On 27 January 2011 08:02, Christian Robottom Reis kiko@linaro.org wrote:
On Wed, Jan 26, 2011 at 09:02:02AM +0100, Mattias Backman wrote:
:~> ssh -v 91.189.90.11 OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /home/ebacmat/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 91.189.90.11 [91.189.90.11] port 22. debug1: connect to address 91.189.90.11 port 22: Connection timed out ssh: connect to host 91.189.90.11 port 22: Connection timed out
:~> ssh -v bazaar.launchpad.net OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /home/ebacmat/.ssh/config debug1: Applying options for *.launchpad.net debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Executing proxy command: exec corkscrew proxy.mydomain.com 8080 bazaar.launchpad.net 22 ~/.auth debug1: permanently_drop_suid: 71419 debug1: identity file /home/ebacmat/.ssh/identity type -1 debug1: identity file /home/ebacmat/.ssh/id_rsa type -1 debug1: identity file /home/ebacmat/.ssh/id_dsa type -1 ssh_exchange_identification: Connection closed by remote host
One thing that I don't quite understand: why did you actually manage to connect in the second session? It points to a configuration problem.. but maybe this paste just isn't accurate.
Just tried to mask some network internals, but perhaps that's silly. Here's what it looks like with strace: steludxu1184:~> strace -f -econnect ssh -v bazaar.launchpad.net connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /home/ebacmat/.ssh/config debug1: Applying options for *.launchpad.net debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) debug1: Executing proxy command: exec corkscrew lps1.lud.stericsson.com 8080 bazaar.launchpad.net 22 ~/.auth Process 3250 attached debug1: permanently_drop_suid: 71419 Process 3251 attached Process 3251 detached [pid 3250] --- SIGCHLD (Child exited) @ 0 (0) --- [pid 3250] connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) [pid 3250] connect(4, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory) [pid 3250] connect(4, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("10.211.0.100")}, 16) = 0 [pid 3250] connect(3, {sa_family=AF_INET, sin_port=htons(8080), sin_addr=inet_addr("10.211.0.9")}, 16debug1: identity file /home/ebacmat/.ssh/identity type -1 ) = 0 debug1: identity file /home/ebacmat/.ssh/id_rsa type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: identity file /home/ebacmat/.ssh/id_dsa type -1 Process 3250 detached --- SIGCHLD (Child exited) @ 0 (0) --- ssh_exchange_identification: Connection closed by remote host
Something hangs forever just after the connect to the proxy (10.211.0.9) until the session returns and I get the error. The same happens to a server which responds to port 21, a long wait but then I get the ssh login prompt.
I added the entire subnet which didn't help. The strace did tell me that nothing happens after the call to the proxy. After quite a few different attempts, I have tried to connect to a different server which I happen to know has ssh servers on nearly every port. The corkscrew solution works if I try to ssh to port 21 or 80, it does not work for 22 or anything else. Seems that our proxy will only let traffic out if it's bound for ftp or http ports.
What division do you work within, and who is your manager? If you mail me privately, I'm happy to take this up and get this sorted for you.
Thank you very much. I'll send you an email right away.
-- Christian Robottom Reis | [+55] 16 9112 6430 | http://launchpad.net/~kiko Linaro Engineering VP | [ +1] 612 216 4935 | http://async.com.br/~kiko