Hi everyone,
I am trying to connect to my Roccky Linux 9 server using client on my Mac.
I get "Could not setup secure tunnel " issue. The port on mac is free. The agent is running. I can access through the browser no problem
Did anyone have a similar issue?
Any help appriciated.
Hello @ashum!
This error usually means that the client is unable to connect to the ssh
daemon running on the machine hosting the vsmserver service. Please verify that you have OpenSSH server installed and necessary ports open on your Rocky Linux server.
Kind regards,
Martin
hmm,
openssh-server is intalled
the nmap is showing:
Host is up (0.00011s latency).
PORT STATE SERVICE
22/tcp open ssh
I can ssh to the machine no problem from the terminal
not sure if its of any use but it looks like the agent is listening to port 904 for some reason
sudo grep listen /opt/thinlinc/etc/conf.d/*
/opt/thinlinc/etc/conf.d/tlwebadm.hconf:listen_port=1010
/opt/thinlinc/etc/conf.d/vsmagent.hconf:# Port to listen on
/opt/thinlinc/etc/conf.d/vsmagent.hconf:listen_port=904
/opt/thinlinc/etc/conf.d/vsmserver.hconf:# Port to listen on
/opt/thinlinc/etc/conf.d/vsmserver.hconf:listen_port=9000
/opt/thinlinc/etc/conf.d/webaccess.hconf:listen_port=300
I continued investigation and found that the when client attempt to connect it connects successfully to the running sshd server and then dropped out with error:
fatal: mm_answer_sign: sign: error in libcrypto
Hello @ashum
Ok, looks like you’ve stumbled upon this bug for which we have a Platform Specific Note with different known workarounds.
I believe the best way forward for you is to relax your system crypty policy to allow SHA-1, like so:
$ sudo update-crypto-policies --set DEFAULT:SHA1
$ sudo reboot
Regards,
Martin
That did the trick. Thx a ton.
1 Like