-   Linux - Networking (
-   -   prematurely terminated connection during a large file transfer (

rob_xx17 03-21-2006 08:58 AM

prematurely terminated connection during a large file transfer
Hi all;

I have a server running SuSE 9.3 with OpenSSH v 4.3_p2 with OpenSSL 0.9.8a. I have a bunch of user accounts created, all of which are running chrooted with default user shell being rssh-2.3.2. The server is connected to the Internet. Everything is up and running. The problem, however, is that when I try to transfer a large file, one that's bigger than 2 BG, the connection gets terminated in the middle of transfer. I checked the /var/log/messages file but it doesn't say anything about any disconnected sessions. Is there a file for me to check that would display any information about terminating a connection? Is there a file that contains setting limiting file size? If so, where is it?

I also noticed that I'm being bombarded with false login attempts. What I don't like is that the server allows over 30 login attempts from a single IP address, although on different ports, before discarding that connection. How can I limit login attempts to, say, 5 from a single IP address? I looked in ssh_config and sshd_config but I didn't find anything of that sort.

Thank you so much for your help.


nx5000 03-21-2006 11:44 AM

Maybe your sshd is not compiled for large file support?
As root

strings `which sshd` | grep open | grep 64
If it doesn't give you
then I think you have to recompile sshd.

You're not transfering to a fat16 system? otherwise it can't work.

For failed logins, go to security forums, there is a sticky post

rob_xx17 03-21-2006 02:39 PM

no, I'm not transferring to fat16 system. I think it's ext3 or reiser4.

I tried, as root, the command:

strings 'which sshd' | grep open | grep 64

but I get this:

strings: 'which sshd' : No such file

what other command I can use on SuSE 9.3 to see if the daemon supports large file transport?

nx5000 03-22-2006 05:44 AM


its ` not ' so it gives:


strings `which sshd` | grep open | grep 64

rob_xx17 03-22-2006 09:00 AM

Thanks for the correction. I typed:


strings `which sshd` | grep open | grep 64
and I got nothing. It's not that I didn't get fopen64, I got nothing. I tried


strings `which sshd` | grep open


strings `which sshd`
and I still got nothing. Does it mean that I have to recompile sshd? If so, what directive do I use when I recompile? Also, how can I do it on a 'live' server?

One other thing, I created an identical copy of the server on a local network. I wanted to see if I'd get the same problem when the connection is via a local network. Well, I transferred 25 GB file with no problem. The only difference is the transfer rate. It took about 4 hrs to do it on a LAN. It would take about 16 hrs to transfer 6 GB file over the Internet. So, maybe it's a problem with the timing not the amount of data? What do you think?


nx5000 03-22-2006 10:13 AM

I don't see how time would affect the connection.
From the same client you try on a remote server and then on a local server (exactly the same you are sure?) and only works on a local one? Strange...

strings `which sshd` gives nothing?
which sshd
doesn't give anything ?
which sshd should give you the absolute path and filename of the sshd server.
on my machine it expands to
strings /usr/sbin/sshd | grep open | grep 64
which gives


debian:~# strings `which ssh` | grep fopen

jeanpd001 03-22-2006 10:25 AM

I think you should check your networking switch port speeds. I have found that if the network switch has its ports physically set to "auto-negotiation", it can wreak havoc on Linux system. Also you should set your network card to specifically 10 or 100 Mbs. Setting the NIC and the Switch to the same speed might resolve those issues. Don't forget to set the duplex the same as well.

Hope this helps.

rob_xx17 03-22-2006 11:15 AM

My server is connected to the outside world through a cisco router. I have both the speed and the duplex set to auto. I know how to change those values on the router. But I have no idea how to change it on my server. I looked through the menus on YaST (SuSE configuration utility) but I didn't find anything. How would I change it using the console?

On SuSE I used 'whereis sshd' to give me the absolute path to the sshd. It's '/usr/local/sbin/sshd'. Then I typed:

# strings `/usr/local/sbin/sshd` | grep fopen
but I got nothing. I have to 'Ctrl+C' to get back to the prompt. Is there any other way to check it? Could Debian and SuSE differ so much?

As for my servers being the same; the hardware differs (local server is an old-piece-of-junk desktop computer and the remote server is a state-of-the-art, brand-new, industrial-grade server) but the software is exactly the same. So, the only thing that differs is that one is local and the other is remote.

I did something else; at pretty much the same time I connected to the remote server using SFTP client to transfer the large test file, and I connected using PuTTy to look at the files on the remote server. After about 4 hrs of continuous connection on both clients (SFTP and PuTTy), all of a sudden SFTP client reported an error in file transfer. It didn't disconnect. The SFTP client was still connected. It's just the file transfer that was affected. The PuTTy connection was also not affected.

I don't know where to look for the error message on the failed connection. Maybe that could help me troubleshoot the problem. Any ideas? Thanks a bunch.

All times are GMT -5. The time now is 03:57 PM.