[Gllug] ssh problem - lots of duplicate ACKs but no shell
Richard Jones
rich at annexia.org
Tue Mar 13 13:01:04 UTC 2007
On Mon, Mar 12, 2007 at 09:02:46PM +0000, Tom Schutzer-Weissmann wrote:
> I can't ssh to my hosting account from work using the normal "ssh" command
> (OpenSSL 0.9.8), but I can using Putty.
>
> I've looked at what happens in both cases, using wireshark, and so far haven't
> spotted anything except the obvious: after authentication the whole thing
> founders in "Retransmission"s and "Duplicate ACK"s.
>
> On the server side no interesting error message appears, it just hangs.
>
> The most interesting thing is that the largest packet sent out by putty is 120
> bytes, ssh sends one that's 448 bytes long, and then things go wrong. Is
> there a way I can limit the packet size to see if it's causing the problem?
Probably setting the MTU of the outgoing interface will do this, eg:
ifconfig eth0 mtu 200
(Whether 200 is a good choice or not is another matter ...)
You can also use "ping -s packetsize" to send packets of a particular
size to a remote machine. Send packets of an increasing size until
they stop appearing at the remote end. You may also need "-M do"
which stops the packets from being fragmented.
For example:
$ ping -s 1500 -M do annexia.org
PING annexia.org (80.68.91.176) 1500(1528) bytes of data.
>From 192.168.2.249 icmp_seq=1 Frag needed and DF set (mtu = 1500)
vs:
$ ping -s 1460 -M do annexia.org
PING annexia.org (80.68.91.176) 1460(1488) bytes of data.
1468 bytes from furbychan.cocan.org (80.68.91.176): icmp_seq=1 ttl=56 time=51.9 ms
Rich.
--
Richard Jones
Red Hat
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list