paramiko.ssh_exception.SSHException: Error reading SSH protocol banner

[SuchismitaGoswami]

I am using paramiko to ssh into a private ec2 machine via a bastion host. The bastion host is a managed instance by AWS system manager.
While creating ssh session using paramiko with ProxyCommand "aws ssm start-session --target [bastion-host-instance-id] --document AWS-StartSSHSession --parameters portNumber=22", I am getting this debug log as below.

2020-09-22 15:31:31,082 | paramiko.transport           | DEBUG | starting thread (client mode): 0x1f692748
2020-09-22 15:31:31,083 | paramiko.transport           | DEBUG | Local version/idstring: SSH-2.0-paramiko_2.7.2
2020-09-22 15:31:41,154 | paramiko.transport           | DEBUG | Banner:
**2020-09-22 15:31:41,155 | paramiko.transport           | DEBUG | Banner: Starting session with SessionId: <<session-id>>**
2020-09-22 15:31:43,171 | paramiko.transport           | ERROR | Exception: Error reading SSH protocol banner
2020-09-22 15:31:43,188 | paramiko.transport           | ERROR | Traceback (most recent call last):
2020-09-22 15:31:43,189 | paramiko.transport           | ERROR |   File "/usr/local/lib/python3.6/dist-packages/paramiko/transport.py", line 2211, in _check_banner
2020-09-22 15:31:43,190 | paramiko.transport           | ERROR |     buf = self.packetizer.readline(timeout)
2020-09-22 15:31:43,190 | paramiko.transport           | ERROR |   File "/usr/local/lib/python3.6/dist-packages/paramiko/packet.py", line 380, in readline
2020-09-22 15:31:43,193 | paramiko.transport           | ERROR |     buf += self._read_timeout(timeout)
2020-09-22 15:31:43,194 | paramiko.transport           | ERROR |   File "/usr/local/lib/python3.6/dist-packages/paramiko/packet.py", line 622, in _read_timeout
2020-09-22 15:31:43,194 | paramiko.transport           | ERROR |     raise socket.timeout()
2020-09-22 15:31:43,195 | paramiko.transport           | ERROR | socket.timeout
2020-09-22 15:31:43,196 | paramiko.transport           | ERROR |
2020-09-22 15:31:43,196 | paramiko.transport           | ERROR | During handling of the above exception, another exception occurred:
2020-09-22 15:31:43,197 | paramiko.transport           | ERROR |
2020-09-22 15:31:43,198 | paramiko.transport           | ERROR | Traceback (most recent call last):
2020-09-22 15:31:43,198 | paramiko.transport           | ERROR |   File "/usr/local/lib/python3.6/dist-packages/paramiko/transport.py", line 2039, in run
2020-09-22 15:31:43,200 | paramiko.transport           | ERROR |     self._check_banner()
2020-09-22 15:31:43,200 | paramiko.transport           | ERROR |   File "/usr/local/lib/python3.6/dist-packages/paramiko/transport.py", line 2216, in _check_banner
2020-09-22 15:31:43,201 | paramiko.transport           | ERROR |     "Error reading SSH protocol banner" + str(e)
2020-09-22 15:31:43,202 | paramiko.transport           | ERROR | paramiko.ssh_exception.SSHException: Error reading SSH protocol banner
2020-09-22 15:31:43,202 | paramiko.transport           | ERROR |

2020-09-22 15:31:41,155 | paramiko.transport           | DEBUG | Banner: Starting session with SessionId: <<session-id>>

The above line taken from the detailed log shows that the proxy command ran successfully. However, the _check_banner method of the paramiko client failed to validate.

Could you please assist me in this regard ?

[spencerbug]

I am also having this issue, seems similar to #673 which was resolved in 2016...

I get that error when doing an SSH proxycommand (with fake credentials)

ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname='192.168.128.20',username='username',password='password',sock=paramiko.ProxyCommand("sshpass -ppassword ssh -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -n -W %h:%p root@192.168.0.55"))

Error I get:

Exception: Error reading SSH protocol banner
Traceback (most recent call last):
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/transport.py", line 2211, in _check_banner
    buf = self.packetizer.readline(timeout)
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/packet.py", line 380, in readline
    buf += self._read_timeout(timeout)
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/packet.py", line 622, in _read_timeout
    raise socket.timeout()
socket.timeout

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/transport.py", line 2039, in run
    self._check_banner()
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/transport.py", line 2215, in _check_banner
    raise SSHException(
paramiko.ssh_exception.SSHException: Error reading SSH protocol banner

Traceback (most recent call last):
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/transport.py", line 2211, in _check_banner
    buf = self.packetizer.readline(timeout)
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/packet.py", line 380, in readline
    buf += self._read_timeout(timeout)
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/packet.py", line 622, in _read_timeout
    raise socket.timeout()
socket.timeout

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/client.py", line 406, in connect
    t.start_client(timeout=timeout)
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/transport.py", line 660, in start_client
    raise e
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/transport.py", line 2039, in run
    self._check_banner()
  File "/Users/sneilan/.local/share/virtualenvs/fy21-automation-aZ4mtq-f/lib/python3.8/site-packages/paramiko/transport.py", line 2215, in _check_banner
    raise SSHException(
paramiko.ssh_exception.SSHException: Error reading SSH protocol banner

I'm going to try an older version and see if that fixes it.

[GaetanLepage]

I have the exact same error while trying to ssh through a bastion.
I tried to increase the banner_timeout but it doesn't work...

[SuchismitaGoswami]

@GaetanLepage I tried by increasing the timeout, but no luck :-(

[vanhul]

someone solved the problem?

[Sita1005]

Even i too faced the same issue, when i specify ip address of proxy host. So i have specified FQDN name of the proxy host.

ssh.connect(hostname='192.168.128.20',username='username',password='password',sock=paramiko.ProxyCommand("sshpass -ppassword ssh -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -n -W %h:%p root@FQDN name"))

[jluxiaotao]

Same issue with you.
seems like when it try starting a thread this ERROR occurs.

[jluxiaotao]

Same issue with you.
seems like when it try starting a thread this ERROR occurs.
AmadeusITGroup/JumpSSH#214

[hhoke]

FWIW this popped up every time I used a virtualenv (through both pipenv and poetry), but when I just did a default pip install it connected like a charm

[skozlovf]

I have then same case as @SuchismitaGoswami when my connection is slow.
Found what the reason is because after initial wait for banner_timeout it uses 2 sec timeout to pull remaining banner lines.
I connect successfully if increase this hardcoded value.

Maybe add separate timeout var or use banner_timeout there?

See: paramiko/transport.py:2209.

[stef1205]

Had the same issue and found that increasing range from 100 to 200 in _check_banner fixed the problem

[gabriels1234]

Had the same issue and found that increasing range from 100 to 200 in _check_banner fixed the problem

Not when the failure is immediate. adding timeouts won't help.

[clg-shyam]

check your ports 🔑

[batchenr]

FWIW this popped up every time I used a virtualenv (through both pipenv and poetry), but when I just did a default pip install it connected like a charm

Having the same issue using venv and paramiko 3.3.1
Is anyone found a solution?

[Bryan-Graterol]

Tengo este mismo problema me lanza este error(error reading ssh protocol banner) no se si el problema es de Paramiko o del dispositivo, ya que entra a varios dispositivos pero con alguno me lanza ese error y es como si fuera al azar

[batchenr]

FWIW this popped up every time I used a virtualenv (through both pipenv and poetry), but when I just did a default pip install it connected like a charm

Having the same issue using venv and paramiko 3.3.1 Is anyone found a solution?

Well for some reason downgraded to paramiko 3.2.0 has solved the issue for me

[sjvigo]

I'm having the same issue using venv and paramiko 3.4.0 paramiko.ssh_exception.SSHException: Error reading SSH protocol banner . I've hardcoded the banner_timeout but the error persists. Any solution?

[GuydoEinar]

I solved this issue like this:

ip = "192.168.1.1"
port = 22
sock.setsockopt(socket.SOL_SOCKET, 25, str("eth0").encode('utf-8'))
sock.connect((ip, port))
tp = Transport((ip,port))
tp.connect(None, username, password)

ssh = SSHClient()
ssh._transport = tp

And now you can use the client as you want.