Re: FC6 ssh times out to one particular host



chris@xxxxxxxxxxxxxxxx wrote:
I have just migrated from using a Solaris box as my work system to
having Fedora Core 6 on my desktop PC.

I have a number of ssh 'pinholes' in the company firewall to let
me connect to external systems. These are to four external systems
and from the Solaris system they all work still. From the new FC6
system they all work *except* for the one to my home system. Thus
the basics of ssh security etc. would seem to be OK.
[...]
Can anyone suggest any reason for this problem and how to fix it? I'm
stumped.

You could try turning of TCP window scaling on the client side ("echo 0 > /proc/sys/net/ipv4/tcp_window_scaling". If your firewall gets it wrong then you might see odd errors like this.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.



Relevant Pages

  • Re: 5.2p1 no longer sets DISPLAY
    ... client ssh is still 3.9p1 and sshd_config is the same). ... what's happening is that the OS is asked for a list of addresses for localhost and is returning a list that includes the inet6 address, however attempting to bind to it fails. ... Previously sshd would ignore this failure, but that allows third parties to bind to inet6 ports in the X11 forwarding range and potentially hijack X connections. ... Good judgement comes with experience. ...
    (SSH)
  • Re: need rhosts rsa help
    ... >I'm having problems getting RhostsRSAAuthentication working on OpenSSH ... It appears from the client log that it's not even attempting ... Since you're using SSHv1 you need to make the "ssh" binary setuid root ... Good judgement comes with experience. ...
    (comp.security.ssh)
  • Re: sftp problems with 3.9 on HP
    ... >ChallengeResponseAuthentication also set to yes that ssh connects just ... $ ssh -v -s sshserver sftp ... against is not in the system's default library search path (ie ... Good judgement comes with experience. ...
    (comp.security.ssh)
  • Re: SSH Advice
    ... Documentation seems a little scarce so any advice, tips, links, ... but that's still a compatibility layer. ... free native SSH servers for Windows. ... Good judgement comes with experience. ...
    (comp.security.ssh)
  • Re: Restrict account to scp only to user directory.
    ... Although they can't rename anything. ... command over ssh the way it's setup. ... > Good judgement comes with experience. ...
    (comp.security.ssh)