Hello, I have been trying to enable SSH on my Multiplus II GX.
I have gotten so far as to press enable on the SSH on LAN option and set a password.
But every time I try to connect I get error messages from putty and Powershell. I have also tried to connect via an SSH phone app with no luck. Any input is appreciated.
Firmware v2.92
Windows 10
Putty version 0.78
I have no trouble getting into a Cerbo GX, v2.92, via PS or Putty 0.78 from a windows 11 box. When I SSH with the "-Q key" flag set, I get the following list. What does your instance return?
I think the problem is on the MP GX II.
Can it have some thing to do with grid codes?
I suggest you try two things to help refine where the problem lies. 1) try logging into your MP GX from a different computer. 2) SSH into a different server from your current computer.
Maybe also reboot your MP GX and then try. How old is the MP GX?
The MP II GX is brand new.
I have tried with 2 computers and iPhone app. I can ssh in to other servers like unraid.
I have tried to reboot many times.
Disable ssh then reboot, enable then ssh reboot. and so on.
On the off chance, the root password is wiped after a firmware upgrade. Try resetting the SSH password via the console. Otherwise, I am out of ideas I'm afraid. Sorry.
I set the ssh password via the web GUI. and have tried different passwords :(
Think I need to contact Victron.
Thanks for the effort :)
You are trying all of this on the same LAN as the MP GX with no firewalls or other proxy devices in between? If not, get on the same local segment and try.
You might also trying forcing to one of the older more basic keys rather than relying on auto negotiation:
ssh -oHostKeyAlgorithms=+ssh-dss root@192.168.xxx.xxx
ssh -oHostKeyAlgorithms=+ssh-rsa root@192.168.xxx.xxx
Yes, same network segment pc IP 192.168.11.10 mp ii gx 192.168.11.160
And here i also show that i can connect to other stuff on lan via ssh
For your comparative reference, when I run ssh to a v2.92 instance with the "-v" verbose flag set. I get the following output. Maybe a clue will turn up when you compare same against your instance.
PS C:\Users\john.leslie> ssh -v root@192.168.1.1 OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2 debug1: Connecting to 192.168.1.1 [192.168.1.1] port 22. debug1: Connection established. debug1: identity file C:\\Users\\john.leslie/.ssh/id_rsa type -1 debug1: identity file C:\\Users\\john.leslie/.ssh/id_rsa-cert type -1 debug1: identity file C:\\Users\\john.leslie/.ssh/id_dsa type -1 debug1: identity file C:\\Users\\john.leslie/.ssh/id_dsa-cert type -1 debug1: identity file C:\\Users\\john.leslie/.ssh/id_ecdsa type -1 debug1: identity file C:\\Users\\john.leslie/.ssh/id_ecdsa-cert type -1 debug1: identity file C:\\Users\\john.leslie/.ssh/id_ed25519 type -1 debug1: identity file C:\\Users\\john.leslie/.ssh/id_ed25519-cert type -1 debug1: identity file C:\\Users\\john.leslie/.ssh/id_xmss type -1 debug1: identity file C:\\Users\\john.leslie/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2 debug1: match: OpenSSH_8.2 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 192.168.1.1:22 as 'root' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:7snRd+Si1cRC9EXDyOICn8PnSbdE2WKq/D+FIaHc9fo debug1: Host '192.168.1.1' is known and matches the ECDSA host key. debug1: Found key in C:\\Users\\john.leslie/.ssh/known_hosts:2 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory debug1: Will attempt key: C:\\Users\\john.leslie/.ssh/id_rsa debug1: Will attempt key: C:\\Users\\john.leslie/.ssh/id_dsa debug1: Will attempt key: C:\\Users\\john.leslie/.ssh/id_ecdsa debug1: Will attempt key: C:\\Users\\john.leslie/.ssh/id_ed25519 debug1: Will attempt key: C:\\Users\\john.leslie/.ssh/id_xmss debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Trying private key: C:\\Users\\john.leslie/.ssh/id_rsa debug1: Trying private key: C:\\Users\\john.leslie/.ssh/id_dsa debug1: Trying private key: C:\\Users\\john.leslie/.ssh/id_ecdsa debug1: Trying private key: C:\\Users\\john.leslie/.ssh/id_ed25519 debug1: Trying private key: C:\\Users\\john.leslie/.ssh/id_xmss debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password debug1: read_passphrase: can't open /dev/tty: No such file or directory root@192.168.1.1's password: debug1: Authentication succeeded (password). Authenticated to 192.168.1.1 ([192.168.1.1]:22). debug1: channel 0: new [client-session] debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: pledge: network debug1: ENABLE_VIRTUAL_TERMINAL_INPUT is supported. Reading the VTSequence from console debug1: ENABLE_VIRTUAL_TERMINAL_PROCESSING is supported. Console supports the ansi parsing debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 Last login: Wed Dec 28 19:44:45 2022 from 10.1.1.145 root@raspberrypi4:~#
PS C:\Users\Chris> ssh -v root@192.168.11.160 OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2 debug1: Connecting to 192.168.11.160 [192.168.11.160] port 22. debug1: Connection established. debug1: identity file C:\\Users\\Chris/.ssh/id_rsa type -1 debug1: identity file C:\\Users\\Chris/.ssh/id_rsa-cert type -1 debug1: identity file C:\\Users\\Chris/.ssh/id_dsa type -1 debug1: identity file C:\\Users\\Chris/.ssh/id_dsa-cert type -1 debug1: identity file C:\\Users\\Chris/.ssh/id_ecdsa type -1 debug1: identity file C:\\Users\\Chris/.ssh/id_ecdsa-cert type -1 debug1: identity file C:\\Users\\Chris/.ssh/id_ed25519 type -1 debug1: identity file C:\\Users\\Chris/.ssh/id_ed25519-cert type -1 debug1: identity file C:\\Users\\Chris/.ssh/id_xmss type -1 debug1: identity file C:\\Users\\Chris/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2 debug1: match: OpenSSH_8.2 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 192.168.11.160:22 as 'root' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: (no match) Unable to negotiate with 192.168.11.160 port 22: no matching host key type found. Their offer:
PS C:\Users\Chris> ssh -v -v -v root@192.168.11.160 OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2 debug3: Failed to open file:C:/Users/Chris/.ssh/config error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_config error:2 debug2: resolve_canonicalize: hostname 192.168.11.160 is address debug2: ssh_connect_direct debug1: Connecting to 192.168.11.160 [192.168.11.160] port 22. debug1: Connection established. debug3: Failed to open file:C:/Users/Chris/.ssh/id_rsa error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_rsa.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_rsa type -1 debug3: Failed to open file:C:/Users/Chris/.ssh/id_rsa-cert error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_rsa-cert.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_rsa-cert type -1 debug3: Failed to open file:C:/Users/Chris/.ssh/id_dsa error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_dsa.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_dsa type -1 debug3: Failed to open file:C:/Users/Chris/.ssh/id_dsa-cert error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_dsa-cert.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_dsa-cert type -1 debug3: Failed to open file:C:/Users/Chris/.ssh/id_ecdsa error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_ecdsa.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_ecdsa type -1 debug3: Failed to open file:C:/Users/Chris/.ssh/id_ecdsa-cert error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_ecdsa-cert.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_ecdsa-cert type -1 debug3: Failed to open file:C:/Users/Chris/.ssh/id_ed25519 error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_ed25519.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_ed25519 type -1 debug3: Failed to open file:C:/Users/Chris/.ssh/id_ed25519-cert error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_ed25519-cert.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_ed25519-cert type -1 debug3: Failed to open file:C:/Users/Chris/.ssh/id_xmss error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_xmss.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_xmss type -1 debug3: Failed to open file:C:/Users/Chris/.ssh/id_xmss-cert error:2 debug3: Failed to open file:C:/Users/Chris/.ssh/id_xmss-cert.pub error:2 debug1: identity file C:\\Users\\Chris/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2 debug1: match: OpenSSH_8.2 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to 192.168.11.160:22 as 'root' debug3: hostkeys_foreach: reading file "C:\\Users\\Chris/.ssh/known_hosts" debug3: Failed to open file:C:/Users/Chris/.ssh/known_hosts2 error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2 debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2 debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,zlib@openssh.com,zlib debug2: compression stoc: none,zlib@openssh.com,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 debug2: host key algorithms: debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none debug2: compression stoc: none debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: (no match) Unable to negotiate with 192.168.11.160 port 22: no matching host key type found. Their offer: PS C:\Users\Chris>
Update:
Now I downgraded to version 2.73 and now the web GUI is blank.....
But I did manage to get further into the ssh connection. so now I get prompted for a password. but the I do not know if the password got reset.
Your system appears to be missing signature key types. Try running "-Q sig" flag to compare to below.
ssh -Q sig root@192.168.1.1 ssh-ed25519 ssh-rsa rsa-sha2-256 rsa-sha2-512 ssh-dss ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521
I think the ssh problem might be being cursed by being connected via wifi vs ethernet.
With the ethernet link, I get a prompt for a password.
But the big problem now is that my remote GUI is BLANK
Very Strange. All of my troubleshooting help has been to a wifi-connected Venus (Cerbo & Raspberry Pi). Maybe a bad firmware install?
You mentioned a new MP GX unit. You could ask your installer (or yourself) to downgrade the firmware to one prior version and see if the problems continue. If it works on the downgraded FW, then try a FW upgrade back to latest release. Be sure to back up and take note of your configurations before you mess with the FW downgrade/upgrade
Or, since the unit is new, contact your dealer with a support request on the Victron Professional site. If you have not already registered on the Victron Professional site, you can do so as a non-professional user. There is useful training and other information there.
