You are not logged in.
- Topics: Active | Unanswered
#1 2012-03-18 07:40:04
- Feriority
- Member
- Registered: 2012-03-18
- Posts: 2
sshd failing key exchange from round-trips through router
I'm setting up a new computer running Arch (my first Arch machine, and for that matter my first Linux machine that I've set up myself) and am running into some trouble with sshd.
My laptop (running Windows 7, using PuTTY) can connect to the Arch server just fine if I use its internal IP address. Attempting to connect to its domain routing through the internet starts, and successfully does SSH2_MSG_KEXINIT to figure out what encryption format to agree on, sends SSH2_MSG_KEX_DH_GEX_REQUEST, then hangs until it times out.
From the Arch server itself, I can connect to localhost and I can connect to its internal server IP, but I get similar failures if I try to connect to the hostname, only it fails even earlier (on SSH2_MSG_KEXINIT) - the output is at http://pastebin.com/ChZ4FA18 if it helps.
I've been googling this, but all the results seem to either not have been resolved or suggest changing MTUs to get around bad routing. I've changed my MTU to 576 and then 256 to see if it would help, and neither made a difference (I ran "ifconfig eth0 mtu 576" then "rc.d restart network" to make the changes).
I've just discovered another strange piece of the puzzle - when I connect to an outside host first, I can connect to my server just fine - the problem only happens on a round trip out of my local network and then back into it in a single SSH connection.
Does anyone have any suggestions?
*EDIT: I'm using iptables with sshguard, but stopping iptables didn't make a difference (and nmap showed port 22 open for me either way).
*EDIT: I tried using the -c flag to limit the size of the cipher list, as suggested by http://serverfault.com/questions/265244 … et-by-peer but it didn't help.
Last edited by Feriority (2012-03-18 07:55:15)
Offline
#2 2012-03-18 16:21:43
- ewaller
- Administrator
- From: Pasadena, CA
- Registered: 2009-07-13
- Posts: 19,822
Re: sshd failing key exchange from round-trips through router
Is the router configured to forward the SSH port to the Arch server?
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
#3 2012-03-18 17:53:16
- Feriority
- Member
- Registered: 2012-03-18
- Posts: 2
Re: sshd failing key exchange from round-trips through router
Is the router configured to forward the SSH port to the Arch server?
Yes, it is; I can verify that it's working based on being able to successfully connect from an origin outside the network.
Offline