Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY

To: debian-user@lists.debian.org
Subject: Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY
From: martin f krafft <madduck@debian.org>
Date: Wed, 16 Apr 2008 18:57:32 +0200
Message-id: <[🔎] 20080416165732.GA32117@lapse.madduck.net>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 4a89a2e90804101535r2aca5a03v86d224b8bf34cc54@mail.gmail.com>
References: <[🔎] 20080409133413.GA20889@lapse.madduck.net> <[🔎] 4a89a2e90804101535r2aca5a03v86d224b8bf34cc54@mail.gmail.com>

also sprach Bernardo Dal Seno <dibbex@gmail.com> [2008.04.11.0035 +0200]:
> >  In the tcpdump output, I see a lot of duplicate packets, but
> >  otherwise can't figure out what's going on.
> 
> I can see only one duplicate packet:
> 
> >   14.908203 192.168.254.246 -> 213.203.238.82 SSHv2 [TCP Retransmission] Client: Diffie-Hellman GEX Init

There'll be more if I just keep waiting.

> Have you filtered the tcpdump (Wireshark?) output?

Nope.

> >   22.576404 192.168.254.246 -> 213.203.238.82 SSH Encrypted
> >   request packet len=560
> 
> And this is an encrypted packet, so the Diffie-Hellman exchange
> should be completed.

Okay, so let's assume the DH exchange completes fine, why is the
session then not established?

> >   23.876222 213.203.238.82 -> 192.168.254.246 TCP [TCP ACKed lost segment] 22 > 59447 [ACK] Seq=1 Ack=586 Win=54 Len=0 TSV=747577555 TSER=4288622
> 
> This packet is very strange.  It's an ACK for a previous connection,
> with sequence number 1, i.e., the server has not sent any byte, while
> acknowledges 585 bytes sent from the client.  This is strange because
> even if you tenet to an Ssh server you get a response containing the
> version of the server.  Do you remember if you have done something in
> particular to get that?

Nope. Well, I flew into Barcelona and tried to connect to the
KubiWireless network here.

> >  Does anyone have any clue what's going on here? Is
> >  SSH2_MSG_KEX_DH_GEX_INIT so complex that it manages to screw over
> >  crap networks?
> 
> I don't understand what's happening, but maybe some packet has
> been filtered from the dump.  Do you have a firewall? Does it
> reject any packet?

Well, a packet filter runs on 213.203.238.82, but it allows SSH
traffic and RELATED,ESTABLISHED.

Thanks for your time,

-- 
 .''`.   martin f. krafft <madduck@debian.org>
: :'  :  proud Debian developer, author, administrator, and user
`. `'`   http://people.debian.org/~madduck - http://debiansystem.info
  `-  Debian - when you have better things to do than fixing systems
 
"one should never do anything that
 one cannot talk about after dinner."
                                                        -- oscar wilde

Attachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)

Reply to:

Follow-Ups:
- Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY
  - From: martin f krafft <madduck@debian.org>

References:
- SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY
  - From: martin f krafft <madduck@debian.org>
- Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY
  - From: "Bernardo Dal Seno" <dibbex@gmail.com>

Prev by Date: Re: creating a ProDOS boot diskette
Next by Date: Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY
Previous by thread: Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY
Next by thread: Re: SSH connections stall expecting SSH2_MSG_KEX_DH_GEX_REPLY
Index(es):
- Date
- Thread