[Gllug] ssh problem - lots of duplicate ACKs but no shell

Richard Jones rich at annexia.org
Tue Mar 13 13:01:04 UTC 2007


On Mon, Mar 12, 2007 at 09:02:46PM +0000, Tom Schutzer-Weissmann wrote:
> I can't ssh to my hosting account from work using the normal "ssh" command 
> (OpenSSL 0.9.8), but I can using Putty.
> 
> I've looked at what happens in both cases, using wireshark, and so far haven't 
> spotted anything except the obvious: after authentication the whole thing 
> founders in "Retransmission"s and "Duplicate ACK"s.
> 
> On the server side no interesting error message appears, it just hangs. 
> 
> The most interesting thing is that the largest packet sent out by putty is 120 
> bytes, ssh sends one that's 448 bytes long, and then things go wrong. Is 
> there a way I can limit the packet size to see if it's causing the problem?

Probably setting the MTU of the outgoing interface will do this, eg:

ifconfig eth0 mtu 200

(Whether 200 is a good choice or not is another matter ...)

You can also use "ping -s packetsize" to send packets of a particular
size to a remote machine.  Send packets of an increasing size until
they stop appearing at the remote end.  You may also need "-M do"
which stops the packets from being fragmented.

For example:

$ ping -s 1500 -M do annexia.org
PING annexia.org (80.68.91.176) 1500(1528) bytes of data.
>From 192.168.2.249 icmp_seq=1 Frag needed and DF set (mtu = 1500)

vs:

$ ping -s 1460 -M do annexia.org
PING annexia.org (80.68.91.176) 1460(1488) bytes of data.
1468 bytes from furbychan.cocan.org (80.68.91.176): icmp_seq=1 ttl=56 time=51.9 ms

Rich.

-- 
Richard Jones
Red Hat
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list