
    driver: hid-generic,usbhid interfaces: 2 rev: 2.0 speed: 1.5 Mb/s
    power: 100mA chip-ID: 046a:b090 class-ID: 0300
  Hub-6: 3-0:1 info: Full speed or root hub ports: 2 rev: 1.1 speed: 12 Mb/s
    chip-ID: 1d6b:0001 class-ID: 0900
  Hub-7: 4-0:1 info: Full speed or root hub ports: 2 rev: 1.1 speed: 12 Mb/s
    chip-ID: 1d6b:0001 class-ID: 0900
Sensors:
  System Temperatures: cpu: 59.0 C mobo: 50.0 C
  Fan Speeds (RPM): N/A
Info:
  Processes: 222 Uptime: 2h 30m wakeups: 4 Init: systemd v: 251
  default: graphical tool: systemctl Compilers: gcc: 12.2.0 clang: 14.0.6
  Packages: 1275 pm: pacman pkgs: 1266 libs: 326 tools: pamac pm: flatpak
  pkgs: 0 pm: snap pkgs: 9 Shell: Zsh v: 5.9 default: Bash v: 5.1.16
  running-in: konsole inxi: 3.3.23

edited to adjust format

Hi,
thanks for your answer.
i want to connect to my server according to:
ssh user@myserver.com
i get a timeout
this happens on all workstations i have with manjaro after last update to manjaro

Please check, by creating the /etc/profile.d/ssh_auth_sock.sh file

Then try with

ssh -v user@myserver.com

and check at which point the connections hangs. You can add v to get even more verbose output.

Please use proper formatting, see

I’ve corrected your post for better readability this time.

How did you use ssh to log in to your servers?

What did you usually do - which now does not work anymore?

thanks for your answer.
here is the result:

...
    ~  ssh -v name@myserver.com                                        INT ✘  4s  
OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /home/tom/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to myserver [164.68.102.220] 
debug1: Connection established.
debug1: identity file /home/tom/.ssh/id_rsa type 0
debug1: identity file /home/tom/.ssh/id_rsa-cert type -1
debug1: identity file /home/tom/.ssh/id_ecdsa type -1
debug1: identity file /home/tom/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/tom/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/tom/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/tom/.ssh/id_ed25519 type -1
debug1: identity file /home/tom/.ssh/id_ed25519-cert type -1
debug1: identity file /home/tom/.ssh/id_ed25519_sk type -1
debug1: identity file /home/tom/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/tom/.ssh/id_xmss type -1
debug1: identity file /home/tom/.ssh/id_xmss-cert type -1
debug1: identity file /home/tom/.ssh/id_dsa type -1
debug1: identity file /home/tom/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
debug1: compat_banner: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to server as 'root'
debug1: load_hostkeys: fopen /home/tom/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
Connection closed by 164.68.102.220 port 69

...

post edited for readability

There seem to be no file with hostkeys
This is normal, when no host was connected until now. But you said:

Has this host ever been connected from this user in this machine ?


Now wee need the logfile from the server to see why the server closed the connection

OR try -vv