[GTALUG] SSH Hangs

ted leslie ted.leslie at gmail.com
Fri Feb 13 06:35:18 UTC 2015


run tcpdump on your server when you do the outside connect.
you can
tcpdump -i eth0 -n |grep 209.122.208.175
do you don't get a tonne of crap. You may have to change eth0 to what is
appropriate.
also see if you have any iptables odd rules, or any odd routing.

-tl


On Thu, Feb 12, 2015 at 11:22 PM, Dev Guy <devguy.ca at gmail.com> wrote:

> Hi All,
>
> I am having a real nagging problem with ssh. I setup dynamic dns so I
> could I connect to my box from outside.
>
> My basic setup is a router connected to a cable modem.
> I've opened the firewall port 22 tcp/udp on my router.
>
> However he is the problem I am having.
>
> I can ssh into my box from inside my LAN like, ssh 192.168.0.100, works
> fine!
>
> However when I try to ssh using my dynamic dns (or the external IP), ssh
> will hang and never return.
>
> 1) I've tried running my sshd in debug mode and here is the output
> =====(SERVER SIDE)=====
>
> debug1: sshd version OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
> debug1: key_parse_private2: missing begin marker
> debug1: read PEM private key done: type RSA
> debug1: private host key: #0 type 1 RSA
> debug1: key_parse_private2: missing begin marker
> debug1: read PEM private key done: type DSA
> debug1: private host key: #1 type 2 DSA
> debug1: key_parse_private2: missing begin marker
> debug1: read PEM private key done: type ECDSA
> debug1: private host key: #2 type 3 ECDSA
> debug1: private host key: #3 type 4 ED25519
> debug1: rexec_argv[0]='/usr/sbin/sshd'
> debug1: rexec_argv[1]='-d'
> Set /proc/self/oom_score_adj from 0 to -1000
> debug1: Bind to port 22 on 0.0.0.0.
> Server listening on 0.0.0.0 port 22.
> debug1: Bind to port 22 on ::.
> Server listening on :: port 22.
> debug1: Server will not fork when running in debugging mode.
> debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
> debug1: inetd sockets after dupping: 3, 3
> Connection from 192.168.0.1 port 48996 on 192.168.0.100 port 22
>
>
> 2) Here is the ssh verbose output
> =====(CLIENT SIDE)=====
>
> OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to yadav.duckdns.org [209.122.208.175] port 22.
> debug1: Connection established.
> debug3: Incorrect RSA1 identifier
> debug3: Could not load "/home/yadav/.ssh/id_rsa" as a RSA1 public key
> debug1: identity file /home/yadav/.ssh/id_rsa type 1
> debug1: identity file /home/yadav/.ssh/id_rsa-cert type -1
> debug1: identity file /home/yadav/.ssh/id_dsa type -1
> debug1: identity file /home/yadav/.ssh/id_dsa-cert type -1
> debug1: identity file /home/yadav/.ssh/id_ecdsa type -1
> debug1: identity file /home/yadav/.ssh/id_ecdsa-cert type -1
> debug1: identity file /home/yadav/.ssh/id_ed25519 type -1
> debug1: identity file /home/yadav/.ssh/id_ed25519-cert type -1
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-8
>
> As you can see from the server output the connection gets established, but
> then the hang happens and I can't figure out what's going on?
>
> Someone suggested that sshd might be trying to do a reverse lookup and to
> add,
>
> 'UseDNS no'
>
> to /etc/ssh/sshd_config and restarting the daemon. This didn't work!
>
> Any ideas? I can't seem to find anything for my particular problem on the
> Internet.
>
> ---
> Talk Mailing List
> talk at gtalug.org
> http://gtalug.org/mailman/listinfo/talk
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20150213/eb4e333e/attachment.html>


More information about the talk mailing list