I’ve setup new service ssh with same config as http from quickstart. Http works perfectly, but with ssh there are some problems.
It hangs on this stage
Jun 14 01:32:06 route sshd[117994]: debug1: Forked child 118492.
Jun 14 01:32:06 route sshd[118492]: debug1: Set /proc/self/oom_score_adj to 0
Jun 14 01:32:06 route sshd[118492]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Jun 14 01:32:06 route sshd[118492]: debug1: inetd sockets after dupping: 4, 4
Jun 14 01:32:06 route sshd[118492]: Connection from 10.0.0.207 port 48490 on 10.0.0.10 port 22 rdomain “”
Jun 14 01:32:06 route sshd[118492]: debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
and when i cancel ssh from client it throw this
Jun 14 01:33:52 route sshd[118492]: error: kex_exchange_identification: Connection closed by remote host
on client side I have this logs
OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /home/XXX/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to ssh.ziti [100.64.2.1] port 22.
debug1: Connection established.
debug1: identity file /home/XXX/.ssh/id_rsa type 0
debug1: identity file /home/XXX/.ssh/id_rsa-cert type -1
debug1: identity file /home/XXX/.ssh/id_dsa type -1
debug1: identity file /home/XXX/.ssh/id_dsa-cert type -1
debug1: identity file /home/XXX/.ssh/id_ecdsa type -1
debug1: identity file /home/XXX/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/XXX/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/XXX/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/XXX/.ssh/id_ed25519 type -1
debug1: identity file /home/XXX/.ssh/id_ed25519-cert type -1
debug1: identity file /home/XXX/.ssh/id_ed25519_sk type -1
debug1: identity file /home/XXX/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/XXX/.ssh/id_xmss type -1
debug1: identity file /home/XXX/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3
after cancellation it may throw error with this on server
Jun 14 01:37:57 route sshd[117994]: debug1: Forked child 118703.
Jun 14 01:37:57 route sshd[118703]: debug1: Set /proc/self/oom_score_adj to 0
Jun 14 01:37:57 route sshd[118703]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Jun 14 01:37:57 route sshd[118703]: debug1: inetd sockets after dupping: 4, 4
Jun 14 01:37:57 route sshd[118703]: Connection from 10.0.0.207 port 48494 on 10.0.0.10 port 22 rdomain “”
Jun 14 01:37:57 route sshd[118703]: debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
Jun 14 01:37:57 route sshd[118703]: error: kex_exchange_identification: banner line contains invalid characters
Jun 14 01:37:57 route sshd[118703]: banner exchange: Connection from 10.0.0.207 port 48494: invalid format
with error on client side
OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /home/XXX/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to ssh.ziti [100.64.2.1] port 22.
debug1: Connection established.
debug1: identity file /home/XXX/.ssh/id_rsa type 0
debug1: identity file /home/XXX/.ssh/id_rsa-cert type -1
debug1: identity file /home/XXX/.ssh/id_dsa type -1
debug1: identity file /home/XXX/.ssh/id_dsa-cert type -1
debug1: identity file /home/XXX/.ssh/id_ecdsa type -1
debug1: identity file /home/XXX/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/XXX/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/XXX/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/XXX/.ssh/id_ed25519 type -1
debug1: identity file /home/XXX/.ssh/id_ed25519-cert type -1
debug1: identity file /home/XXX/.ssh/id_ed25519_sk type -1
debug1: identity file /home/XXX/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/XXX/.ssh/id_xmss type -1
debug1: identity file /home/XXX/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.3
kex_exchange_identification: Connection closed by remote host
without openziti layer ssh auth work’s fine with no errors.