remote login suddenly not working? - SSH

This is a discussion on remote login suddenly not working? - SSH ; I have a machine in my company's data center I've accessed via SSH for a couple years. Yesterday my remote ssh connection stopped working. I could connect to the box, enter my username and password and the screen would just ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: remote login suddenly not working?

  1. remote login suddenly not working?

    I have a machine in my company's data center I've accessed via SSH for
    a couple years. Yesterday my remote ssh connection stopped working. I
    could connect to the box, enter my username and password and the screen
    would just hang and eventually return a connection terminated
    notification.

    We went to the actual box and got console access - no problems with any
    accounts, and tested ssh to localhost - no problems. Reviewing the logs
    we could see our incoming connection requests in the system logs with
    the following error:

    sshd [ xxxxx ] FAIL authentication timeout connection xxx.xxx.xxx.xxx (
    or something similar ).

    So it looks like the first request is received by the box because the I
    can attempt to log on, but the login credentials are not making their
    way back.

    We have stopped and restarted SSH several times, checked the hosts
    allowed files, but we can ssh to localhost and can reach the box with
    the connection attempt.

    This is a NATed address only accessible from our network. The external
    addresses for the web server seem to be running fine.

    Any ideas? The timeout makes me think it could be a firewall issue, but
    I am far from an expert.

    thanks - John


  2. Re: remote login suddenly not working?

    On 2006-06-10, john.n.mclaughlin@gmail.com wrote:
    > I have a machine in my company's data center I've accessed via SSH for
    > a couple years. Yesterday my remote ssh connection stopped working. I
    > could connect to the box, enter my username and password and the screen
    > would just hang and eventually return a connection terminated
    > notification.
    >
    > We went to the actual box and got console access - no problems with any
    > accounts, and tested ssh to localhost - no problems. Reviewing the logs
    > we could see our incoming connection requests in the system logs with
    > the following error:
    >
    > sshd [ xxxxx ] FAIL authentication timeout connection xxx.xxx.xxx.xxx (
    > or something similar ).
    >
    > So it looks like the first request is received by the box because the I
    > can attempt to log on, but the login credentials are not making their
    > way back.
    >
    > We have stopped and restarted SSH several times, checked the hosts
    > allowed files, but we can ssh to localhost and can reach the box with
    > the connection attempt.
    >
    > This is a NATed address only accessible from our network. The external
    > addresses for the web server seem to be running fine.


    Sounds like this:
    http://www.snailbook.com/faq/mtu-mismatch.auto.html

    If it's worked for a while and it's stopped working with no changes on the
    server then I would bet there's been network changes. Even relatively
    subtle changes such as changing the encaps type on a link can trigger
    this kind of problem.

    Since you seem to have (out of band?) console access, you can confirm
    this pretty easily: start a login attempt via ssh, then at the console
    run "netstat" and identify the new SSH connection. On most platforms
    there is a "SendQ" column, and if the corresponding connection's SendQ
    is non-zero and keeps growing then the above is almost certainly your
    problem. (You can do the same check on the client side, too.)

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

  3. Re: remote login suddenly not working?

    john.n.mclaughlin@gmail.com schrieb:
    > I have a machine in my company's data center I've accessed via SSH for
    > a couple years. Yesterday my remote ssh connection stopped working. I
    > could connect to the box, enter my username and password and the screen
    > would just hang and eventually return a connection terminated
    > notification.
    >
    > We went to the actual box and got console access - no problems with any
    > accounts, and tested ssh to localhost - no problems. Reviewing the logs
    > we could see our incoming connection requests in the system logs with
    > the following error:
    >
    > sshd [ xxxxx ] FAIL authentication timeout connection xxx.xxx.xxx.xxx (
    > or something similar ).
    >
    > So it looks like the first request is received by the box because the I
    > can attempt to log on, but the login credentials are not making their
    > way back.
    >
    > We have stopped and restarted SSH several times, checked the hosts
    > allowed files, but we can ssh to localhost and can reach the box with
    > the connection attempt.
    >
    > This is a NATed address only accessible from our network. The external
    > addresses for the web server seem to be running fine.
    >
    > Any ideas? The timeout makes me think it could be a firewall issue, but
    > I am far from an expert.
    >
    > thanks - John
    >


    I have seen similar problems with routing problems with serveral
    networks (packets going back on other route), ssh seems to have problems
    with split routes. In your case I suppose a default route to the
    external net an you want to come in to a internal interface.

  4. Re: remote login suddenly not working?

    john.n.mclaughlin@gmail.com wrote:
    > I have a machine in my company's data center I've accessed via SSH for
    > a couple years. Yesterday my remote ssh connection stopped working. I
    > could connect to the box, enter my username and password and the screen
    > would just hang and eventually return a connection terminated
    > notification.


    Check with your network administrator. Ask if any firewall rules have
    changed.

  5. Re: remote login suddenly not working?

    On 2006-06-12, Wolfgang wrote:
    > I have seen similar problems with routing problems with serveral
    > networks (packets going back on other route), ssh seems to have problems
    > with split routes.


    Actually, SSH-the-protocol has no particular problems with asymmetric
    routes (which seems to be what you're describing), but it is particularly
    intolerant of broken networks.

    The key exchange at the beginning of the protocol tends to generate
    packets big enough to reach MTU/MSS sizes in both directions, so if you
    have packet fragmentation on the path it will expose any latent problems
    with firewalls or NAT devices have with fragmented packets.

    The MAC (message authentication code) ensures that any changes to the
    payload of the packets during transit are detected (whether they happen
    on the wire, in router buffers or NIC drivers).

    Other protocols may not reach these limits (eg telnet tends to be little
    packets in on or both directions) and may not detect changes to the
    payloads in transit.

    --
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

  6. Re: remote login suddenly not working?

    Knowledge is Power.

    to find out more :

    http://ekosway.notlong.com
    http://kosway.notlong.com


    Become Independent Business Owner under : http://kosway.notlong.com
    And You can also Shopping here (Shopper ID) : http://kosway.notlong.com


    Dear Friends,
    You may be thinking and saying to yourself "This is another one of those
    junk
    mails and scans flooding the internet to prey on unsuspecting people."
    Maybe
    you are correct and maybe you should delete this message instead of reading
    further.

    However, this message that I bring may be different.It may be true
    e-business or e-commerce, governments all over the world are striving to be
    players in it. Perhaps you are going to miss out on this great opportunity
    to succeed and to become rich.

    What I have to share with you is nothing new,but it is new in another
    way.Let me explain. Everyone has heard about Cosway.If you haven't please
    look it up in the Kuala Lumpur Stock Exchange where it is listed.It is
    owned
    by The Berjaya Group.It has been in existence in Malaysia for 20 years.It
    is
    a Discount Club with branches in Indonesia, Brazil, The Philipines, Brunei,
    Mexico and Thailand etc.It is now going global through e-commerce in
    partnership with Softbank Corp of Japan and Mol.com to set up the the
    Company known as eCosway.com.


    You can be resting, playing, sleeping or praying as your eCosway
    business gallops along 24 hours a day and 365 days a year throughout the
    world. Imagine this ! This is e-commerce at its best.

    If you're already having fun, making money and making your dreams come true.
    How long will it last? Is there any chance that your income stream will dry
    up tomorrow?
    If so, it might be worth taking a closer look at a supplemental income
    stream. Sure,
    it will take a little bit of your time, but isn't it worth it if you can
    ensure that
    your lifestyle continues the way it is, or gets even better? eCosway can be
    a great
    back-up system and it can be done in so many ways--surely there is at least
    one
    that suits your current situation.



    OPPORTUNITY KNOCKS ON EVERY MAN'S DOOR, BUT ONCE.
    IS IT KNOCKING ON YOUR DOOR NOW? WILL YOU OPEN YOUR DOOR?
    THE DECISION IS YOURS.






+ Reply to Thread