# ssh hangs after login

## -Frodo-

i'm tryin' to work via ssh on a remote machine( served by a dlink router ).. this machine has a simple initial gentoo installation with sshd running and the router has a port 22 forwarding.. 

i'm able to connect.. but if i type a RIGHT password it hangs.. and i dont see the problem..

any idea?

thanks !  :Smile: 

----------

## hegga

could it be a problem with the shell your are assigned to?

does any other users have this problem and do you have access to 

any system logs?

----------

## groovin

what ssh client r u running? if i run putty on a windoze box and try to connect to my gentoo server, it always dies if i try logging in as a normal user... if i login as root it works fine...

so then i hit kvm over to my gentoo workstation and use that to ssh into my server!

----------

## -Frodo-

i'm using ssh on a gentoo pc to remote login into a gentoo pc.. i have this problem both with user accounts and root..

----------

## nivek98

Does it hang forever or is it just slow?  If it just slow it might be a reverse dns issue.  I've had that happen to me many times.

1) Have a look at /etc/hosts on PC you are trying to ssh into and make sure you have an entry for the pc you are sshing from.

or

2) Edit /etc/ssh/sshd_config and uncomment and change UseDNS.  (Never tested this fix, but i would expect it to work)

-Nivek98

----------

## -Frodo-

I got this from the remote pc..

I'm 82.52.7.220... i dont understand the strange things that happen between ***

Why he asks DNS for my IP again ? and then TCP start to retrasmit ?

```

...

No.     Time        Source                Destination           Protocol Info

     31 13.753009   82.52.7.220           192.168.1.2           SSHv2    Encrypted request packet len=48

No.     Time        Source                Destination           Protocol Info

     32 13.753156   192.168.1.2           82.52.7.220           TCP      ssh > 60882 [ACK] Seq=1605 Ack=965 Win=8640 Len=0 TSV=703460 TSER=37319603

No.     Time        Source                Destination           Protocol Info

     33 13.753305   192.168.1.2           82.52.7.220           SSHv2    Encrypted response packet len=48

No.     Time        Source                Destination           Protocol Info

     34 13.841946   82.52.7.220           192.168.1.2           SSHv2    Encrypted request packet len=64

No.     Time        Source                Destination           Protocol Info

     35 13.862103   192.168.1.2           82.52.7.220           SSHv2    Encrypted response packet len=64

No.     Time        Source                Destination           Protocol Info

     36 13.949629   82.52.7.220           192.168.1.2           SSHv2    Encrypted request packet len=96

No.     Time        Source                Destination           Protocol Info

     37 13.950519   192.168.1.2           82.52.7.220           SSHv2    Encrypted response packet len=64

No.     Time        Source                Destination           Protocol Info

     38 14.083947   82.52.7.220           192.168.1.2           TCP      60882 > ssh [ACK] Seq=1125 Ack=1781 Win=8704 Len=0 TSV=37319936 TSER=703509

No.     Time        Source                Destination           Protocol Info

     39 15.547360   82.52.7.220           192.168.1.2           SSHv2    Encrypted request packet len=144

No.     Time        Source                Destination           Protocol Info

     40 15.563499   192.168.1.2           82.52.7.220           SSHv2    Encrypted response packet len=32

No.     Time        Source                Destination           Protocol Info

     41 15.646509   82.52.7.220           192.168.1.2           TCP      60882 > ssh [ACK] Seq=1269 Ack=1813 Win=8704 Len=0 TSV=37321498 TSER=703913

No.     Time        Source                Destination           Protocol Info

     42 15.650901   82.52.7.220           192.168.1.2           SSHv2    Encrypted request packet len=64

No.     Time        Source                Destination           Protocol Info

     43 15.652293   192.168.1.2           82.52.7.220           SSHv2    Encrypted response packet len=48

No.     Time        Source                Destination           Protocol Info

     44 15.748462   82.52.7.220           192.168.1.2           SSHv2    Encrypted request packet len=384

*****************************************************************************************

No.     Time        Source                Destination           Protocol Info

     45 15.750843   192.168.1.2           85.37.17.41           DNS      Standard query PTR 220.7.52.82.in-addr.arpa

###################################

This is the last packet i receive on my client.

No.     Time        Source                Destination           Protocol Info

     46 15.787861   192.168.1.2           82.52.7.220           TCP      ssh > 60882 [ACK] Seq=1861 Ack=1717 Win=11488 Len=0 TSV=703969 TSER=37321589

###################################

No.     Time        Source                Destination           Protocol Info

     47 15.801932   85.37.17.41           192.168.1.2           DNS      Standard query response PTR host220-7.pool8252.interbusiness.it

No.     Time        Source                Destination           Protocol Info

     48 15.803532   192.168.1.2           85.37.17.41           DNS      Standard query A host220-7.pool8252.interbusiness.it

No.     Time        Source                Destination           Protocol Info

     49 15.853689   85.37.17.41           192.168.1.2           DNS      Standard query response A 82.52.7.220

*****************************************************************************************

No.     Time        Source                Destination           Protocol Info

     50 15.876136   192.168.1.2           82.52.7.220           SSHv2    Encrypted response packet len=48

No.     Time        Source                Destination           Protocol Info

     51 15.876248   192.168.1.2           82.52.7.220           SSHv2    Encrypted response packet len=80

No.     Time        Source                Destination           Protocol Info

     52 16.171875   192.168.1.2           82.52.7.220           SSHv2    [TCP Retransmission] Encrypted response packet len=128

No.     Time        Source                Destination           Protocol Info

     53 16.763876   192.168.1.2           82.52.7.220           SSHv2    [TCP Retransmission] Encrypted response packet len=128

No.     Time        Source                Destination           Protocol Info

     54 17.252963   D-Link_6d:ec:96       AsustekC_0b:ad:7e     ARP      Who has 192.168.1.2?  Tell 192.168.1.1

No.     Time        Source                Destination           Protocol Info

     55 17.252984   AsustekC_0b:ad:7e     D-Link_6d:ec:96       ARP      192.168.1.2 is at 00:0c:6e:0b:ad:7e

No.     Time        Source                Destination           Protocol Info

     56 17.947890   192.168.1.2           82.52.7.220           SSHv2    [TCP Retransmission] Encrypted response packet len=128

No.     Time        Source                Destination           Protocol Info

     57 20.315922   192.168.1.2           82.52.7.220           SSHv2    [TCP Retransmission] Encrypted response packet len=128

No.     Time        Source                Destination           Protocol Info

     58 21.768114   192.168.1.2           192.168.1.1           DHCP     DHCP Request  - Transaction ID 0xaba2f209

No.     Time        Source                Destination           Protocol Info

     59 21.771085   192.168.1.1           192.168.1.2           DHCP     DHCP ACK      - Transaction ID 0xaba2f209

No.     Time        Source                Destination           Protocol Info

     60 25.051985   192.168.1.2           82.52.7.220           SSHv2    [TCP Retransmission] Encrypted response packet len=128

No.     Time        Source                Destination           Protocol Info

     61 34.528101   192.168.1.2           82.52.7.220           SSHv2    [TCP Retransmission] Encrypted response packet len=128

No.     Time        Source                Destination           Protocol Info

     62 51.776471   192.168.1.2           192.168.1.1           DHCP     DHCP Request  - Transaction ID 0x34476952

No.     Time        Source                Destination           Protocol Info

     63 51.779444   192.168.1.1           192.168.1.2           DHCP     DHCP ACK      - Transaction ID 0x34476952

No.     Time        Source                Destination           Protocol Info

     64 53.472344   192.168.1.2           82.52.7.220           SSHv2    [TCP Retransmission] Encrypted response packet len=128

...

```

----------

## nivek98

I'm by no means an expert on the ssh protocol, but from the looks of it, the DNS problem i described is not your problem.  Hopefully someone else will have a suggestion for you...

-Nivek98

----------

## -Frodo-

I've just noticed that if i'm in the same subnet, using the same router, i've no problems. Maybe a router configuration problem ? It performs port 22 forwarding.. what else?

----------

## nivek98

You might try a packet sniffer on both sides, your computer and remote, and compare the results.  Perhaps some of the traffic is being blocked bot not all? Hopefully someone else will have a better idea...

----------

## bluedevils

sure sounds like a firewall issue. other than the hardware firewall, is iptables running on one of the boxes?

----------

## -Frodo-

No iptable running, the only firewall involved is the eth router's one..

i dont understand why the ssh transaction has no problems untill i submit the right password.. then my client doesnt receive anything anymore and the ssh server starts to retransmit ssh packets that i dont receive (see the packet sniffer result above..)   :Confused: 

----------

## Dizzutch

run ssh in verbose mode, where exactly does it hang?

----------

## Crisis

Check your routing table.  Can the gentoo box route out of its local network?  Can you ping the IP it is trying to connect to?

----------

## -Frodo-

Ssh -v output .. 

```

debug1: ssh_rsa_verify: signature correct

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey,password,keyboard-interacti                                                                                     

ve

debug1: Next authentication method: publickey

debug1: Trying private key: /home/davide/.ssh/identity

debug1: Trying private key: /home/davide/.ssh/id_rsa

debug1: Trying private key: /home/davide/.ssh/id_dsa

debug1: Next authentication method: keyboard-interactive

debug1: Authentications that can continue: publickey,password,keyboard-interacti                                                                                     

ve

debug1: Next authentication method: password

root@xxxxxxx.no-ip.org's password: 

debug1: Authentication succeeded (password).

debug1: channel 0: new [client-session]

debug1: Entering interactive session.

```

then no packets from server anymore

----------

## Dizzutch

so it gets through, which isn't a routing problem then.

Check your shells .*rc file.

----------

## Crisis

I'd still like to see the output of the route command ran on the gentoo box.

----------

## -Frodo-

Update : the problem described is exactly the same if i run the ssh server and the remote pc behind the router try to ssh me...

Mine route output is simply : 

```
phobos davide # route 

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

host86-3.pool82 *               255.255.255.255 UH    0      0        0 eth1

192.168.0.0     *               255.255.0.0     U     0      0        0 eth0

loopback        localhost.local 255.0.0.0       UG    0      0        0 lo

default         host86-3.pool82 0.0.0.0         UG    0      0        0 eth1
```

----------

## Crisis

You have 2 network cards in this machine?  I was under the impression it was on a local network behind a router to the internet..

Can you explain, is this gentoo box connected to 2 networks, and also can you post your sshd_config?

----------

## -Frodo-

It's a very simple configuration :

My Gentoo Box

 (ssh client)  

eth0 (unused or 

rarely used to 

gateway my laptop) 

eth1 -------------> eth modem -----> THE INTERNET  -----> eth router -----> Remote Gentoo Box (ssh server)

The remote gentoo box is the only machine connected to the router.

both machines use bash.

I've tried to encrase the MTU of both machines' eth interfaces.. thinkin' to the fragmentation problems.. but nothing changed..

----------

## Crisis

Can you post your sshd_config?

----------

## -Frodo-

sorry i had to ask for the sshd_config (the remote gentoo box is 40km from me  :Razz: )

```
Port 22

Protocol 2

ServerKeyBits 2048

SyslogFacility AUTH

LogLevel INFO

LoginGraceTime 60

PermitRootLogin yes

RSAAuthentication no

PubkeyAuthentication yes

PasswordAuthentication yes

PermitEmptyPasswords no

PAMAuthenticationViaKbdInt no

Compression yes

KeepAlive yes

ClientAliveInterval 30

ClientAliveCountMax 4
```

----------

## P21YALPHA

Same problem here.

It seems sshd on new Gentoo Livecd/minimal-cd 2006.1 has Probs.

Ill test this in a testlab and maybe will open bug report if this persists.

----------

