ONTAP Discussions

sshd error

mark_zhang
7,339 Views

[sshd_0:error]: error: Disconnecting: Protocol error: expected packet type 21, got -1

[sshd_2:error]: error: Disconnecting: Protocol error: expected packet type 21, got -1

[sshd_1:error]: error: Disconnecting: Protocol error: expected packet type 21, got -1

Does anyone know what's happen?

I saw it in my log and console as well.

Can I find which client is trying to access? Hacking?

5 REPLIES 5

VELSOLADMIN
7,177 Views

I am having the same issue running DOT 8.2.0 7-mode. I am trying to connect using SSH via putty release 0.63. Any thoughts?

GOOGLECOR
7,177 Views

Apparently you try to make a ssh connection from a client to a Netapp filer.

The disconnecting (of the ssh connection by the NetApp filer) happens because a dynamically generated Diffie_Hellman key from the client was expected (the expected packet type 21) but the NetApp filer did not receive anything (got -1).

From the client use: plink -l username -pw password ip-address-of-the-NetApp-filer and on the question about the serverś host key is not cached in the registry ... Store key in cache? (y/n) you have to answer: yes. This has to be done only once.

Note: you have to put the server's ssh-rsa key in the registry by making the connection using plink, and this has to be done while logged in with the same user that will run the ssh batch later.

Hope this helps. Cheers.

SUPORTE_INFRA
7,177 Views

Hi Cor,

I tried using plink but still get the same errors. Does it work with the user root? Do I have to restart something after the command? Do I have to set one of the options on the putty client?

GOOGLECOR
7,177 Views

Hi Adriana,

i assume for a moment that you try to make a ssh connection from a Windows host. And that you are logged in on this Windows host, with say: somedomain\Adriana . Start a command prompt and change to the folder containing putty.exe and plink.exe .

Then type the command: plink -l root -pw passwordofroot ipadressoftheNetAppfiler      with the bolded text literraly and for the italic text something appropriate filled in.

Do you receive the " ... key is not cached in the registry ... Store key in cache? (y/n) " output?

Does the plink connection succeed? That is: are you logged in on the NetApp filer, and then if you type in NetApp commands, do you see the output of these commands appear in your command screen window?

Let's first make sure your plink connection works allright, then next we go on with your putty connection.

Cheers

lewis_pomeroy
7,177 Views

I haven't seen these errors in quite a while, but I have seen where Putty (and ssh in general) sometimes puts those errors in the messages file based on compression settings in the ssh config.  We also still see those "Protocol error" type messages from old Solaris10 systems when a script or process tries to SSH in and run a command. 

I would turn off the compression and see if you still get the same error.  If already off or you still get the same error with it off, you might can work around it by going into your Putty session settings and under SSH -> Kex try setting the "RSA-based key exchange" as the top algorithm selection policy and that will get you around the Diffie-Hellman exchange.   I can't replicate the issue currently, so not able to test that workaround.

Public