error conditions

From: Alisdair Odd (aodd@mariahpower.com)
Date: 01/16/03

  • Next message: Joe England: "ssh under windows"
    From: Alisdair Odd <aodd@mariahpower.com>
    To: secureshell@securityfocus.com
    Date: 16 Jan 2003 13:35:28 -0700
    
    

    Hi
            I am trying to connect to a computer with ssh. It is a very remote box
    on a network the we get using a sattelite connection. OpenSSH was
    installed and was working, we (colleagues of mine and I) could ssh to
    the box, it just took up to a few seconds to connect. However we
    started to get "Connection reset by peer" errors, and we no longer got
    the login prompt, for no apparent reason (we didn't change anything on
    the box) except it seemed to degrage over time. After trying to ssh
    unsuccessfully a number of time, now we don't even get error messages.
    I have to try and figure out what is going on, I am not however an ssh
    or networking expert.
            We can ping the ip address of the box however which leads me to believe
    this may not be a purely network problem.
              
            One of the causes of this problem is the it is on a distant (in terms
    of response times) and somewhat unreliable network. How might this
    affect ssh?
            As far as I know the ssh server should be started and responding, but
    it isn't.
            The only other cause I can think of may be that the disk on the box is
    filled by log files, since it has a very small disc (the disc has been
    full before, but it didn't crash ssh though). If a disk is full will
    ssh fail if it can't write a key to a file?

            Does anyone have any idea what might be going on? Are there any
    parameters for ssh I could play with that might improve the situation?
    Are there any ways I might be able to easily duplicate the problem for
    testing purpose?
            Any tips or general hints would be appreciated, mentioning useful
    packages or commands. I can read man pages and am looking through the
    mailing archive ;^).
                    Thanks in advance
                            Al
                             



    Relevant Pages

    • Re: [fw-wiz] Is NAT in OpenBSD PF UPnP enabled or Non UPnP?
      ... >> I start by not giving logins and SSH access to users I don't trust. ... a network topology which goes around the ... >> firewall and thus is a serious hole to network security. ... >> have access via UPnP to, well, anything that device might happen to ...
      (Firewall-Wizards)
    • Re: Security Breached
      ... I have a typical home network that looks like this: ... on both the DMZ and port forward questions. ... I have the vnc port blocked at the router so I presumed it was safe to ... they done it port forwarding over SSH (if your assumption of only SSH ...
      (alt.computer.security)
    • Re: Questions on some wierd /var/log entries
      ... How do I find out if I'm on an ipv6 network? ... That is because I prefer using iptables directly. ... then you should start learning about its firewall ... Another important restriction for ssh is to authenticate by certificate ...
      (comp.os.linux.misc)
    • Re: use ipchains to block all ports > 60,000
      ... Now what version of ssh is ... Put the suggested hub between the box and the internet, ... >> By temporarily breaking the network connection and inserting a hub ... evidence of users you know not of appearing on ...
      (comp.os.linux.security)
    • Re: "Dont panic"?
      ... > I'm not sure what you mean by "public access through ssh". ... But I don't think reporting port scans is a clear win for anyone. ... >> port scan reports back to an ISP a lot of people time and network bandwidth ...
      (comp.security.ssh)