Re: ssh login problem from one particular client
On Thu, Jan 30, 2014 at 12:27:30PM -0200, André Nunes Batista wrote: On Wed, 2014-01-29 at 13:47 -0600, Craig L. wrote: On Thu, Jan 23, 2014 at 02:07:08PM -0600, Craig L. wrote: This appears to be a problem with an ASA firewall appliance and is being looked at by our network team and the vendor. I will be happy to provide more information if I ever get it. Sorry to have dropped you out Craig, my next sugestion would have been to configure iptables logging rules and maybe run some packet sniffer such as wireshark. But from afar it is difficult to give blind hints. Please do report your findings, so we can all learn. Thanks André, but no apology needed. I have been pretty much out of the loop on this here. I only have some vague information that the vendor's developers are involved and looking into why the device configuration that worked on the previous equipment seems to cause problems on the newer equipment. In the meantime our network services department has implemented several bypass rules and everything has been working well for all end-users that I have been in touch with. I will provide additional information if I happen to get any, but it looks like I am not likely to. -- André N. Batista GNUPG/PGP KEY: 6722CF80 -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140219210022.ga25...@prod1.getsouthern.com
Re: ssh login problem from one particular client
Craig L. cr...@gtek.biz wrote: When I tried to reconnect, it took almost 60 seconds for the password prompt to show up. It's probably trying to lookup rDNS for your IP address. Reverse lookups are controlled by a parameter in the sshd_config file. Chris -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/ospvraxvcl@news.roaima.co.uk
Re: ssh login problem from one particular client
On Wed, 2014-01-29 at 13:47 -0600, Craig L. wrote: On Thu, Jan 23, 2014 at 02:07:08PM -0600, Craig L. wrote: I have a couple of VMs running on a remote server: one with an older version of Ubuntu, and one running wheezy. I have an ssh tunnel with X forwarding set up so that I can access the machines from my system as localhost (ssh -p 48828 user@localhost and ssh -p 48829 user@localhost). Yesterday I opened Firefox on the Ubuntu box and was dragging the window to move it, when it suddenly disappeared. In my connection terminal the message write failed, broken pipe appeared, and the connection to the remote server was gone. When I tried to reconnect, it took almost 60 seconds for the password prompt to show up. Ever since then this problem occurs from my machine to either of the VMs. I can ssh into the host server and from there ssh into either VM, and I get a password prompt immediately. Today I fired up a VM on my local machine, created the tunnel through the server to one of the remote VMs, and tried to ssh in. The password prompt appeared immediately. In all cases, once I log in everything responds immediately as expected. It is just the login prompt that is a problem. The remote machines all have UseDNS = no set, and everything has worked fine for several months until this problem yesterday. So it looks like the problem is something that has changed on my local machine, but I have no idea what, or where to begin. We have been having intermittent network issues between here and the building that houses the remote server, and that is probably what caused the initial connection loss. But I wouldn't think severing a connection would cause this subsequent problem. Since the server is on a remote VM I don't think I can ssh in and then run the server in the foreground to watch it run, can I? I have checked the logs on both ends, but nothing looks abnormal to me. The only thing I have not tried is rebooting my machine, but that's so windows and probably not necessary. So I've turned to y'all for a clue as to how to troubleshoot this issue. This appears to be a problem with an ASA firewall appliance and is being looked at by our network team and the vendor. I will be happy to provide more information if I ever get it. Sorry to have dropped you out Craig, my next sugestion would have been to configure iptables logging rules and maybe run some packet sniffer such as wireshark. But from afar it is difficult to give blind hints. Please do report your findings, so we can all learn. -- André N. Batista GNUPG/PGP KEY: 6722CF80 signature.asc Description: This is a digitally signed message part
Re: ssh login problem from one particular client
On Thu, Jan 23, 2014 at 02:07:08PM -0600, Craig L. wrote: I have a couple of VMs running on a remote server: one with an older version of Ubuntu, and one running wheezy. I have an ssh tunnel with X forwarding set up so that I can access the machines from my system as localhost (ssh -p 48828 user@localhost and ssh -p 48829 user@localhost). Yesterday I opened Firefox on the Ubuntu box and was dragging the window to move it, when it suddenly disappeared. In my connection terminal the message write failed, broken pipe appeared, and the connection to the remote server was gone. When I tried to reconnect, it took almost 60 seconds for the password prompt to show up. Ever since then this problem occurs from my machine to either of the VMs. I can ssh into the host server and from there ssh into either VM, and I get a password prompt immediately. Today I fired up a VM on my local machine, created the tunnel through the server to one of the remote VMs, and tried to ssh in. The password prompt appeared immediately. In all cases, once I log in everything responds immediately as expected. It is just the login prompt that is a problem. The remote machines all have UseDNS = no set, and everything has worked fine for several months until this problem yesterday. So it looks like the problem is something that has changed on my local machine, but I have no idea what, or where to begin. We have been having intermittent network issues between here and the building that houses the remote server, and that is probably what caused the initial connection loss. But I wouldn't think severing a connection would cause this subsequent problem. Since the server is on a remote VM I don't think I can ssh in and then run the server in the foreground to watch it run, can I? I have checked the logs on both ends, but nothing looks abnormal to me. The only thing I have not tried is rebooting my machine, but that's so windows and probably not necessary. So I've turned to y'all for a clue as to how to troubleshoot this issue. This appears to be a problem with an ASA firewall appliance and is being looked at by our network team and the vendor. I will be happy to provide more information if I ever get it. Thanks, Craig -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140123200708.ga10...@prod1.getsouthern.com -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140129194706.ga3...@prod1.getsouthern.com
Re: ssh login problem from one particular client
On Thu, Jan 23, 2014 at 09:20:09PM -0200, André Nunes Batista wrote: On Thu, 2014-01-23 at 14:07 -0600, Craig L. wrote: When I tried to reconnect, it took almost 60 seconds for the password prompt to show up. Ever since then this problem occurs from my machine to either of the VMs. I can ssh into the host server and from there ssh into either VM, and I get a password prompt immediately. Today I fired up a VM on my local machine, created the tunnel through the server to one of the remote VMs, and tried to ssh in. The password prompt appeared immediately. In all cases, once I log in everything responds immediately as expected. It is just the login prompt that is a problem. The remote machines all have UseDNS = no set, and everything has worked fine for several months until this problem yesterday. nmap -sS -P0 -v --traceroute -sV -R -p$PORTNUM $server_ip is what I'd do first. Try this same command from a couple of different networks and see if there is some kind of unusual machine in your way. Maybe change the key + machine used in the reverse connection and test to see if problem persists? Hi Andre, and thanks for the suggestion. As far as I can tell, there is nothing abnormal and this[1] shows a single device between me and the server, possibly the switch in the closet down the hall? I know there is a switch in the server room as well so there should be at least two devices showing up between here and there, unless one has been removed (highly unlikely). I can get that information if need be. I haven't engaged our network team since this is a particular problem involving a single protocol on a single box). I also wouldn't suspect something unusual in the network since the VM on my desktop has no problems, just the desktop itself. FWIW, the network traffic to and from my desktop has been dropping out like crazy today, but my local VM doesn't seem to be experiencing any issues. I am composing this on the remote VM through a connection from the local VM with no problems. This is really strange because any physical problems would obviously affect the local VM just as much as the machine it is running on. -- André N. Batista GNUPG/PGP KEY: 6722CF80 [1] (names changed to protect privacy) sudo nmap -sS -P0 -v --traceroute -sV -R -p22 server.example.com Starting Nmap 6.00 ( http://nmap.org ) at 2014-01-24 07:55 CST NSE: Loaded 17 scripts for scanning. Initiating SYN Stealth Scan at 07:55 Scanning server.example.com (172.22.10.206) [1 port] Discovered open port 22/tcp on 172.22.10.206 Completed SYN Stealth Scan at 07:55, 0.10s elapsed (1 total ports) Initiating Service scan at 07:55 Scanning 1 service on server.example.com (172.22.10.206) Completed Service scan at 07:55, 0.01s elapsed (1 service on 1 host) Initiating Traceroute at 07:55 Completed Traceroute at 07:55, 0.02s elapsed Initiating Parallel DNS resolution of 2 hosts. at 07:55 Completed Parallel DNS resolution of 2 hosts. at 07:55, 0.00s elapsed NSE: Script scanning 172.22.10.206. Nmap scan report for server.example.com (172.22.10.206) Host is up (0.00045s latency). PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.3 (protocol 2.0) TRACEROUTE (using port 22/tcp) HOP RTT ADDRESS 1 0.36 ms tez-r-gw.fw.example.com (10.2.16.1) 2 0.49 ms server.example.com (172.22.10.206) Read data files from: /usr/bin/../share/nmap Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 0.40 seconds Raw packets sent: 11 (484B) | Rcvd: 11 (496B) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140124143058.ga10...@prod1.getsouthern.com
ssh login problem from one particular client
I have a couple of VMs running on a remote server: one with an older version of Ubuntu, and one running wheezy. I have an ssh tunnel with X forwarding set up so that I can access the machines from my system as localhost (ssh -p 48828 user@localhost and ssh -p 48829 user@localhost). Yesterday I opened Firefox on the Ubuntu box and was dragging the window to move it, when it suddenly disappeared. In my connection terminal the message write failed, broken pipe appeared, and the connection to the remote server was gone. When I tried to reconnect, it took almost 60 seconds for the password prompt to show up. Ever since then this problem occurs from my machine to either of the VMs. I can ssh into the host server and from there ssh into either VM, and I get a password prompt immediately. Today I fired up a VM on my local machine, created the tunnel through the server to one of the remote VMs, and tried to ssh in. The password prompt appeared immediately. In all cases, once I log in everything responds immediately as expected. It is just the login prompt that is a problem. The remote machines all have UseDNS = no set, and everything has worked fine for several months until this problem yesterday. So it looks like the problem is something that has changed on my local machine, but I have no idea what, or where to begin. We have been having intermittent network issues between here and the building that houses the remote server, and that is probably what caused the initial connection loss. But I wouldn't think severing a connection would cause this subsequent problem. Since the server is on a remote VM I don't think I can ssh in and then run the server in the foreground to watch it run, can I? I have checked the logs on both ends, but nothing looks abnormal to me. The only thing I have not tried is rebooting my machine, but that's so windows and probably not necessary. So I've turned to y'all for a clue as to how to troubleshoot this issue. Thanks, Craig -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140123200708.ga10...@prod1.getsouthern.com
Re: ssh login problem from one particular client
On Thu, 2014-01-23 at 14:07 -0600, Craig L. wrote: I have a couple of VMs running on a remote server: one with an older version of Ubuntu, and one running wheezy. I have an ssh tunnel with X forwarding set up so that I can access the machines from my system as localhost (ssh -p 48828 user@localhost and ssh -p 48829 user@localhost). Yesterday I opened Firefox on the Ubuntu box and was dragging the window to move it, when it suddenly disappeared. In my connection terminal the message write failed, broken pipe appeared, and the connection to the remote server was gone. When I tried to reconnect, it took almost 60 seconds for the password prompt to show up. Ever since then this problem occurs from my machine to either of the VMs. I can ssh into the host server and from there ssh into either VM, and I get a password prompt immediately. Today I fired up a VM on my local machine, created the tunnel through the server to one of the remote VMs, and tried to ssh in. The password prompt appeared immediately. In all cases, once I log in everything responds immediately as expected. It is just the login prompt that is a problem. The remote machines all have UseDNS = no set, and everything has worked fine for several months until this problem yesterday. So it looks like the problem is something that has changed on my local machine, but I have no idea what, or where to begin. We have been having intermittent network issues between here and the building that houses the remote server, and that is probably what caused the initial connection loss. But I wouldn't think severing a connection would cause this subsequent problem. Since the server is on a remote VM I don't think I can ssh in and then run the server in the foreground to watch it run, can I? I have checked the logs on both ends, but nothing looks abnormal to me. The only thing I have not tried is rebooting my machine, but that's so windows and probably not necessary. So I've turned to y'all for a clue as to how to troubleshoot this issue. Thanks, Craig nmap -sS -P0 -v --traceroute -sV -R -p$PORTNUM $server_ip is what I'd do first. Try this same command from a couple of different networks and see if there is some kind of unusual machine in your way. Maybe change the key + machine used in the reverse connection and test to see if problem persists? -- André N. Batista GNUPG/PGP KEY: 6722CF80 signature.asc Description: This is a digitally signed message part
