Yes, DEBUG3. The trace from a working client and a non-working client are identical, except that the non-working one stops when it gets to the point of waiting to receive the key from the client.
ssh -vvvv on the client sides hangs at "key sent"... On 2014-10-06 11:36, Derek Murawsky wrote: > Have you run the server(s) with debugging turned up? If you're seeing this > regularly, it might make sense to run with debug logging for a week and see > what your server is seeing. Have all your clients retry with debugging up as > well, and then compare notes next time this happens. > At a guess, it sounds almost like sshd is hanging. Otherwise it should close > out on its own after about 30-90 seconds from a TCP timeout. > -D > > On Mon, Oct 6, 2014 at 12:41 PM, Yves Dorfsman <[email protected] > <mailto:[email protected]>> wrote: > > > We've run into this weird AWS issue 3 times now in a week, never seen it > before: > > A Linux instance becomes unreachable via ssh from some ip addresses. If > you > try to ssh from those addresses, it just hangs, for ever, until to ctrl-c > out > of it. Yet you can ssh from other ip addresses without any problem. > > The ip addresses that work and that don't seem random, some are outside > AWS, > some inside, even on the same subnet. When we run in DEBUG3 mode, we see > that > the client sent it's key, while the server waits for the said key, and > sits > there waiting. The few similar issues (ssh hanging at key exchange) we > found > when googling were solved by changing MTU! > > The only resolution we have found so far is to stop/start the instance > and get > a new ip (tbh, we haven't tried to just reboot). > > Has anybody run into this? Any idea what's going on? > > -- > Yves. > _______________________________________________ > Tech mailing list > [email protected] <mailto:[email protected]> > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > > > > > _______________________________________________ > Tech mailing list > [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > -- Yves. _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
