Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY
On 09/04/2008, martin f krafft <madduck@debian.org> wrote:
> every once in a while, I am stuck in a crap wifi network and often
> cannot even establish SSH connections. What happens is that the
> socket connection is established, but the client then just waits for
> a server reply during the DH key exhchange:
[snip]
> In the tcpdump output, I see a lot of duplicate packets, but
> otherwise can't figure out what's going on.
I can see only one duplicate packet:
> 14.908203 192.168.254.246 -> 213.203.238.82 SSHv2 [TCP Retransmission] Client: Diffie-Hellman GEX Init
Have you filtered the tcpdump (Wireshark?) output?
> 22.576404 192.168.254.246 -> 213.203.238.82 SSH Encrypted request packet len=560
And this is an encrypted packet, so the Diffie-Hellman exchange should
be completed.
> 23.876222 213.203.238.82 -> 192.168.254.246 TCP [TCP ACKed lost segment] 22 > 59447 [ACK] Seq=1 Ack=586 Win=54 Len=0 TSV=747577555 TSER=4288622
This packet is very strange. It's an ACK for a previous connection,
with sequence number 1, i.e., the server has not sent any byte, while
acknowledges 585 bytes sent from the client. This is strange because
even if you tenet to an Ssh server you get a response containing the
version of the server. Do you remember if you have done something in
particular to get that?
> Does anyone have any clue what's going on here? Is
> SSH2_MSG_KEX_DH_GEX_INIT so complex that it manages to screw over
> crap networks?
I don't understand what's happening, but maybe some packet has been
filtered from the dump. Do you have a firewall? Does it reject any
packet?
Ciao,
Bernardo
Reply to: