Question:
Strange problem with SSH, Linux, and Mac OS X?
?
2011-12-17 19:08:07 UTC
I have a Debian 5 Intel Linux server at the office. It is behind a router on a 192.x network. The router initially was Linksys but I thought it was broken, so I replaced it with another identical unit. Same problem, I cannot SSH into the server (read further). I then replaced the Linksys with a Dlink router. No change. Here's my problem:

Suddenly, without any changes to anything, I can no longer SSH from any PPC Mac OS X (10.3 and 10.4) machine on my network, to the Linux server on the same 192.x network ( I have 4 I have tried). As well, I cannot SSH from the same Linux machine into any of the PPC Mac OS X machines. However, I can SSH from an Intel Mac OS X machine into the Linux server and vice versa.

However, I have an identical server, with identical software, on a public (static IP) network, that I can SSH to from these same machines that won't SSH to the internal server. As well, they connect instantly when the connection is started.

The Intel Mac OS X machine can connect to all of the machines, but it takes about 30 seconds to initiate a connection to the internal Linux server via SSH, and is instantaneous as well to the external server.

I have tried a Windows Vista machine, and it has the same results as the Intel Mac OS X machine (20-30 seconds to connect to the internal machine, instant to the external). I have replaced the network switches, the router, and the NIC in the server. I also built a replacement server because I thought it was broken because of this, and the replacement exhibits the exact same problems! However, if I move the machines out of the 192.x network and in front of the firewall and assign them a static IP address, it all works fine.

I even isolated the Linux server, on the 192.x side of the router, with a single computer. No other branches of the network, and the problem is identical.

However, I did have one weird thing happen. While I was doing a "ls -R" and getting a directory listing of the root drive (from an SSH connection through the Intel Mac) I plugged the whole rest of the network into the router, and the directory listing STOPPED. When I removed this, it started again.

I have replaced routers, cables, NICs, and checked software settings and permissions. At this point I have a brand new router, a brand new switch attached to that router, brand new cables attaching them together, and to the server, which has a brand new NIC, and brand new cables between all of this and a test computer. Same problem.

This started suddenly on Thursday without any modifications to anything (no software upgrades, no spilled coke, etc.). The entire network has been stable for several years.

Any suggestions? (Besides dumping the Macs)...
Three answers:
Timothy Baldwin
2011-12-18 06:04:35 UTC
Check for duplicated IP address, nmap can be used for this.

Perhaps the SSH server or clients are attempting DNS lookups which fail, try setting the UseDNS option in /etc/ssh/sshd_config to No.

Pass the -vv option to ssh for debuging information.
2014-09-25 10:48:08 UTC
The best reverse cell phone lookup service that I have tried is http://reversephone.toptips.org



From using a reverse cell phone lookup you will be able to get the callers name and address just

by typing the phone numbers they will tell you the details related to the number.

The reverse cell phone lookup service has your details available they will give you the cell phones location. For a full report including a name and address and other interesting informations you will have to pay.

Enter the number in the system and they will tell you a lot of informations about the phone number and the person who owns it.

If they have extra details you will have to pay for the report.

Free reverse phone lookup sites generally provide the most basic of information such as name and it works only for landlines. To get further information, money will have to be paid. The free searches do not provide much more than what can be found through the phone book.

This service is great, I used it a lot f time with great results: I always obtained what I was searching for.

I definitely reccomend this service.
ʄaçade
2011-12-17 19:33:00 UTC
Make a chart of all the machines involved. Write down the host names, addresses, gateway addresses of each machine.

Note any switches in common, switches not in common.

Take note of who can ping whom.

Check the firewall rules, including iptables, at each node.

Use nmap localhost on each machine to determine what ports are truly open. Note them on the chart.

Watch where traceroute takes you.

Make sure sshd is still on 22.



That is as far as I can take you. Good luck.



Added: I agree with Tim that DNS could be a problem. SSH might be trying to do a reverse lookup. Bypass DNS and use IP addresses directly and (as Tim suggests) disable DNS usage by SSHD.



You may have to snoop the subnet (tcpdump) to watch the traffic for a while. Definitely something weird.


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...