Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
When I ssh from my office to my home (both ends running Slackware 14.2), I often get a screen freeze. I don't think this has anything to do with inactivity because it freezes most often while I am typing. The only way out is to kill the terminal and start again. The ssh rarely lasts more than 5 minutes, so it is really a big issue for me. I checked /var/messages, it shows that I logged in via publickey, but it doesn't show that it got disconnected. It could be my router that is acting weird, but I'd like to know how to narrow it down. Thanks.
Distribution: Void, Linux From Scratch, Slackware64
Posts: 3,153
Rep:
Can't help with the why, but as a fix so that you don't lose what yur doing, try using 'screen' that way if u get disconected u can re attach to the session u was using
When I ssh from my office to my home (both ends running Slackware 14.2), I often get a screen freeze. I don't think this has anything to do with inactivity because it freezes most often while I am typing. The only way out is to kill the terminal and start again. The ssh rarely lasts more than 5 minutes, so it is really a big issue for me. I checked /var/messages, it shows that I logged in via publickey, but it doesn't show that it got disconnected. It could be my router that is acting weird, but I'd like to know how to narrow it down. Thanks.
So this article seems to point out that there are settings in ssh (client side) and sshd (server side) that prevent timeout by sending null packets periodically (which I think you know already).
But apparently once a certain amount of null packets are sent, it will still time out/freeze.
When I ssh from my office to my home (both ends running Slackware 14.2), I often get a screen freeze. I don't think this has anything to do with inactivity because it freezes most often while I am typing. The only way out is to kill the terminal and start again. The ssh rarely lasts more than 5 minutes, so it is really a big issue for me. I checked /var/messages, it shows that I logged in via publickey, but it doesn't show that it got disconnected. It could be my router that is acting weird, but I'd like to know how to narrow it down. Thanks.
After I posted this, I looked at /var/log/messages more carefully and saw that an unknown IP was attempting to continuously connect to server generating "Too many authentication failures". I am not sure if that was the cause of my freezes, but I didn't know how to stop this attack either, so I changed my ssh port to something other than 22. So far that seems to have fixed my freeze problem.
does the office use a NAT router? do you? these routers typically assume, by default, that usage is for HTTP(S) and set a short timeout for NAT table entries. whoever runs this router should look at the documentation thoroughly to see how to configure this. don't turn them off unless it lets you do it by port number since that will cause the router to run out of memory, eventually.
you can set up a VPN that uses UDP with pinging in both directions (every few seconds is probably good enough). that might have better luck than TCP.
Even if you run on non-standard ports I recommend FAIL2BAN.
I once set up a honeypot running FAILTOBAN and services on normal ports on my network. I forwarded the block addresses to my gateway, thus adding protection to my entire network.
I linked in whois to get a report on the source subnets, compiled the result by country, and created a web page with a running graph of what parts of what countries were trying how hard to break in today. Overkill, but the it sure made for some fun reading.
I was so impressed with the behavior of failtoban that I installed it on the most at-risk data servers at work. We never had a successful breach.
Even if you run on non-standard ports I recommend FAIL2BAN.
I once set up a honeypot running FAILTOBAN and services on normal ports on my network. I forwarded the block addresses to my gateway, thus adding protection to my entire network.
I linked in whois to get a report on the source subnets, compiled the result by country, and created a web page with a running graph of what parts of what countries were trying how hard to break in today. Overkill, but the it sure made for some fun reading.
I was so impressed with the behavior of failtoban that I installed it on the most at-risk data servers at work. We never had a successful breach.
Thank you for all the responses. I did confirm that the frequent freezes were due to attacks on my server from repeated attempts to login. Once I switched ports, everything was fine. I need to look into how to secure using fail2ban.
Thank you for all the responses. I did confirm that the frequent freezes were due to attacks on my server from repeated attempts to login. Once I switched ports, everything was fine. I need to look into how to secure using fail2ban.
In addition to fail2ban, there is also sshguard. Look at both and then decide which has the features you are looking for.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.