Connected to remote host with Core Tunnel; Now Cannot Connect Over SSH

johntdavis · July 23, 2020, 4:18am

Hello,

I was previously connecting to my server on my local network with Core Shell and Terminal.app without an issue. My server is configured to authenticate with two factor authentication using Google Authenticator.

It asks me for my 6 digit code, and refuses to accept it. After 3 attempts, Terminal gives up.

Permission denied (publickey,keyboard-interactive).

I can still connect with Core Tunnel just fine.

EDIT: More info.

Core Shell is Setapp version.
Installed Core Helper.
Not using any private key or certificate based authentication (identity tab in CT is empty)
"Key Exchange and Information" shows a "host key" and "keyboard-interactive" authentication.

Log:

Equivalent Command: ssh -vvv -o ServerAliveCountMax=3 -o ServerAliveInterval=15 -o ExitOnForwardFailure=yes -p $PORT $USER@192.168.1.10
04:28:46 Connecting…
04:28:46 Using Embeded Helper 4.8 (r48)
04:28:46 OpenSSH_8.3p1, OpenSSL 1.1.1g 21 Apr 2020
04:28:46 Can't open user config file $HOME/.ssh/config: No such file or directory
04:28:46 Abnormal Disconnect
04:28:46 Connection failed, retry after 3s…

It's trying to read the config file in .ssh, which does not exist right now as I haven't recreated it yet. I blasted it out before trying CoreTunnel to avoid conflicts.

What happened? Can I fix it? This machine is headless and I don't have an easy way to attach a monitor and keyboard.

Thanks!

EDIT 2: FIXED! Okay. I'm less panicked now, but extremely confused. I put a "config" file in my user's local .ssh directory with a single comment. Core Shell works fine now.

The file literally says:

.ssh % cat config
ssh client config file

...Um.

EDIT 3: ...Almost Fixed? I'm still having an issue trying to log in multiple times with the same user account. So, I've got one open connection in Core Shell. When I try to open a second connection in a new tab, which worked fine before I installed Core Tunnel, I get this:

05:04:44 debug1: Authentication succeeded (keyboard-interactive).
05:04:44 Authenticated to $HOST ([$HOST]:$PORT).
05:04:44 Abnormal Disconnect

yang · July 23, 2020, 8:20am

Hi John, could you please set Log Level to Debug3, this will provide us more detailed information.

Yang

johntdavis · July 23, 2020, 1:40pm

@yang, good morning! I hope you're doing well.

Here are my logs (redacted):

> ## $HOST_NAME ##

----------------------------------------
Equivalent Command: ssh -vvv -o ServerAliveCountMax=3 -o ServerAliveInterval=15 -o ExitOnForwardFailure=yes -p $PORT $USER@$HOST_ADDR
13:27:18 Connecting…
13:27:18 Using Embeded Helper 4.8 (r48)
13:27:18 OpenSSH_8.3p1, OpenSSL 1.1.1g  21 Apr 2020
13:27:18 debug1: Reading configuration data /Users/$USER/.ssh/config
13:27:18 debug1: /Users/$USER/.ssh/config line 2: Applying options for 192.168.1.10
13:27:18 debug2: resolve_canonicalize: hostname $HOST_ADDR is address
13:27:18 debug2: ssh_connect_direct
13:27:18 debug1: Connecting to $HOST_ADDR [$HOST_ADDR] port $PORT.
13:27:18 debug1: Connection established.
13:27:18 debug1: identity file $HOME/.ssh/id_rsa type -1
13:27:18 debug1: identity file $HOME/.ssh/id_rsa-cert type -1
13:27:18 debug1: identity file $HOME/.ssh/id_dsa type -1
13:27:18 debug1: identity file $HOME/.ssh/id_dsa-cert type -1
13:27:18 debug1: identity file $HOME/.ssh/id_ecdsa type -1
13:27:18 debug1: identity file $HOME/.ssh/id_ecdsa-cert type -1
13:27:18 debug1: identity file $HOME.ssh/id_ecdsa_sk type -1
13:27:18 debug1: identity file $HOME/.ssh/id_ecdsa_sk-cert type -1
13:27:18 debug1: identity file $HOME/.ssh/id_ed25519 type -1
13:27:18 debug1: identity file $HOME/.ssh/id_ed25519-cert type -1
13:27:18 debug1: identity file $HOME/.ssh/id_ed25519_sk type -1
13:27:18 debug1: identity file $HOME/.ssh/id_ed25519_sk-cert type -1
13:27:18 debug1: identity file $HOME/.ssh/id_xmss type -1
13:27:18 debug1: identity file $HOME/.ssh/id_xmss-cert type -1
13:27:18 debug1: Local version string SSH-2.0-OpenSSH_8.3
13:27:18 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.3
13:27:18 debug1: match: OpenSSH_8.3 pat OpenSSH* compat 0x04000000
13:27:18 debug2: fd 3 setting O_NONBLOCK
13:27:18 debug1: Authenticating to $HOST_ADDR:$PORT as '$USER'
13:27:18 debug3: put_host_port: [$HOST_ADDR]:$PORT
13:27:18 Authenticating…
13:27:18 debug3: hostkeys_foreach: reading file "$HOME/.ssh/known_hosts"
13:27:18 debug3: record_hostkey: found key type ECDSA in file /Users/johntdavis/.ssh/known_hosts:1
**13:27:18 debug3: load_hostkeys: loaded 1 keys from [$HOST_ADDR]:$PORT**
13:27:18 debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
13:27:18 debug3: send packet: type 20
13:27:18 debug1: SSH2_MSG_KEXINIT sent
13:27:18 debug3: receive packet: type 20
13:27:18 debug1: SSH2_MSG_KEXINIT received
13:27:18 debug2: local client KEXINIT proposal
13:27:18 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
13:27:18 debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
13:27:18 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
13:27:18 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
13:27:18 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
13:27:18 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
13:27:18 debug2: compression ctos: none,zlib@openssh.com,zlib
13:27:18 debug2: compression stoc: none,zlib@openssh.com,zlib
13:27:18 debug2: languages ctos:
13:27:18 debug2: languages stoc:
13:27:18 debug2: first_kex_follows 0
13:27:18 debug2: reserved 0
13:27:18 debug2: peer server KEXINIT proposal
13:27:18 debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
13:27:18 debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
13:27:18 debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
13:27:18 debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
13:27:18 debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
13:27:18 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
13:27:18 debug2: compression ctos: none,zlib@openssh.com
13:27:18 debug2: compression stoc: none,zlib@openssh.com
13:27:18 debug2: languages ctos:
13:27:18 debug2: languages stoc:
13:27:18 debug2: first_kex_follows 0
13:27:18 debug2: reserved 0
13:27:18 debug1: kex: algorithm: curve25519-sha256
13:27:18 debug1: kex: host key algorithm: ecdsa-sha2-nistp256
13:27:18 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
13:27:18 debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
13:27:18 debug3: send packet: type 30
13:27:18 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
13:27:18 debug3: receive packet: type 31
13:27:18 debug1: S**erver host key: ecdsa-sha2-nistp256** SHA256:ZiU4KTFc43nhzOxmI7OIrvma50oax2zdIAskDUPZBBg
13:27:18 debug3: put_host_port: [$HOST_ADDR]:$PORT
13:27:18 debug3: put_host_port: [$HOST_ADDR]:$PORT
13:27:18 debug3: hostkeys_foreach: reading file "$HOME/.ssh/known_hosts"
13:27:18 debug3: record_hostkey: found key type ECDSA in file $HOME/.ssh/known_hosts:1
13:27:18 debug3: load_hostkeys: loaded 1 keys from [$HOST_ADDR]:$PORT
13:27:18 debug3: hostkeys_foreach: reading file "$HOME/.ssh/known_hosts"
13:27:18 debug3: record_hostkey: found key type ECDSA in file /Users/johntdavis/.ssh/known_hosts:1
13:27:18 debug3: load_hostkeys: loaded 1 keys from [$HOST_ADDR]:$PORT
13:27:18 debug1: Host '[$HOST_ADDR]:$PORT' is known and matches the ECDSA host key.
13:27:18 debug1: Found key in $HOME/.ssh/known_hosts:1
13:27:18 debug3: send packet: type 21
13:27:18 debug2: set_newkeys: mode 1
13:27:18 debug1: rekey out after 134217728 blocks
13:27:18 debug1: SSH2_MSG_NEWKEYS sent
13:27:18 debug1: expecting SSH2_MSG_NEWKEYS
13:27:18 debug3: receive packet: type 21
13:27:18 debug1: SSH2_MSG_NEWKEYS received
13:27:18 debug2: set_newkeys: mode 0
13:27:18 debug1: rekey in after 134217728 blocks
13:27:18 debug1: Will attempt key: $HOME/.ssh/id_rsa
13:27:18 debug1: Will attempt key: $HOME/.ssh/id_dsa
13:27:18 debug1: Will attempt key: $HOME/.ssh/id_ecdsa
13:27:18 debug1: Will attempt key: $HOME/.ssh/id_ecdsa_sk
13:27:18 debug1: Will attempt key: $HOME/.ssh/id_ed25519
13:27:18 debug1: Will attempt key: $HOME/.ssh/id_ed25519_sk
13:27:18 debug1: Will attempt key: $HOME/.ssh/id_xmss
13:27:18 debug2: pubkey_prepare: done
13:27:18 debug3: send packet: type 5
13:27:18 debug3: receive packet: type 7
13:27:18 debug1: SSH2_MSG_EXT_INFO received
13:27:18 debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
13:27:18 debug3: receive packet: type 6
13:27:18 debug2: service_accept: ssh-userauth
13:27:18 debug1: SSH2_MSG_SERVICE_ACCEPT received
13:27:18 debug3: send packet: type 50
13:27:18 debug3: receive packet: type 51
13:27:18 debug1: Authentications that can continue: publickey,keyboard-interactive
13:27:18 debug3: start over, passed a different list publickey,keyboard-interactive
13:27:18 debug3: preferred publickey,keyboard-interactive,password
13:27:18 debug3: authmethod_lookup publickey
13:27:18 debug3: remaining preferred: keyboard-interactive,password
13:27:18 debug3: authmethod_is_enabled publickey
13:27:18 debug1: Next authentication method: publickey
13:27:18 debug1: Trying private key: $HOME/.ssh/id_rsa
13:27:18 debug3: no such identity: $HOME/.ssh/id_rsa: No such file or directory
13:27:18 debug1: Trying private key: $HOME/.ssh/id_dsa
13:27:18 debug3: no such identity: $HOME/.ssh/id_dsa: No such file or directory
13:27:18 debug1: Trying private key: $HOME/.ssh/id_ecdsa
13:27:18 debug3: no such identity: $HOME/.ssh/id_ecdsa: No such file or directory
13:27:18 debug1: Trying private key: $HOME/.ssh/id_ecdsa_sk
13:27:18 debug3: no such identity: $HOME/.ssh/id_ecdsa_sk: No such file or directory
13:27:18 debug1: Trying private key: $HOME/.ssh/id_ed25519
13:27:18 debug3: no such identity: $HOME/.ssh/id_ed25519: No such file or directory
13:27:18 debug1: Trying private key: $HOME/.ssh/id_ed25519_sk
13:27:18 debug3: no such identity: $HOME/.ssh/id_ed25519_sk: No such file or directory
13:27:18 debug1: Trying private key: $HOME/.ssh/id_xmss
13:27:18 debug3: no such identity: $HOME/.ssh/id_xmss: No such file or directory
13:27:18 debug2: we did not send a packet, disable method
13:27:18 debug3: authmethod_lookup keyboard-interactive
13:27:18 debug3: remaining preferred: password
13:27:18 debug3: authmethod_is_enabled keyboard-interactive
13:27:18 debug1: Next authentication method: keyboard-interactive
13:27:18 debug2: userauth_kbdint
13:27:18 debug3: send packet: type 50
13:27:18 debug2: we sent a keyboard-interactive packet, wait for reply
13:27:18 debug3: receive packet: type 60
13:27:18 debug2: input_userauth_info_req
13:27:18 debug2: input_userauth_info_req: num_prompts 1
13:27:18 debug1: read_passphrase: can't open /dev/tty: Device not configured
13:27:36 debug3: send packet: type 61
13:27:36 debug3: receive packet: type 60
13:27:36 debug2: input_userauth_info_req
13:27:36 debug2: input_userauth_info_req: num_prompts 0
13:27:36 debug3: send packet: type 61
13:27:36 debug3: receive packet: type 52
13:27:36 debug1: Authentication succeeded (keyboard-interactive).
13:27:36 Authenticated to $HOST_ADDR ([$HOST_ADDR]:$PORT).
13:27:36 Abnormal Disconnect

yang · July 23, 2020, 3:04pm

Morning John, thank you for the log, could you please run this command in Terminal and paste the output again?

ssh -vvv -o ServerAliveCountMax=3 -o ServerAliveInterval=15 -o ExitOnForwardFailure=yes -p $PORT $USER@$HOST_ADDR

Yang

johntdavis · July 23, 2020, 3:26pm

Note: I already have one open connection, so I'm guessing that's why it can't port forward again at the bottom there.

~ % ssh -vvv -o ServerAliveCountMax=3 -o ServerAliveInterval=15 -o ExitOnForwardFailure=yes -p $HOST_PORT $USER@$HOST_ADDR

OpenSSH_8.1p1, LibreSSL 2.7.3
debug1: Reading configuration data $HOME/.ssh/config
debug1: $HOME/.ssh/config line 2: Applying options for $HOST_ADDR
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug2: resolve_canonicalize: hostname $HOST_ADDR is address
debug2: ssh_connect_direct
debug1: Connecting to $HOST_ADDR [$HOST_ADDR] port $HOST_PORT.
debug1: Connection established.
debug1: identity file $HOME/.ssh/id_rsa type -1
debug1: identity file $HOME/.ssh/id_rsa-cert type -1
debug1: identity file $HOME/.ssh/id_dsa type -1
debug1: identity file $HOME/.ssh/id_dsa-cert type -1
debug1: identity file $HOME/.ssh/id_ecdsa type -1
debug1: identity file $HOME/.ssh/id_ecdsa-cert type -1
debug1: identity file $HOME/.ssh/id_ed25519 type -1
debug1: identity file $HOME/.ssh/id_ed25519-cert type -1
debug1: identity file $HOME/.ssh/id_xmss type -1
debug1: identity file $HOME/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.3
debug1: match: OpenSSH_8.3 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to $HOST_ADDR:$HOST_PORT as '$USER'
debug3: put_host_port: [$HOST_ADDR]:$HOST_PORT
debug3: hostkeys_foreach: reading file "$HOME/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file $HOME/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [$HOST_ADDR]:$HOST_PORT
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:ZiU4KTFc43nhzOxmI7OIrvma50oax2zdIAskDUPZBBg
debug3: put_host_port: [$HOST_ADDR]:$HOST_PORT
debug3: put_host_port: [$HOST_ADDR]:$HOST_PORT
debug3: hostkeys_foreach: reading file "$HOME/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file $HOME/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [$HOST_ADDR]:$HOST_PORT
debug3: hostkeys_foreach: reading file "$HOME/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file $HOME/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from [$HOST_ADDR]:$HOST_PORT
debug1: Host '[$HOST_ADDR]:$HOST_PORT' is known and matches the ECDSA host key.
debug1: Found key in $HOME/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: $HOME/.ssh/id_rsa 
debug1: Will attempt key: $HOME/.ssh/id_dsa 
debug1: Will attempt key: $HOME/.ssh/id_ecdsa 
debug1: Will attempt key: $HOME/.ssh/id_ed25519 
debug1: Will attempt key: $HOME/.ssh/id_xmss 
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: $HOME/.ssh/id_rsa
debug3: no such identity: $HOME/.ssh/id_rsa: No such file or directory
debug1: Trying private key: $HOME/.ssh/id_dsa
debug3: no such identity: $HOME/.ssh/id_dsa: No such file or directory
debug1: Trying private key: $HOME/.ssh/id_ecdsa
debug3: no such identity: $HOME/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: $HOME/.ssh/id_ed25519
debug3: no such identity: $HOME/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: $HOME/.ssh/id_xmss
debug3: no such identity: $HOME/.ssh/id_xmss: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Verification code: 
debug3: send packet: type 61
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 0
debug3: send packet: type 61
debug3: receive packet: type 52
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to $HOST_ADDR ([$HOST_ADDR]:$HOST_PORT).
debug1: Local connections to localhost:9901 forwarded to remote address $HOST_ADDR:5901
debug3: channel_setup_fwd_listener_tcpip: type 2 wildcard 0 addr NULL
debug1: Local forwarding listening on 127.0.0.1 port 9901.
bind [127.0.0.1]:9901: Address already in use
debug3: sock_set_v6only: set socket 5 IPV6_V6ONLY
debug1: Local forwarding listening on ::1 port 9901.
bind [::1]:9901: Address already in use
channel_setup_fwd_listener_tcpip: cannot listen to port: 9901
Could not request local forwarding.

yang · July 24, 2020, 12:35am

Yes, that's the problem. To avoid this problem, you can entering advanced settings of your host profile, change ExitOnForwardFailure to no.

johntdavis · July 24, 2020, 4:31am

Thanks! After all that, I still can't connect to the VNC server. Its log shows its up and listening, but it absolutely refuses all connections.

I honestly have no idea what's going on. At this point I'm interested in making it work more to prove I can.

I figured out how to do what I wanted on the command line, too.

Thanks for your help with this.

A couple of semi-related questions:

Is changing ExitOnForwardFailure to yes supposed to happen when creating a tunnel with Core Tunnel? I don't think I did anything to modify the default settings, and I wasn't really expecting that to happen.
Also, since I'm running the Setapp version of Core Shell which does not need the Core Helper app, does installing Core Helper for Core Tunnel create conflicts with (Setapp) Core Shell?

Thanks again!

yang · July 24, 2020, 6:32am

ExitOnForwardFailure is set to yes by default in Core Tunnel.

Setapp version of Core Shell embeds a full functioned Helper tool, it will never contact with the standalone Core Helper, so no conflicts between them.

Feel free to let me know if you need assistance

johntdavis · July 24, 2020, 1:33pm

Thanks again. Have a great weekend.