-
Hello,
I’ve been using Cloudron for quite awhile now and I really enjoy the simplicity of it! One of the apps I’ve been using is Guacamole. It’s completely replaced every Remote Desktop service I had. I love it!
But here is my issue. One of the servers I connect to has been running very poorly, so I decided to wipe the server and rebuild it. When I finally got it all setup again I went and removed the old server from Guacamole and re-added this rebuilt server back to Guacamole. VNC works great. But SSH is what’s causing the problem. I can’t for the life of me figure out why it won’t connect. All the other clients I use for SSH connect to the new rebuilt server with the same parameters. I pulled the logs and it says that it successfully connects and establishes itself to the server but then disconnects because a handshake failed. I did set the new rebuilt server to have the same static IP address as it had before it was rebuilt because I have other services that run on this server that have ports already setup and configured in my router and I didn’t want to have to go through and edit all them again.
My guess as to what’s happening is Guacamole has hung onto the previous servers IP address and MAC address as well as the fingerprint associated with those items for SSH. Because the same IP and MAC are identical to the previous settings but the fingerprint has changed since it’s a brand new install it’s failing the handshake. But here’s where it gets weird. I looked everywhere on where this file could possibly be located and was going to edit it to match the correct fingerprint but I cannot for the life of me find the location. It’s no where documented that I am able to locate for this scenario. But because of this hunch I had I decided to completely remove the Guacamole app from my Cloudron server and the do a brand new reinstallation of the app hoping that would clear the problem. But NOPE!!! After pulling the logs I’m still getting the same error. It’s like it saved the settings or something from the previous Guacamole install. I’m at my wits end and can really use some guidance here to make this work. This is my last attempt to get it working before I completely rebuild the Cloudron server itself next. I’m only connecting through username and password no ssh-keys. I haven’t tried that as an option because I want to know why this is even happening in the first place.
Please let me know if you have a way to fix my issue. If you would like me to I can post the logs here if need be.
Thanks!!
-
It sounds like this is the cause of the issue:
https://issues.apache.org/jira/browse/GUACAMOLE-1315Related issue here:
https://www.reddit.com/r/linuxquestions/comments/ued2vq/comment/i736why/The 'hack' will be needed until the Guac folks resolve this issue: https://issues.apache.org/jira/browse/GUACAMOLE-1504
It looks like Guacamole only supports ssh-dss and ssh-rsa, and both have been disabled in Ubuntu.
DSS was removed 8 years ago and RSA has been deprecated, so hopefully Guacamole updates sometime soon.
In the meantime a workaround is adding “HostKeyAlgorithms +ssh-rsa” to the end of /etc/ssh/sshd_config on the Ubuntu machine and restart sshd.
-
Hello,
I’ve been using Cloudron for quite awhile now and I really enjoy the simplicity of it! One of the apps I’ve been using is Guacamole. It’s completely replaced every Remote Desktop service I had. I love it!
But here is my issue. One of the servers I connect to has been running very poorly, so I decided to wipe the server and rebuild it. When I finally got it all setup again I went and removed the old server from Guacamole and re-added this rebuilt server back to Guacamole. VNC works great. But SSH is what’s causing the problem. I can’t for the life of me figure out why it won’t connect. All the other clients I use for SSH connect to the new rebuilt server with the same parameters. I pulled the logs and it says that it successfully connects and establishes itself to the server but then disconnects because a handshake failed. I did set the new rebuilt server to have the same static IP address as it had before it was rebuilt because I have other services that run on this server that have ports already setup and configured in my router and I didn’t want to have to go through and edit all them again.
My guess as to what’s happening is Guacamole has hung onto the previous servers IP address and MAC address as well as the fingerprint associated with those items for SSH. Because the same IP and MAC are identical to the previous settings but the fingerprint has changed since it’s a brand new install it’s failing the handshake. But here’s where it gets weird. I looked everywhere on where this file could possibly be located and was going to edit it to match the correct fingerprint but I cannot for the life of me find the location. It’s no where documented that I am able to locate for this scenario. But because of this hunch I had I decided to completely remove the Guacamole app from my Cloudron server and the do a brand new reinstallation of the app hoping that would clear the problem. But NOPE!!! After pulling the logs I’m still getting the same error. It’s like it saved the settings or something from the previous Guacamole install. I’m at my wits end and can really use some guidance here to make this work. This is my last attempt to get it working before I completely rebuild the Cloudron server itself next. I’m only connecting through username and password no ssh-keys. I haven’t tried that as an option because I want to know why this is even happening in the first place.
Please let me know if you have a way to fix my issue. If you would like me to I can post the logs here if need be.
Thanks!!
@bigbucketboy Could be known_hosts problem?
https://guacamole.apache.org/doc/1.0.0/gug/configuring-guacamole.html#ssh-host-verificationDid you check that?
-
It sounds like this is the cause of the issue:
https://issues.apache.org/jira/browse/GUACAMOLE-1315Related issue here:
https://www.reddit.com/r/linuxquestions/comments/ued2vq/comment/i736why/The 'hack' will be needed until the Guac folks resolve this issue: https://issues.apache.org/jira/browse/GUACAMOLE-1504
It looks like Guacamole only supports ssh-dss and ssh-rsa, and both have been disabled in Ubuntu.
DSS was removed 8 years ago and RSA has been deprecated, so hopefully Guacamole updates sometime soon.
In the meantime a workaround is adding “HostKeyAlgorithms +ssh-rsa” to the end of /etc/ssh/sshd_config on the Ubuntu machine and restart sshd.
-
G girish moved this topic from Support on
-
@BrutalBirdie and @robi thanks for your guys help! @robi your suggestion by adding the new line in the /etc/ssh/sshd_config this worked perfectly and gave me my command line gui in Guacamole. I’ll mark this as solved. Thanks for your thorough explanation as not only how to fix it but also as to why it wasn’t working in the first place. Thanks again guys!
-
Wow. I must be a noob but how in the world do you mark a post as solved???
Sorry for the stupid question lol.
-
Wow. I must be a noob but how in the world do you mark a post as solved???
Sorry for the stupid question lol.
@bigbucketboy said in SSH Help!!!:
Wow. I must be a noob but how in the world do you mark a post as solved???
Sorry for the stupid question lol.
top right dropdown.
-
@bigbucketboy said in SSH Help!!!:
Wow. I must be a noob but how in the world do you mark a post as solved???
Sorry for the stupid question lol.
top right dropdown.
-
@robi I don't think I have that option maybe that's why I can't do it. Here is a screen grab.
-
@bigbucketboy check the gear icon
@bigbucketboy You will have to click the gear icon and select ask a question, then the topic will have a unsolved tag, then you can select a comment as the answer aka. mark this as solution.
-
G girish marked this topic as a question on
-
G girish has marked this topic as solved on
-
@BrutalBirdie and @robi thanks for your guys help! @robi your suggestion by adding the new line in the /etc/ssh/sshd_config this worked perfectly and gave me my command line gui in Guacamole. I’ll mark this as solved. Thanks for your thorough explanation as not only how to fix it but also as to why it wasn’t working in the first place. Thanks again guys!
@bigbucketboy is there a way to modify ssh_config file? Its read only and I tried to chmod the file, and guessing its a container thing. I edited the host OS, but guessing the container needs to be modified.. I can't SSH into the Ubuntu system.. Not a linux/container guy
-
@bigbucketboy is there a way to modify ssh_config file? Its read only and I tried to chmod the file, and guessing its a container thing. I edited the host OS, but guessing the container needs to be modified.. I can't SSH into the Ubuntu system.. Not a linux/container guy
-
G girish referenced this topic on
