Re: Connection Problem - Debian to Freebsd

• Previous message: Bill Unruh: "Re: PuTTY: Server refused our public key"
• In reply to: Darren Tucker: "Re: Connection Problem - Debian to Freebsd"
• Next in thread: Martin: "Re: Connection Problem - Debian to Freebsd"
• Reply: Martin: "Re: Connection Problem - Debian to Freebsd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 28 Aug 2003 09:49:06 +0950

$author = "Darren Tucker <dtucker@dodgy.net.au>" ;
>
> Now it really sounds like that's it. You changed the MTU of the machine
> behind the ADSL, not the ADSL itself? I can't see how that would cause
> the ADSL itself to be unstable.

neither can i, but the problem went away when i restored the MTU of all the
ethernet interfaces. coincidence?

>>note: i can ssh from my mac, so i don't think it's an MTU problem, unless
>>mac's use a smaller MTU.
>
> I don't know Macs, but you said you're using password authentication and
> that generally produces smaller packets during authentication.

well, trying password authentication from any of the debian machines (by
logging in as a different user without keys in .ssh) doesn't work.

i think it might be a problem with either protocol negotiation or host key
exchange as taking down the daemon and putting it in debug mode, a login
attempt from one of the debian machines only goes this far:

------------------------------
# /usr/sbin/sshd -d -d -d
debug1: sshd version OpenSSH_3.4p1 FreeBSD-20020702
debug1: private host key: #0 type 0 RSA1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 150.101.120.75 port 3140
------------------------------

before hanging while a login attempt from the mac results in full host key
exchange and a successful login:

------------------------------
# /usr/sbin/sshd -d -d -d
debug1: sshd version OpenSSH_3.4p1 FreeBSD-20020702
debug1: private host key: #0 type 0 RSA1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 150.101.126.76 port 2980
debug1: Client protocol version 2.0; client software version lsh_1.2 lsh - a free ssh2 on MacOS9
debug1: no match: lsh_1.2 lsh - a free ssh2 on MacOS9
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.4p1 FreeBSD-20020702
debug1: list_hostkey_types: ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,spki-sign-rsa,spki-sign-dss
debug2: kex_parse_kexinit: 3des-cbc,twofish-cbc,cast128-cbc,serpent-cbc@lysator.liu.se,rijndael-cbc@lysator.liu.se,blowfish-cbc,arcfour
debug2: kex_parse_kexinit: 3des-cbc,twofish-cbc,cast128-cbc,serpent-cbc@lysator.liu.se,rijndael-cbc@lysator.liu.se,blowfish-cbc,arcfour
debug2: kex_parse_kexinit: hmac-md5
debug2: kex_parse_kexinit: hmac-md5
debug2: kex_parse_kexinit: zlib
debug2: kex_parse_kexinit: zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server 3des-cbc hmac-md5 zlib
debug2: mac_init: found hmac-md5
debug1: kex: server->client 3des-cbc hmac-md5 zlib
debug1: dh_gen_key: priv key bits set: 192/384
debug1: bits set: 508/1024
debug1: expecting SSH2_MSG_KEXDH_INIT
debug1: bits set: 496/1024
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: Enabling compression at level 6.
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug3: Trying to reverse map address 150.101.126.76.
debug1: userauth-request for user marty service ssh-connection method publickey
debug1: attempt 0 failures 0
debug2: input_userauth_request: setting up authctxt for marty
debug1: Starting up PAM with username "marty"
debug1: PAM setting rhost to "ppp126-76.lns1.syd3.internode.on.net"
debug2: input_userauth_request: try method publickey
debug1: test whether pkalg/pkblob are acceptable
debug1: trying public key file /home/marty/.ssh/authorized_keys
debug3: secure_filename: checking '/usr/home/marty/.ssh'
debug3: secure_filename: checking '/usr/home/marty'
debug3: secure_filename: terminating check at '/usr/home/marty'
debug1: restore_uid
debug2: key not found
debug1: trying public key file /home/marty/.ssh/authorized_keys2
debug1: restore_uid
debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss
Failed publickey for marty from 150.101.126.76 port 2980 ssh2
debug1: userauth-request for user marty service ssh-connection method publickey
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method publickey
debug2: key_type_from_name: unknown key type 'spki-sign-dss'
userauth_pubkey: unsupported public key algorithm: spki-sign-dss
debug2: userauth_pubkey: authenticated 0 pkalg spki-sign-dss
Failed publickey for marty from 150.101.126.76 port 2980 ssh2
debug1: userauth-request for user marty service ssh-connection method password
debug1: attempt 2 failures 2
debug2: input_userauth_request: try method password
debug1: PAM Password authentication accepted for user "marty"
debug2: pam_acct_mgmt() = 0
Accepted password for marty from 150.101.126.76 port 2980 ssh2
debug1: Entering interactive session for SSH2.
debug1: fd 3 setting O_NONBLOCK
debug1: fd 7 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 10000 max 32668
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/ttypf
debug3: tty_parse_modes: SSH2 n_bytes 231
debug3: tty_parse_modes: 1 3
debug3: tty_parse_modes: 2 28
debug3: tty_parse_modes: 3 127
debug3: tty_parse_modes: 4 21
debug3: tty_parse_modes: 5 4
debug3: tty_parse_modes: 6 0
debug3: tty_parse_modes: 7 0
debug3: tty_parse_modes: 8 17
debug3: tty_parse_modes: 9 19
debug3: tty_parse_modes: 10 26
debug3: tty_parse_modes: 12 18
debug3: tty_parse_modes: 13 23
debug3: tty_parse_modes: 14 22
debug3: tty_parse_modes: 18 21
debug3: tty_parse_modes: 30 0
debug3: tty_parse_modes: 31 0
debug3: tty_parse_modes: 32 0
debug3: tty_parse_modes: 33 0
debug3: tty_parse_modes: 34 0
debug3: tty_parse_modes: 35 0
debug3: tty_parse_modes: 36 1
debug3: tty_parse_modes: 38 1
debug3: tty_parse_modes: 40 0
debug3: tty_parse_modes: 50 1
debug3: tty_parse_modes: 51 1
debug1: Ignoring unsupported tty mode opcode 52 (0x34)
debug3: tty_parse_modes: 53 1
debug3: tty_parse_modes: 54 1
debug3: tty_parse_modes: 55 1
debug3: tty_parse_modes: 56 0
debug3: tty_parse_modes: 57 0
debug3: tty_parse_modes: 58 0
debug3: tty_parse_modes: 59 1
debug3: tty_parse_modes: 60 1
debug3: tty_parse_modes: 61 1
debug3: tty_parse_modes: 62 0
debug3: tty_parse_modes: 70 1
debug1: Ignoring unsupported tty mode opcode 71 (0x47)
debug3: tty_parse_modes: 72 1
debug3: tty_parse_modes: 73 0
debug3: tty_parse_modes: 74 0
debug3: tty_parse_modes: 75 0
debug3: tty_parse_modes: 90 1
debug3: tty_parse_modes: 91 1
debug3: tty_parse_modes: 92 0
debug3: tty_parse_modes: 93 0
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
debug1: PAM setting tty to "/dev/ttypf"
debug1: PAM establishing creds
debug1: fd 4 setting TCP_NODELAY
debug1: Setting controlling tty using TIOCSCTTY.
debug1: channel 0: rfd 9 isatty
debug1: fd 9 setting O_NONBLOCK
debug2: fd 8 is O_NONBLOCK
debug2: channel 0: rcvd adjust 906
debug2: channel 0: rcvd adjust 136
debug1: server_input_channel_req: channel 0 request window-change reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req window-change
debug2: channel 0: rcvd adjust 20
------------------------------

• Previous message: Bill Unruh: "Re: PuTTY: Server refused our public key"
• In reply to: Darren Tucker: "Re: Connection Problem - Debian to Freebsd"
• Next in thread: Martin: "Re: Connection Problem - Debian to Freebsd"
• Reply: Martin: "Re: Connection Problem - Debian to Freebsd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]