Other client connections to the same host work OK, even from ssh
clients on the same subnet as the ssh client that doesn't work.
Similarly the ssh client that hangs in this one particular case can
connect to other ssh host machines. One other Fedora 6 Core client
machine on the same network *does* show the same problem, an Ubuntu
and an older Fedora machine don't show the problem.
The ssh client is OpenSSH_4.3p2 on a Fedora Core 6 installation, the
host it can't connect to is OpenSSH_4.4p1 on a Slackware 11 machine.
Having done a google search for this problem I have tried setting the
MTU to 576 on both client and host, no effect at all. (I simply did
'ifconfig eth0 mtu 576' on both machines as root, is this all that's
needed?)
The client debug reads as follows:-
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/chris/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_4.4
debug1: match: OpenSSH_4.4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer
There's a long (minutes) pause after the SSH2_MSG_KEXINIT sent.
Does anyone have any suggestions as to what might be the problem?
--
Chris Green
Hi there,
I have the same problem, but with open SuSE 10.2.
On the same machine I have windows instalation and it works from there
with putty. Even from windows and VmPlayer with openSuSE 10.2 there is
NO problem connect to one single host.
The connection to other hosts using sshd is ok. Even to windows
servers with copSSH.
I tried change the MTU - it doesn helped.
Here is the client debug:
OpenSSH_4.4p1, OpenSSL 0.9.8d 28 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.4
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
And here it HANGS!!
I tryed putty for linux and the problem persist.
Could this be something with the kernel params?
On suse machines i use different kernels: 2.6.18.2-34-xen, 2.6.18.2-34-
default.
10x to everyone
I am seeing this problem on Debian testing (lenny) with a 2.6.18
kernel. Given the previous comments I'm starting to guess it's
something in 2.6.18. Here is a compiled list so far including my
machines.
Fedora Core 6 -> hangs
2.6.18
OpenSuse 10.2 -> hangs
2.6.18.2-34
Opensuse 10.1 -> works
2.6.16
Xubuntu 7.04 -> works
2.6.20-15.27
OpenSSH_4.3p2 Debian-8ubuntu1, OpenSSL 0.9.8c 05 Sep 2006
Debian Etch -> hangs
2.6.18.dfsg.1-12etch2
OpenSSH_4.3p2 Debian-9, OpenSSL 0.9.8c 05 Sep 2006
Debian Etch -> works
linux-image-2.6.15-1-486
OpenSSH_4.2p1 Debian-5, OpenSSL 0.9.8a 11 Oct 2005
Debian lenny/sid -> hangs
Kernel: 2.6.18.dfsg.1-12etch2
OpenSSH_4.3p2 Debian-9, OpenSSL 0.9.8e 23 Feb 2007
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
Centos 4 -> works
2.6.9-55.EL
OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
In my case I am doing the following:
Workstation A -> Nat -> Internet -> Nat -> Workstation B
The ubuntu, opensuse 10.1, Centos, and the debians following the same
network path.
so What I've done - I'v changed the kernel parameter
net.ipv4.tcp_rmem.
from
net.ipv4.tcp_rmem = 4096 87380 4194304
to
net.ipv4.tcp_rmem = 4096 87380 207520
And it worked...
I made a systl -a > file.1 on FC6 and then syscl -p file.1 on SuSE
10.2 and it worked...then diff and a lot of test...
Hope somebody can tell actually what is the problem.
The machines that I cannot ( now I can ) connect via SSH are behind
BSD firewall ( not supported by our company )....and 16 hops.
I presume that between 2 machines there a network unit which cannot
handle big traffic (may be I'm wrong )....but how to say which one?
I have the same problem.
Have you found any solution not workaround for this?
I also have a BSD system in beetween (with IPSEC).
Regards,
Dawid SQ6EMM
Set the MTU to 1492 or less. See:
http://www.snailbook.com/faq/mtu-mismatch.auto.html
> I also have a BSD system in beetween (with IPSEC).
IPSEC is one of the usual suspects for MTU problems.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.