Cacadril
Guest
|
 Posted: Fri Nov 14, 2008 11:41 am Post subject: ssh through vista connection sharing not working, delayed ac |
 |
|
I am trying to access a remote computer using ssh, but get no
response. Using strace, I see the client opening a socket to the
server, setting keep-alive, and hanging in the very first read system
call.
The general connectivity is in place, I browsed http://www.nytimes.com
without problems.
The ssh client is a linux (debian lenny) laptop. I am snooping the
connection with wireshark, and I see the response from the ssh server,
saying "SSH-2.0-OpenSSH_5.1\r\n". Then I see eight retransissions of
this datagram, and finally a FIN followed by a FIN-ACK response. There
is never an ACK response from my laptop, other than the final FIN-ACK.
Also the connection establishment itself looks strange, with multiple
retransmissions:
source: message:
client SYN
server SYN,ACK 70 ms response time
client SYN 3 seconds after the first SYN
server SYN,ACK 70 ms
server SYN,ACK retransmission 15 ms after previous
repeat the last three datagrams with increasing delays, 6 seconds, 12
seconds between tries. Then 24 seconds after last try,
client SYN
server SYN,ACK
client SYN,ACK 0,1 ms delay -- NB this is an ACK reponse
from my client
server "SSH-2.0-OpenSSH_5.1\r\n" (21 bytes) 70 ms
server retransmission of last message X 8
server FIN,ACK Seq=22, ack=21
client FIN,ACK Seq=1, ack=1 1270 seconds after server FIN
I checked the iptables state using iptables -v -L; got policy ACCEPT
and no rules on all chains. Same for tables nat, mangle, and raw.
Yet I could browse the internet.
The network topology is as follows.
I connect to the internet from a Vista laptop, using a wireless. The
linux laptop is connected to the Vista laptop using an ethernet cable.
Connection sharing is turned on in the Vista. I run putty (windows
telent/ssh client) on Vista and connect successfully to the ssh server
in question. I run wireshark on both laptops, snooping the ethernet
interface and see exactly the same datagrams.
What am I missing?
Thanks |
|
Cacadril
Guest
|
| Posted: Sun Nov 16, 2008 11:41 am Post subject: Re: ssh through vista connection sharing not working, NEW IN |
|
|
On Nov 14, 12:41 pm, Cacadril <en...@online.no> wrote:
| Quote: | I am trying to access a remote computer using ssh, but get no
response. Using strace, I see the client opening a socket to the
server, setting keep-alive, and hanging in the very first read system
call.
The general connectivity is in place, I browsedhttp://www.nytimes.com
without problems.
The ssh client is a linux (debian lenny) laptop. I am snooping the
connection with wireshark, and I see the response from the ssh server,
saying "SSH-2.0-OpenSSH_5.1\r\n". Then I see eight retransissions of
this datagram, and finally a FIN followed by a FIN-ACK response.
|
I found something: All response datagrams, i.e., all datagrams issued
by the remote server, arrive at my linux box with an 802.1q "header"
inserted between the ethernet header and the ip header. I guess this
is something Vista introduces, see the quoted topology description
below. I will start a new thread to ask about this.
| Quote: | There
is never an ACK response from my laptop, other than the final FIN-ACK.
|
Not exactly correct, as there is an ack after a very long time delay.
This is also apparent in the quoted list of exchanges below.
| Quote: | Also the connection establishment itself looks strange, with multiple
retransmissions:
source: message:
client SYN
server SYN,ACK 70 ms response time
client SYN 3 seconds after the first SYN
server SYN,ACK 70 ms
server SYN,ACK retransmission 15 ms after previous
repeat the last three datagrams with increasing delays, 6 seconds, 12
seconds between tries. Then 24 seconds after last try,
client SYN
server SYN,ACK
client SYN,ACK 0,1 ms delay -- NB this is an ACK reponse
from my client
server "SSH-2.0-OpenSSH_5.1\r\n" (21 bytes) 70 ms
server retransmission of last message X 8
server FIN,ACK Seq=22, ack=21
client FIN,ACK Seq=1, ack=1 1270 seconds after server FIN
I checked the iptables state using iptables -v -L; got policy ACCEPT
and no rules on all chains. Same for tables nat, mangle, and raw.
Yet I could browse the internet.
The network topology is as follows.
I connect to the internet from a Vista laptop, using a wireless. The
linux laptop is connected to the Vista laptop using an ethernet cable.
Connection sharing is turned on in the Vista. I run putty (windows
telent/ssh client) on Vista and connect successfully to the ssh server
in question. I run wireshark on both laptops, snooping the ethernet
interface and see exactly the same datagrams.
What am I missing?
Thanks |
|
|
