Re: Using putty to debug ssh through a firewall

On Aug 30, 5:33 pm, p...@xxxxxxxxxxxx (Per Hedeland) wrote:
In article <1188489286.280801.72...@xxxxxxxxxxxxxxxxxxxxxxxxxxx>



NightStrike <nightstr...@xxxxxxxxx> writes:
On Aug 23, 5:18 pm, NightStrike <nightstr...@xxxxxxxxx> wrote:
On Aug 20, 6:30 am, "Richard E. Silverman" <r...@xxxxxxxx> wrote:

"NS" == NightStrike <nightstr...@xxxxxxxxx> writes:

NS> On Aug 18, 9:46 am, Jacob Nevins <jac...@xxxxxxxxxxxxxxxxxxxxxx>
NS> wrote:
>> NightStrike <nightstr...@xxxxxxxxx> writes: >I currently use ssh to
>> access things outside of a firewall. [...] >debug1:
>> SSH2_MSG_KEXINIT sent

>> >And it just hangs there until the connection times out. Any ideas
>> on >what might be causing a hang at that stage?

>> KEXINIT messages can be quite large. Guess: could it be
>> <http://www.snailbook.com/faq/mtu-mismatch.auto.html>?

NS> It's possible, but I don't think so. I will post tomorrow similar
NS> information but where I force SSH v1 protocol. There will be a
NS> similar hanging point. What would be a good tool to use to see if
NS> a KEXINIT message is in fact being transmitted, however slowly?

Wireshark will show you this, as that portion of the protocol is not yet
encrypted.

Wireshark is a very handy tool. It shows me trying to send the
KEXINIT message over and over again as a TCP Resend.- Hide quoted text -

Are there any futher suggestions?

Why? Your observation seems like a perfect match for the problem
described at the page above. Did you do any further investigation along
those lines, e.g. trying the workaround described at that page?

--Per Hedeland
p...@xxxxxxxxxxxx

Just for the record, I did try numerous MTU configurations to no
avail. Also, note that the page mentions that logging in should be
ok, whereas the issue should manifest itself when transmitted large
files or some such thing.

.

Relevant Pages