Hi,
I do get a "banner line contains invalid characters" error
Imo, those characters are somehow related to the communication between the ssh client and the sshd on server. The onion skins should not be able to access the inner most layer, in this case the ssh communication.
Possible attack on servers via Tor Guard relays
With the written above, the Tor node attributes should not play a role.
the connection is terminated. (MSG1) Upon connecting for the second time, everything goes smooth. (MSG2)
Starting with MSG2 the ssh connection seems to work.
Something has happend. [1] reads:
SSHFP All SSH fingerprints (SSHFP) records of all the hosts are added to DNS. You can verify the SSH fingerprint by adding "-o VerifyHostKeyDNS=yes" to the ssh command. $ ssh -o VerifyHostKeyDNS=yes serverXX.openbsd.amsterdam The authenticity of host 'serverXX.openbsd.amsterdam' can't be established. ECDSA key fingerprint is SHA256:w3ZoL03eaY/2xdRd/7NvHHwfqIOjyv2O8xkvUnqEgps. Matching host key fingerprint found in DNS. Are you sure you want to continue connecting (yes/no)? yes ... serverXX$
Secondly, the MSG1/2 examples show ssh will speak to a host 'ams02'. The log shows the onion url 'ngb...bid.onion' that resolves to '127.42.42.0', which is not public routable. Confusing to me.
Any directions would be appreciated to solve the problem.
Maybe it's worth looking into local dns, host adresses and ssh fingerprint (known host). And what path the ssh communication takes, especially the difference between MSG1 and MSG2.
[1] https://openbsd.amsterdam/setup.html
- Cheers, Felix