David Efflandt
07-24-2004, 09:02 PM
On 28 Aug 2003 15:02:22 -0700, Barty <hangierol@yahoo.com> wrote:
> I have a RH8 box, which I am using as a server. If I try
> connecting [both ssh or http] it from another linux machine
> it works perfect.
>
> However, I cannot get connection if I try it from Solaris or
> from Windows. Here is the log of my ssh attempt:
>
> solaris% ssh -v -l myname mymachine.com
> OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090604f
> 5972: debug1: Reading configuration data /etc/ssh_config-3.4
> 5972: debug1: /etc/ssh_config-3.4 line 22: Deprecated option "FallBackToRsh"
> 5972: debug1: /etc/ssh_config-3.4 line 23: Deprecated option "UseRsh"
> 5972: debug1: Rhosts Authentication disabled, originating port will not be trust
> ed.
> 5972: debug1: ssh_connect: needpriv 0
> 5972: debug1: Connecting to mymachine.com [123.45.56] port 22.
> 5972: debug1: Connection established.
> 5972: debug1: identity file /afs/andrew.cmu.edu/usr5/myname/.ssh/identity type -1
>
> At this point it hangs forever. I was not able to get an ssh connection from
> my Windows machine either.
>
> No luck with http either. If I try connecting from non-linux
> [solaris or windows] machine using lynx/netscape/explorer
> then it hangs. From a linux machine it works fine.
If it was just ssh, I would say that maybe permissions were wrong on .ssh
dir or identity file (works best 700/600 respectively).
But since you also have problems with Win ssh client and http for either,
I suspect an mtu path discovery problem. Does anything in the path from
client to server go in through pppoe? If Linux is doing the pppoe, this
should not be a problem. But if some other broadband router is doing
pppoe, you might need to match mtu of the nic on your server with the mtu
of pppoe on the router (ie, mtu 1492 max). I had to match mtu like that
when sending mail directly to an smtp server forwarded to private nic
behind pppoe router.
Note that sshd might depend upon host.allow | hosts.deny settings. What
error do you get from web browsers (or do they endlessly spin)? Can you
telnet to port 80 of server?
I have never had any trouble connecting to OpenSSH in Linux on adsl from
Putty in Windows or Solaris. Although, I do not keep my private keys on
public servers, so Solaris connection was ssh Linux dialup to Solaris, and
then ssh Solaris to Linux using ssh-agent to relay keys. Similarly I
have never had any trouble accessing Linux apache on adsl from Netscape or
wget on Solaris or any Win browsers.
% uname -a
SunOS typhoon 5.9 Generic_112233-07 sun4u sparc SUNW,UltraAX-MP
% wget -S -O /dev/null realhost.no-ip.com
--19:04:46-- http://realhost.no-ip.com:80/
=> `/dev/null'
Connecting to realhost.no-ip.com:80... connected!
HTTP request sent, awaiting response... 200 OK
2 Date: Fri, 29 Aug 2003 00:04:37 GMT
3 Server: Apache/1.3.27 (Linux/SuSE)
4 Connection: close
5 Content-Type: text/html
6
0K -> .
19:04:47 (56.75 KB/s) - `/dev/null' saved [1627]
--
David Efflandt - All spam ignored http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/
> I have a RH8 box, which I am using as a server. If I try
> connecting [both ssh or http] it from another linux machine
> it works perfect.
>
> However, I cannot get connection if I try it from Solaris or
> from Windows. Here is the log of my ssh attempt:
>
> solaris% ssh -v -l myname mymachine.com
> OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090604f
> 5972: debug1: Reading configuration data /etc/ssh_config-3.4
> 5972: debug1: /etc/ssh_config-3.4 line 22: Deprecated option "FallBackToRsh"
> 5972: debug1: /etc/ssh_config-3.4 line 23: Deprecated option "UseRsh"
> 5972: debug1: Rhosts Authentication disabled, originating port will not be trust
> ed.
> 5972: debug1: ssh_connect: needpriv 0
> 5972: debug1: Connecting to mymachine.com [123.45.56] port 22.
> 5972: debug1: Connection established.
> 5972: debug1: identity file /afs/andrew.cmu.edu/usr5/myname/.ssh/identity type -1
>
> At this point it hangs forever. I was not able to get an ssh connection from
> my Windows machine either.
>
> No luck with http either. If I try connecting from non-linux
> [solaris or windows] machine using lynx/netscape/explorer
> then it hangs. From a linux machine it works fine.
If it was just ssh, I would say that maybe permissions were wrong on .ssh
dir or identity file (works best 700/600 respectively).
But since you also have problems with Win ssh client and http for either,
I suspect an mtu path discovery problem. Does anything in the path from
client to server go in through pppoe? If Linux is doing the pppoe, this
should not be a problem. But if some other broadband router is doing
pppoe, you might need to match mtu of the nic on your server with the mtu
of pppoe on the router (ie, mtu 1492 max). I had to match mtu like that
when sending mail directly to an smtp server forwarded to private nic
behind pppoe router.
Note that sshd might depend upon host.allow | hosts.deny settings. What
error do you get from web browsers (or do they endlessly spin)? Can you
telnet to port 80 of server?
I have never had any trouble connecting to OpenSSH in Linux on adsl from
Putty in Windows or Solaris. Although, I do not keep my private keys on
public servers, so Solaris connection was ssh Linux dialup to Solaris, and
then ssh Solaris to Linux using ssh-agent to relay keys. Similarly I
have never had any trouble accessing Linux apache on adsl from Netscape or
wget on Solaris or any Win browsers.
% uname -a
SunOS typhoon 5.9 Generic_112233-07 sun4u sparc SUNW,UltraAX-MP
% wget -S -O /dev/null realhost.no-ip.com
--19:04:46-- http://realhost.no-ip.com:80/
=> `/dev/null'
Connecting to realhost.no-ip.com:80... connected!
HTTP request sent, awaiting response... 200 OK
2 Date: Fri, 29 Aug 2003 00:04:37 GMT
3 Server: Apache/1.3.27 (Linux/SuSE)
4 Connection: close
5 Content-Type: text/html
6
0K -> .
19:04:47 (56.75 KB/s) - `/dev/null' saved [1627]
--
David Efflandt - All spam ignored http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/