LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 10-21-2016, 12:20 PM   #1
jjanderson5
LQ Newbie
 
Registered: Nov 2003
Location: Saylorsburg, PA, US
Distribution: Bunsenlabs Hydrogen
Posts: 24

Rep: Reputation: 0
ssh hangs when trying to secure shell to one particular host


I have a VCN server set up on my host, let's call it 'jim'. This host has been running Ubuntu 16.xx for around 6 months now. I have had VNC server and ssh working on it ok in the past. Today I found that a co-worker could not use a VNC viewer to look at my desktop and when I tried from a different host on my intranet, VNC viewer failed for me also.

In looking at my intranet, I found that I can ssh from any host to any other host, except 'jim'. When I enter 'ssh -l jja jim' and hit return, the command hangs until I interrupt it. This command hangs from any other host on my network. If I try to run 'sudo rpcinfo -p jim' from any host, the command not only hangs, but I cannot interrupt it.

If I ping 'jim' from any host, I do get a positive response. If I try to ssh from 'jim' to any other host, everything works fine.

I have tried 'apt-get remove openssh-server' and reinstalled it, but no change in behavior.

Can anyone help with suggestions on what to try to get 'ssh jim' to work?

Jim Anderson
 
Old 10-21-2016, 12:26 PM   #2
jjanderson5
LQ Newbie
 
Registered: Nov 2003
Location: Saylorsburg, PA, US
Distribution: Bunsenlabs Hydrogen
Posts: 24

Original Poster
Rep: Reputation: 0
NOTE: I had posted this thread in 'networking', but moved it to the 'software' forum because it did not look like it was at a low enough level on the OSI model to be considered a 'networking' problem. I did get the following response from 'lazydog' to the original post.

___________________________________________________________________________
First thing to do when a service is not working is to ensue the service is started. If the service is started then the next thing to look at is your firewall and either make sure it is turned off or that the ports are opened on it that are required to get things connected.
__________________
Regards
Robert
 
Old 10-22-2016, 10:03 AM   #3
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,854
Blog Entries: 3

Rep: Reputation: 3040Reputation: 3040Reputation: 3040Reputation: 3040Reputation: 3040Reputation: 3040Reputation: 3040Reputation: 3040Reputation: 3040Reputation: 3040Reputation: 3040
Well, since you have access to both machines, you can try several things.

One, from the client side, you can increase the verbosity.

Code:
ssh -v -l jja jim
ssh -vv -l jja jim
ssh -vvv -l jja jim
Look carefully at each level to see if you get some kind of indication as to what's going on.

On the server, there are two thing to try. First, you can look at the configuration file and see if that's any clue.

Code:
/usr/sbin/sshd -T | sort | less
/usr/sbin/sshd -TC user=jja,host=jim,addr=xxx.yyy.zzz.aaa | sort | less
Substitute in the ip address of the client machine that is having the trouble there in the second line.

Second, you can try running an extra copy of the daemon and watch what it says about the connection. The following is good for one connection attempt (vary the number of -d from one to three for more details):

Code:
sudo /usr/sbin/sshd -dd -p 22222
Then you can connect once on port 22222 and see the connection information from the server side without disturbing the other users:

Code:
ssh -p 22222 -l jja jim
 
Old 10-24-2016, 10:42 AM   #4
jjanderson5
LQ Newbie
 
Registered: Nov 2003
Location: Saylorsburg, PA, US
Distribution: Bunsenlabs Hydrogen
Posts: 24

Original Poster
Rep: Reputation: 0
Resolved

Thank you turbocapilalist. I actually resolved the problem last week, but I have added your suggest to my
'useful commands for debugging network problems'. It has been a busy week, but I finally got back to
record my solution today.

'lazydog' made the suggestion to look at my firewall. I looked an 'iptables howto' and it gave an
example of making sure that the ssh port is open:

>>> iptables -A INPUT -p tcp --dport ssh -j ACCEPT

and that worked. It is interesting to note that ssh from and to the computers in questions had worked
previously. That raises the question of how the firewall got blocked in the first place. But all is
well that ends well.

Jim Anderson
 
Old 10-24-2016, 01:07 PM   #5
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668Reputation: 1668
Quote:
Originally Posted by jjanderson5 View Post
It is interesting to note that ssh from and to the computers in questions had worked previously. That raises the question of how the firewall got blocked in the first place.
Jim Anderson
At a guess you had it open in iptables in memory but had never updated the saved iptables file that gets reloaded on boot so when you last booted it simply didn't have the rule. (Or alternatively along the same lines you never had iptables running and/or had disabled it but on last reboot it restarted and didn't have the rule.)

Make sure any rules you have in memory are saved to the file that gets reloaded on boot. You can do that manually and I usually do any time I update rules on the fly. Many systems do this automatically on graceful shutdown but wouldn't do it on a crash. Also make sure the rules you've saved are in fact being loaded when you boot.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] ssh hangs when trying to secure shell to one particular host jjanderson5 Linux - Networking 3 10-21-2016 12:19 PM
LXer: Using secure shell (ssh) for login and secure copy (scp) for data transfer on Linux LXer Syndicated Linux News 0 02-05-2015 11:00 AM
Secure? SSH using keyfile and no password, but restricted host machine access? ziphem Linux - Software 2 09-02-2013 03:27 PM
How to use SSH (Secure Shell Host) in RHEL. RMLinux Linux - Newbie 9 12-01-2008 08:02 PM
SSH Secure Shell 3.2.9 bglover3 Linux - Enterprise 1 06-21-2007 03:30 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 05:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration