Linux – Windows 10 Linux Subsystem SSH client Resource temporarily unavailable

bashsshwindows 10windows-subsystem-for-linux

I am trying to ssh into my remote server within the Windows 10 Linux Subsystem.
I am using MS Windows 10 Home Insider Preview build 14366.

While at the command prompt, I type:

ssh user@domain.com

A few seconds after typing the ssh command, I am getting the following message:

ssh: connect to host domain.com port 22: Resource temporarily unavailable

I am successfully able to connect using Putty as well as using ssh within Git Bash.

So, that leads me to believe the issue is on my local pc and more specifically within the Linux Subsystem. I'm still very green with the Linux environment and am not sure how to interpret this message. What resource is unavailable and what should I do to make it available?

Best Answer

As far as I can tell, this is a bug in WSL. Hopefully, Microsoft will fix it in the next build. But for now, we can use this slightly ugly hack.

Update #1: Definitely a bug. Found this issue on Github. Thier proposed workaround of relaunching the shell works for me as well if you don't want to go through all of this.

TL;DR Add this to END your SSH config (usually located at ~/.ssh/config):

Host *
    ProxyCommand nc %h %p %r

Here's why it works: Our SSH issue is not a firewall issue because nc and telnet work to the same host and port (try telnet <host> <port> or nc <host> <port>: you should see something like SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.7). This we can use to our advantage.

SSH allows the use of proxies that take standard input and send it to the server's port via the ProxyCommand option. This is normally used to tunnel into networks to a protected host by using an in-between bastion SSH server, sometimes called a jump host (see this link for more info).

This hack tells SSH to use a proxy with no jump host(s). So, it gets around SSH's failed allocation of TCP resources by pushing all of the network resource allocation onto Netcat, which does work. SSH just does its SSH thing without any network connections, and Netcat sends the raw data over a TCP connection to the SSH server.

WARNING: Since this modifies the ProxyCommand for all hosts, I do not know how it interacts with other SSH config hosts that use ProxyCommand. I have a few servers with which I can test this, and I will update this answer with the results. There is a chance that there are no detrimental side effects, but I cannot guarantee that.

Update #2: I did some testing with a few of my servers, and this appears to work. SSH uses the uppermost entry in the config when multiple entries apply. Thus, an existing ProxyCommand present above this hack would override it. When the new SSH command is executed, it re-reads the SSH config, and if there is no other ProxyCommand, SSH uses our hack ProxyCommand, allowing it to only apply to the "outermost" SSH session. Word of warning: if you put the hack at the top of the config file (or above the entry you are trying to SSH to), SSH sessions that require a ProxyCommand will ignore the other ProxyCommand and instead attempt to resolve the address of the host and connect directly with Netcat.

Related Solutions

Linux – can I share the SSH keys between WSL and Windows

What am I doing wrong?

SSH requires sane permissions on the private keys and you are not able to achieve that while symlinking to different filesystem (windows). The manual page for ssh explains that quite clearly:

~/.ssh/id_rsa

Contains the private key for authentication. These files contain sensitive data and should be readable by the user but not accessible by others (read/write/execute). ssh will simply ignore a private key file if it is accessible by others.

You can most probably copy the private keys and set appropriate permissions, if you want to "share the keys".

Linux – Windows 10 Linux subsystem ssh-agent not persisting added identities

And am curious to know what is it that makes it a one-time activity on Ubuntu machine and a repeated activity on Windows 10 Linux Subsystem.

Normally, the ssh-agent runs in your session so it does not close earlier than you logout from your account in Linux.

If you use it from WLS and close the (probably) last window, it does reasonable cleanup and probably stops your ssh-agent, which is reasonable and safe to remove sensitive data from memory.

My question is how can we make the ssh-add path/to/identity/file/custom-named action persistent like it happens on actual Ubuntu machine.

Just do not close that window (or leave one opened on background ... it might help too). Or configure ssh to do that step automatically when you use the key for the first time. Just write to your ~/.ssh/config

Host server-you-are-connecting.to
  IdentityFile path/to/identity/file/custom-named
  AddKeysToAgent yes

Best Answer

Related Solutions

Linux – can I share the SSH keys between WSL and Windows

Linux – Windows 10 Linux subsystem ssh-agent not persisting added identities

Related Question