FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 05-10-2012, 01:47 PM
James
 
Default ssh stalls - please help

Helmut Jarausch <jarausch <at> igpm.rwth-aachen.de> writes:


> probably since I've emerged openssh-6.0_p1 and/or git-sources-3.4_rc? I
> have problems with ssh.

Well, I have a new problem with ssh too. I'm curious if my
problem is related to Helmut's; thus posting in his thread.


When I set up a new Adtran router, I give the router a local
ip and I can ssh into it without issue (over the ethernet).

When I put the router across a frame relay network, it
gives a protocol timeout error [1]. I have many older
antran routers where the same version of openssh works without
issue; and the (allocated) bandwidth is the same. I have
an open ticket with adtran, as they are looking at
the problem from their end and admit some issues with
their latest firmware, particularly related to cisco
compatibility.

Here is how the openssh is setup on my laptop:
net-misc/openssh-5.9_p1-r4 USE="X hpn ldap pam tcpd

So I guess I can recompile this 5.9 version of openssh (-hpn) and
and test it out (several days round trip travel time will
elapse). The FR circuit is limited to 16Kbps
on the segment where the problem exist. Segements with older
adtran routers on 16 Kbps links are work just fine.
Is there a way to relax the timing on the protocol
negotiations, so as to make the new Adtran's more
tolerant? I guess Adtran would have to do this, or
can I pass some options via openssh or another version
of ssh?

So another questions is this. Is there another older ssh (version 2
support) laying around in portage (or elsewhere) I should try?
Maybe another "ssh" is more relaxed on timeout issues?
Remember, I'm an old unix_hack so I keep things like very
old versions of telnet(and many others) around, to access
old (like me) equipment.....

I even used a command line option to specify the encryption,
"3des-cbc" but I get the same error message.

Ideas, comments and syntax suggestions are welcome.

James

[1]
OpenSSH_5.9p1-hpn13v11lpk, OpenSSL 1.0.0i 19 Apr 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 192.168.21.2 [192.168.21.2] port 22.
debug1: Connection established.
debug1: identity file /home/james/.ssh/id_rsa type -1
debug1: identity file /home/james/.ssh/id_rsa-cert type -1
debug1: identity file /home/james/.ssh/id_dsa type -1
debug1: identity file /home/james/.ssh/id_dsa-cert type -1
debug1: identity file /home/james/.ssh/id_ecdsa type -1
debug1: identity file /home/james/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version RomSShell_4.31
debug1: no match: RomSShell_4.31
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1-hpn13v11lpk
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: AUTH STATE IS 0
debug1: REQUESTED ENC.NAME is '3des-cbc'
debug1: kex: server->client 3des-cbc hmac-sha1 none
debug1: REQUESTED ENC.NAME is '3des-cbc'
debug1: kex: client->server 3des-cbc hmac-sha1 none
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
Received disconnect from 192.168.21.2: 2: Protocol Timeout
 

Thread Tools




All times are GMT. The time now is 01:07 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org