Re: SSH client (putty) hangs after name/password login
Hello Frank, DNS resolving works fine :-) On the outside (internet) the system can resolve the ip address I am coming from via public DNS servers. TCPDUMP gives me the correct hostname/ipaddress when the logon happens. The resolv.conf has 2 external DNS servers and 1 Internal one for internal resolving. But just to be sure I added my own PC (hostname) into the hosts. file... Ping the name and he resolves ok... makes no differanceremember, if I logon locally (from the LOCAL network that is, not on the console) it works fine. Also, I changed the SSHD.CONF with the useDNS NO parameter. So, it will not try to resolve with that parameter active (at least, thats what it does I think). I have no problem logging in...but after I pressed ENTER on the password...it freezes... PS -X shows me being logged in however... - If this is a MTU issue...then that would not explain that I cannot logon via the Tunnel : MYPC 172.17.21.1 --- VPNBOX (OBSD3.8) =Tunnel== VPNBOX (OBSD3.8) 192.168.80.103 SSHClient SSHD The SSH traffic is then encapsulated into the VPN stream like all other traffic (mainly RDP/ICA) Those other protocols have no problems (and use, i think, much bigger packets then SSH). -Oorspronkelijk bericht- Van: Frank Bax [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 6 februari 2007 15:56 Aan: misc@openbsd.org Onderwerp: Re: SSH client (putty) hangs after name/password login At 09:03 AM 2/6/07, forums wrote: I get the logon prompt, give my name+password and then the SSH just sits there... Nothing happens anymore...(after a while it times out) http://openbsd.org/faq/faq8.html#RevDNS
Re: SSH client (putty) hangs after name/password login
Hello Dag, nohup kill -HUP pid-of-sshd-listener-process should get it for you or if you are really (justifiably) paranoid a little temporary cron that will restart sshd if not running, or in five minutes. Ok, i will first set this up on a test machine... thing is, as logging on from the local LAN gives no problem...will it show anything... ok, we wont know if i dont trace...:-) -Oorspronkelijk bericht- Van: Dag Richards [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 6 februari 2007 17:06 Aan: misc@openbsd.org Onderwerp: Re: SSH client (putty) hangs after name/password login Brian A. Seklecki wrote: Hello Brian, Not quite sure what you mean with pstree...don't know the command and no 'man pstree' on my 3.8 system..? It's in the psmisc/ package Note that I no problems logging into the system while on the local network (doing this via a PC that I remotely manage). When I do a SSH session (via the VPN tunnel) on the INSIDE of the OBSD box, I get the same problem(using the same account). Okay I must be asleep again. I thought we eliminated pf(4) as the problem. Technically if you can negotiate a 3-way handshake and establish the TCP socket, MTU should be a non-issue. What about netstat -s. Anything suspicious (grep -i drop) for sections esp: tcp: ip: icmp: etherip: If you have access via the LAN, what about tcpdump(8) on the tun(4) interface? is not the case locaclly Problem here is that this system is 900Km away...if I would stop the SSHD (so i could Normally I'd say to you Oh you're fine with pkill -HUP sshd; but that's because I'm accustomed to out-of-band management like DRAC and mgetty :} nohup kill -HUP pid-of-sshd-listener-process should get it for you or if you are really (justifiably) paranoid a little temporary cron that will restart sshd if not running, or in five minutes. ~BAS restart it with debug options) I will not be able to reach it anymore :-(
SSH client (putty) hangs after name/password login
Hello, Having a problem for some time now on a OBSD 3.8 machine. When I log with SSH (using putty) into the machine from the local network, all works fine... but when I try to login via the internet (outside) with SSH it wont work. I get the logon prompt, give my name+password and then the SSH just sits there... Nothing happens anymore...(after a while it times out) I read about MTU issues : http://www.snailbook.com/faq/background-jobs.auto.html This is something that I had problems with on this location. The system is used for a VPN (towards a other OBSD 3.8 box). The RDP (terminal server) connections where dropped all the time...something about blackhole routers and MTU sizes. To solve this I placed the following in PF : scrub in all max-mss 1250 no-df scrub out all max-mss 1250 no-df That worked for my RDP sessions...but perhaps this is the reason my SSH login does not work ? Perhapsbut when I disabled the Firewall for a moment (and therefore these settings where not active anymore), to see if it was a Firewall related problem, I still had this problem. I tried the above (see link) but still it won't work... help ! regards Willem
Re: SSH client (putty) hangs after name/password login
I tried the above (see link) but still it won't work... Does the privsep sshd(8) process spawn on the server? Does that spawn a login shell of the associated user? pstree(8) will show. Also, fire up debugging levels? #LogLevel INFO - DEBUG, DEBUG1, DEBUG3 etc. ~BAS help ! regards Willem
Re: SSH client (putty) hangs after name/password login
Hello Brian, Not quite sure what you mean with pstree...don't know the command and no 'man pstree' on my 3.8 system..? But if i look with ps -x | grep sshd I get the following : # ps -x | grep sshd 5245 ?? Is 0:00.33 /usr/sbin/sshd 18310 ?? Is 0:00.08 sshd: user1 [priv] (sshd) 24030 ?? Is 0:00.08 sshd: [accepted] (sshd) I made a connection with putty and the login prompt appears 17255 p0 I+ 0:00.00 grep sshd I logged in with 'user2' : # ps -x | grep sshd 5245 ?? Is 0:00.33 /usr/sbin/sshd 18310 ?? Is 0:00.08 sshd: user1 [priv] (sshd) 24030 ?? Is 0:00.08 sshd: user2 [priv] (sshd) The session is up and running you would say, but it is in fact just hanging Note that I no problems logging into the system while on the local network (doing this via a PC that I remotely manage). When I do a SSH session (via the VPN tunnel) on the INSIDE of the OBSD box, I get the same problem(using the same account). The only differance is that i am going over a MTU changed line...while this is not the case locaclly Problem here is that this system is 900Km away...if I would stop the SSHD (so i could restart it with debug options) I will not be able to reach it anymore :-( -Oorspronkelijk bericht- Van: Brian A. Seklecki [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 6 februari 2007 15:30 Aan: forums CC: misc@openbsd.org Onderwerp: Re: SSH client (putty) hangs after name/password login I tried the above (see link) but still it won't work... Does the privsep sshd(8) process spawn on the server? Does that spawn a login shell of the associated user? pstree(8) will show. Also, fire up debugging levels? #LogLevel INFO - DEBUG, DEBUG1, DEBUG3 etc. ~BAS help ! regards Willem
Re: SSH client (putty) hangs after name/password login
Hello, That was my first guess as well...For that reason I set the option UseDNS NO in the SSHD config file. I would then expect it not to check DNS servers to find the matching hostname. The DNS it uses does know my hostname however, looking into the logs I see my PC name resolved at login time -Oorspronkelijk bericht- Van: Ste Jones [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 6 februari 2007 15:36 Aan: forums Onderwerp: Re: SSH client (putty) hangs after name/password login On 2/6/07, forums [EMAIL PROTECTED] wrote: Hello, Having a problem for some time now on a OBSD 3.8 machine. When I log with SSH (using putty) into the machine from the local network, all works fine... but when I try to login via the internet (outside) with SSH it wont work. I get the logon prompt, give my name+password and then the SSH just sits there... Nothing happens anymore...(after a while it times out) I read about MTU issues : http://www.snailbook.com/faq/background-jobs.auto.html This is something that I had problems with on this location. The system is used for a VPN (towards a other OBSD 3.8 box). The RDP (terminal server) connections where dropped all the time...something about blackhole routers and MTU sizes. To solve this I placed the following in PF : scrub in all max-mss 1250 no-df scrub out all max-mss 1250 no-df That worked for my RDP sessions...but perhaps this is the reason my SSH login does not work ? Perhapsbut when I disabled the Firewall for a moment (and therefore these settings where not active anymore), to see if it was a Firewall related problem, I still had this problem. I tried the above (see link) but still it won't work... help ! regards Willem Sounds like DNS problems to me
Re: SSH client (putty) hangs after name/password login
Hello Brian, Not quite sure what you mean with pstree...don't know the command and no 'man pstree' on my 3.8 system..? It's in the psmisc/ package Note that I no problems logging into the system while on the local network (doing this via a PC that I remotely manage). When I do a SSH session (via the VPN tunnel) on the INSIDE of the OBSD box, I get the same problem(using the same account). Okay I must be asleep again. I thought we eliminated pf(4) as the problem. Technically if you can negotiate a 3-way handshake and establish the TCP socket, MTU should be a non-issue. What about netstat -s. Anything suspicious (grep -i drop) for sections esp: tcp: ip: icmp: etherip: If you have access via the LAN, what about tcpdump(8) on the tun(4) interface? is not the case locaclly Problem here is that this system is 900Km away...if I would stop the SSHD (so i could Normally I'd say to you Oh you're fine with pkill -HUP sshd; but that's because I'm accustomed to out-of-band management like DRAC and mgetty :} ~BAS restart it with debug options) I will not be able to reach it anymore :-(
Re: SSH client (putty) hangs after name/password login
On Tue, 6 Feb 2007, forums wrote: Hello, That was my first guess as well...For that reason I set the option UseDNS NO Yea. When DNS times occur, the login process never completes. In fact, before the prompt appears the timeour occurs. AS
Re: SSH client (putty) hangs after name/password login
16940 [tos 0x10] 16:16:33.008505 myhost.name.com.42282 22.4.remotehost.name.com.ssh: P 784:796(12) ack 474 win 64867 16:16:33.008557 22.4.remotehost.name.com.ssh myhost.name.com.42282: . ack 796 win 16940 [tos 0x10] 16:16:35.930049 22.4.remotehost.name.com.ssh myhost.name.com.42282: P 474:678(204) ack 796 win 16940 [tos 0x10] 16:16:41.862678 myhost.name.com.42282 22.4.remotehost.name.com.ssh: P 784:796(12) ack 474 win 64867 16:16:41.862735 22.4.remotehost.name.com.ssh myhost.name.com.42282: . ack 796 win 16940 [tos 0x10] 16:16:44.721213 myhost.name.com.42282 22.4.remotehost.name.com.ssh: P 796:816(20) ack 474 win 64867 16:16:44.740090 22.4.remotehost.name.com.ssh myhost.name.com.42282: P 678:698(20) ack 816 win 16940 [tos 0x10] ^C 1963 packets received by filter 0 packets dropped by kernel # # Oh you're fine with pkill -HUP sshd; Yes DRAC on my DELL's but no DRAC overthere :-( Thing is, its tricky, when I disabled the pf and later enabled it again, I lost connection. The VPN then drops, and people get kicked out of there session, yelling in there language (which I dont understand luckely :-) -Oorspronkelijk bericht- Van: Brian A. Seklecki [mailto:[EMAIL PROTECTED] Verzonden: dinsdag 6 februari 2007 16:09 Aan: forums CC: misc@openbsd.org Onderwerp: Re: SSH client (putty) hangs after name/password login Hello Brian, Not quite sure what you mean with pstree...don't know the command and no 'man pstree' on my 3.8 system..? It's in the psmisc/ package Note that I no problems logging into the system while on the local network (doing this via a PC that I remotely manage). When I do a SSH session (via the VPN tunnel) on the INSIDE of the OBSD box, I get the same problem(using the same account). Okay I must be asleep again. I thought we eliminated pf(4) as the problem. Technically if you can negotiate a 3-way handshake and establish the TCP socket, MTU should be a non-issue. What about netstat -s. Anything suspicious (grep -i drop) for sections esp: tcp: ip: icmp: etherip: If you have access via the LAN, what about tcpdump(8) on the tun(4) interface? is not the case locaclly Problem here is that this system is 900Km away...if I would stop the SSHD (so i could Normally I'd say to you Oh you're fine with pkill -HUP sshd; but that's because I'm accustomed to out-of-band management like DRAC and mgetty :} ~BAS restart it with debug options) I will not be able to reach it anymore :-(
Re: SSH client (putty) hangs after name/password login
Brian A. Seklecki wrote: Hello Brian, Not quite sure what you mean with pstree...don't know the command and no 'man pstree' on my 3.8 system..? It's in the psmisc/ package Note that I no problems logging into the system while on the local network (doing this via a PC that I remotely manage). When I do a SSH session (via the VPN tunnel) on the INSIDE of the OBSD box, I get the same problem(using the same account). Okay I must be asleep again. I thought we eliminated pf(4) as the problem. Technically if you can negotiate a 3-way handshake and establish the TCP socket, MTU should be a non-issue. What about netstat -s. Anything suspicious (grep -i drop) for sections esp: tcp: ip: icmp: etherip: If you have access via the LAN, what about tcpdump(8) on the tun(4) interface? is not the case locaclly Problem here is that this system is 900Km away...if I would stop the SSHD (so i could Normally I'd say to you Oh you're fine with pkill -HUP sshd; but that's because I'm accustomed to out-of-band management like DRAC and mgetty :} nohup kill -HUP pid-of-sshd-listener-process should get it for you or if you are really (justifiably) paranoid a little temporary cron that will restart sshd if not running, or in five minutes. ~BAS restart it with debug options) I will not be able to reach it anymore :-(
Re: SSH client (putty) hangs after name/password login
At 09:03 AM 2/6/07, forums wrote: I get the logon prompt, give my name+password and then the SSH just sits there... Nothing happens anymore...(after a while it times out) http://openbsd.org/faq/faq8.html#RevDNS
