Amazon EC2 InstanceConnect Drops Session Immediately After Successful Auth #896
Comments
sempervictus
changed the title
|
From the session state visible in Pry: :kex=>["ecdh-sha2-nistp256", "ecdh-sha2-nistp384", "ecdh-sha2-nistp521"],
:host_key=>["rsa-sha2-512", "rsa-sha2-256", "ssh-rsa"],
:encryption_client=>["aes128-gcm@openssh.com", "aes256-ctr", "aes192-ctr", "aes128-ctr"],
:encryption_server=>["aes128-gcm@openssh.com", "aes256-ctr", "aes192-ctr", "aes128-ctr"],
:hmac_client=>["hmac-sha2-256", "hmac-sha1", "hmac-sha1-96"],
:hmac_server=>["hmac-sha2-256", "hmac-sha1", "hmac-sha1-96"],
:compression_client=>["none"],
:compression_server=>["none"],
:language_client=>[],
:language_server=>[]}OpenSSL version: ::OpenSSL::OPENSSL_LIBRARY_VERSION
=> "OpenSSL 3.0.7 1 Nov 2022"We are not being disconnected due to the SSH client string, because that's being hacked-around with: ::Net::SSH::Transport::ServerVersion.const_set(
:PROTO_VERSION,
'SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3'
)... and would be expected to occur prior to GEX, KEX, and returning a final acceptance message. |
|
Figured it out - similar to inspec/train#271: SSM can't suffer channel manipulation very well. Solved on my end by capturing the initial channel in another object, but might be something to tweak upstream as an option passed on-init for these weird SSH "serial-port" style services. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected behavior
Configure AWS EC2 Instance Connect Session with SSH pubkey
returns the current directory
Actual behavior
IOError: closed streamSession is closed immediately after authentication is accepted
Last debug log output shows completed authentication, then nothing (as though the session is fine), but the socket (or some underlying IO) is closed.
System configuration
The text was updated successfully, but these errors were encountered: