Re: ssh hangs after authentication

From: Darren Tucker (
Date: 12/02/04

  • Next message: Darren Tucker: "Re: Failed none"
    Date: Thu, 02 Dec 2004 11:49:39 +1100
    To: "R. Holtz" <>

    R. Holtz wrote:
    > For a couple of days I've been trying to allow ssh access to a box in my
    > network from outside (ie over the net). The networks are behind a Smoothwall
    > box and an ADSL router.
    > However, as soon as I try from an external box, ssh hangs after
    > authentication.

    "My SSH session hangs part way through logging on, when I generate a lot
    of output from my shell, try to scp or sftp a file, or attempt to run an
    X11 application. I have a firewall, NAT or packet filter."

    Darren Tucker (dtucker at
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
         Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

  • Next message: Darren Tucker: "Re: Failed none"

    Relevant Pages

    • Re: [fw-wiz] Is NAT in OpenBSD PF UPnP enabled or Non UPnP?
      ... >> I start by not giving logins and SSH access to users I don't trust. ... a network topology which goes around the ... >> firewall and thus is a serious hole to network security. ... >> have access via UPnP to, well, anything that device might happen to ...
    • Re: Security Breached
      ... I have a typical home network that looks like this: ... on both the DMZ and port forward questions. ... I have the vnc port blocked at the router so I presumed it was safe to ... they done it port forwarding over SSH (if your assumption of only SSH ...
    • Re: Questions on some wierd /var/log entries
      ... How do I find out if I'm on an ipv6 network? ... That is because I prefer using iptables directly. ... then you should start learning about its firewall ... Another important restriction for ssh is to authenticate by certificate ...
    • Re: use ipchains to block all ports > 60,000
      ... Now what version of ssh is ... Put the suggested hub between the box and the internet, ... >> By temporarily breaking the network connection and inserting a hub ... evidence of users you know not of appearing on ...
    • Re: "Dont panic"?
      ... > I'm not sure what you mean by "public access through ssh". ... But I don't think reporting port scans is a clear win for anyone. ... >> port scan reports back to an ISP a lot of people time and network bandwidth ...