Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: SSH Hangs

from [Jayson Anderson] Network Security [Permanent Link]
Subject: Re: SSH Hangs
Date: Thu, 08 Sep 2005 01:54:48 -0700 
Greetings, 

Without knowing the topology of your working setup OR your non-working
setup, it is nearly impossible to try and deduce what the problem could
be with your second set of workstations.

You say snoop sees an outbound ssh attempt from the source
workstation.... I'm assuming you saw this using snoop on the source
workstation itself  ? If so, this leaves EVERY SINGLE PORTION of the
transit path at every single Layer1-Layer7 as a possible suspect. 

Silly question but not a given reading your mail...... is the
workstation that's sending the request actually getting the ethernet
frames on the wire ? Could be an outbound IP Filter, Lack of IP route to
host, NIC driver, NIC, Jack, Cable, Switch port, Switch fabric, - then
run that same list in reverse for the receiving workstation's LAN. If
they're not on the same switch then the possibilities become
ridiculously large. 

So, for now, can you verify the second ssh client workstation is on the
wire, period ? IP connectivity (icmp echo/reply, other applications,
etc.) are working ? If so, time to check filters both outbound and
inbound. Further, if murphy is totally having his way with you, it could
be a transmission medium error that only errors out when payloads
specific to ssh SYN packets from solaris cause a specific bug-inducing
pattern or voltage on the wire. 

So yeah, need a lil' more info ;) 

Jayson


On Wed, 2005-09-07 at 16:01 +0200, Baveystock.John@swm.de wrote:

Hello,

I have installed openssh (the compiled version from sunfreeware.com) on 4 
Solaris 8 workstations.
The hardware is identical as is the Solaris 8 installation and configuration.

The installed pagages are:
libgcc-3.3-sol8-sparc-local
openssh-4.1p1-sol8-sparc-local
openssl-0.9.7g-sol8-sparc-local
pkgadd  -d  zlib-1.2.3-sol8-sparc-local

In the path is /usr/local/bin and /usr/local/sbin.

On 2 workstations the command "ssh -l user host-name" produces a password 
prompt resulting in a correct login.

On the other 2 workstations the command "ssh -l user host-name" hangs. A 
snoop shows that the ssh request leaves the Sun workstation, but the Sun does 
not receive a reply.

Has anybody any ideas why 2 workstaions do not work?

John Baveystock
SWM Services Energie und Wasser GmbH
Netzwerkmanagement - S-IP-TK-KS
Emmy-Noether Str. 2, Zi. C0.80
80287 MÃnchen
Tel.: 089/2361-4350
Mobil: 0172/8223043
Fax: 089/2361-2998
E-mail: baveystock.john@swm.de
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • SSH Hangs, Baveystock.John
    • Re: SSH Hangs, Jayson Anderson <=
Previous by Date:  Re: file transfer size limit, Frank Wang
Next by Date:  Re: Re: SSHD and SSH Call-out via Port Knocking, guyverdh
Previous by Thread:  SSH Hangs, Baveystock.John
Next by Thread:  Re: SSH Tunnel logging only local ip's, giany007
Indexes:  [Date] [Thread] [Top] [All Lists]