John Mills writes: > First, are you coming into your LAN from outside, or going outwards?
Either ways. > If it's an outgoing-connection problem, I would look into the > firewall setting of the FBSD box. Maybe you set didn't set it up to > pass the ports for outgoing telnet and ssh, or maybe you shut off > the replies on those same ports. Not as far as I know. I personally took care of the installation. *Intra*net traffic works seamlessly, between the two FreeBSD boxes, though. > Try plugging the WindowBox into another of the router's ports, then > use PuTTY to telnet and ssh into your FBSD box (using it's LAN > address, naturally). If that works, the problem is definitely the > router, but possibly a setup issue. Especially since telnet is > also involved. (Many people disable incoming telnet, for security > reasons.) I haven't tried PuTTY internally (from Windoze to FreeBSD). I won't be able to do that test during the weekend as I'm currently about 500 miles away from that LAN. I'll keep you posted, though. > When you have intra-LAN access working, look into port forwarding in the > router's setup: you want incoming traffic from the ports used by ssh and > (if you enable it) telnet to be sent to the LAN address of your FBSD box. Did it. If I didn't, I suppose ssh wouldn't go that far in the login process. As suggested by Konrad Heuer I gathered further data with -v options of ssh and tcpdump. As suggested by Vladimir Terziev i ran ssh using protocol 1 only and disabling X11 forwarding. Here is the command line: ssh -vvv -x -1 -4 that.bloody.address from my machine at home to the dynamic IP address of that router which is configured to forward port 22 to the FreeBSD box. Here is the log: OpenSSH_3.6.1p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL 0x0090703f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted. debug2: ssh_connect: needpriv 0 debug1: Connecting to that.bloody.address [xxx.xxx.xxx.xxx] port 22. debug1: Connection established. debug1: identity file /usr/home/wcp/.ssh/identity type 0 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p1 FreeBSD-20030924 debug1: match: OpenSSH_3.6.1p1 FreeBSD-20030924 pat OpenSSH* debug1: Local version string SSH-1.5-OpenSSH_3.6.1p1 FreeBSD-20030924 debug1: Waiting for server public key. debug1: Received server public key (768 bits) and host key (1024 bits). debug3: check_host_in_hostfile: filename /usr/home/wcp/.ssh/known_hosts2 debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2 debug3: check_host_in_hostfile: filename /usr/home/wcp/.ssh/known_hosts debug3: check_host_in_hostfile: match line 31 debug1: Host 'that.bloody.address' is known and matches the RSA1 host key. debug1: Found key in /usr/home/wcp/.ssh/known_hosts:31 debug1: Encryption type: 3des debug1: Sent encrypted session key. debug2: cipher_init: set keylen (16 -> 32) debug2: cipher_init: set keylen (16 -> 32) debug1: Installing crc compensation attack detector. debug1: Received encrypted confirmation. debug1: Trying RSA authentication with key '/usr/home/wcp/.ssh/identity' debug1: Server refused our key. debug1: Doing challenge response authentication. Password: Response: [I just type return] debug1: Doing password authentication. [EMAIL PROTECTED]'s password: [I type the password] debug1: Requesting pty. debug3: tty_make_modes: ospeed 38400 debug3: tty_make_modes: ispeed 38400 debug3: tty_make_modes: 1 3 debug3: tty_make_modes: 2 28 debug3: tty_make_modes: 3 127 debug3: tty_make_modes: 4 21 debug3: tty_make_modes: 5 4 debug3: tty_make_modes: 6 255 debug3: tty_make_modes: 7 255 debug3: tty_make_modes: 8 17 debug3: tty_make_modes: 9 19 debug3: tty_make_modes: 10 26 debug3: tty_make_modes: 11 25 debug3: tty_make_modes: 12 18 debug3: tty_make_modes: 13 23 debug3: tty_make_modes: 14 22 debug3: tty_make_modes: 17 8 debug3: tty_make_modes: 18 15 debug3: tty_make_modes: 30 1 debug3: tty_make_modes: 31 0 debug3: tty_make_modes: 32 0 debug3: tty_make_modes: 33 0 debug3: tty_make_modes: 34 0 debug3: tty_make_modes: 35 0 debug3: tty_make_modes: 36 1 debug3: tty_make_modes: 38 1 debug3: tty_make_modes: 39 0 debug3: tty_make_modes: 40 0 debug3: tty_make_modes: 41 1 debug3: tty_make_modes: 50 1 debug3: tty_make_modes: 51 1 debug3: tty_make_modes: 53 1 debug3: tty_make_modes: 54 1 debug3: tty_make_modes: 55 1 debug3: tty_make_modes: 56 0 debug3: tty_make_modes: 57 0 debug3: tty_make_modes: 58 0 debug3: tty_make_modes: 59 1 debug3: tty_make_modes: 60 1 debug3: tty_make_modes: 61 1 debug3: tty_make_modes: 62 1 debug3: tty_make_modes: 70 1 debug3: tty_make_modes: 72 1 debug3: tty_make_modes: 73 0 debug3: tty_make_modes: 74 0 debug3: tty_make_modes: 75 0 debug3: tty_make_modes: 90 1 debug3: tty_make_modes: 91 1 debug3: tty_make_modes: 92 0 debug3: tty_make_modes: 93 0 debug2: fd 3 setting TCP_NODELAY debug1: Requesting shell. debug1: Entering interactive session. [Hung. No input or output and no way to kill the process with a simple ^C, but if a type something this blinks my modem Tx led.] Killed by signal 15. [I gave up and killed the process from another tty. ] debug1: Calling cleanup 0x804c7a4(0x0) Looks to me that all the handshaking has been carried as expected, but once the interactive session is established the traffic doesn't get through. The output of tcpdump -vv of that session (which I'm not able to decipher) has been: 23:52:20.510104 hyde.home.loc.50315 > daemon.home.loc.domain: [udp sum ok] 48558+ A? that.bloody.address. (33) (ttl 64, id 3105, len 61) 23:52:20.825634 daemon.home.loc.domain > hyde.home.loc.50315: 48558 q: A? that.bloody.address. 1/3/3 that.bloody.address.[|domain] (ttl 64, id 24735, len 194) 23:52:20.826508 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: S [tcp sum ok] 439582340:439582340(0) win 65535 <mss 1460,nop,wscale 1,nop,nop,timestamp 4957982 0> (DF) (ttl 64, id 3106, len 60) 23:52:21.054747 adsl-ull-76-182.42-151.net24.it.ssh > hyde.home.loc.49531: S [tcp sum ok] 4223415736:4223415736(0) ack 439582341 win 65535 <mss 1414,nop,wscale 1,nop,nop,timestamp 4028649 4957982> (DF) (ttl 54, id 884, len 60) 23:52:21.054919 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: . [tcp sum ok] 1:1(0) ack 1 win 32947 <nop,nop,timestamp 4958005 4028649> (DF) (ttl 64, id 3107, len 52) 23:52:21.234712 adsl-ull-76-182.42-151.net24.it.ssh > hyde.home.loc.49531: P 1:43(42) ack 1 win 32947 <nop,nop,timestamp 4028665 4958005> (DF) (ttl 54, id 885, len 94) 23:52:21.235617 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P 1:42(41) ack 43 win 32947 <nop,nop,timestamp 4958023 4028665> (DF) (ttl 64, id 3108, len 93) 23:52:21.449716 hyde.home.loc.50316 > daemon.home.loc.domain: [udp sum ok] 41402+ PTR? 1.0.0.10.in-addr.arpa. (39) (ttl 64, id 3109, len 67) 23:52:21.450467 daemon.home.loc.domain > hyde.home.loc.50316: 41402* q: PTR? 1.0.0.10.in-addr.arpa. 1/1/0 1.0.0.10.in-addr.arpa. PTR[|domain] (ttl 64, id 24736, len 114) 23:52:21.451106 hyde.home.loc.50317 > daemon.home.loc.domain: [udp sum ok] 41403+ PTR? 2.0.0.10.in-addr.arpa. (39) (ttl 64, id 3110, len 67) 23:52:21.451736 daemon.home.loc.domain > hyde.home.loc.50317: 41403* q: PTR? 2.0.0.10.in-addr.arpa. 1/1/0 2.0.0.10.in-addr.arpa. PTR[|domain] (ttl 64, id 24737, len 112) 23:52:21.452417 hyde.home.loc.50318 > daemon.home.loc.domain: [udp sum ok] 41404+ PTR? 76.182.42.151.in-addr.arpa. (44) (ttl 64, id 3111, len 72) 23:52:21.455887 daemon.home.loc.domain > hyde.home.loc.50318: 41404 q: PTR? 76.182.42.151.in-addr.arpa. 1/13/13 76.182.42.151.in-addr.arpa.[|domain] (ttl 64, id 24740, len 536) 23:52:21.515011 adsl-ull-76-182.42-151.net24.it.ssh > hyde.home.loc.49531: P 43:319(276) ack 42 win 32947 <nop,nop,timestamp 4028686 4958023> (DF) (ttl 54, id 886, len 328) 23:52:21.521659 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P 42:198(156) ack 319 win 32947 <nop,nop,timestamp 4958052 4028686> (DF) (ttl 64, id 3112, len 208) 23:52:21.784724 adsl-ull-76-182.42-151.net24.it.ssh > hyde.home.loc.49531: P [tcp sum ok] 319:331(12) ack 198 win 32947 <nop,nop,timestamp 4028723 4958052> (DF) (ttl 54, id 887, len 64) 23:52:21.785512 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P [tcp sum ok] 198:218(20) ack 331 win 32947 <nop,nop,timestamp 4958078 4028723> (DF) (ttl 64, id 3113, len 72) 23:52:21.974680 adsl-ull-76-182.42-151.net24.it.ssh > hyde.home.loc.49531: P [tcp sum ok] 331:343(12) ack 218 win 32947 <nop,nop,timestamp 4028741 4958078> (DF) (ttl 54, id 889, len 64) 23:52:21.975378 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P 218:358(140) ack 343 win 32947 <nop,nop,timestamp 4958097 4028741> (DF) (ttl 64, id 3114, len 192) 23:52:22.184705 adsl-ull-76-182.42-151.net24.it.ssh > hyde.home.loc.49531: P [tcp sum ok] 343:355(12) ack 358 win 32947 <nop,nop,timestamp 4028762 4958097> (DF) (ttl 54, id 890, len 64) 23:52:22.185295 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P [tcp sum ok] 358:370(12) ack 355 win 32947 <nop,nop,timestamp 4958118 4028762> (DF) (ttl 64, id 3115, len 64) 23:52:22.374759 adsl-ull-76-182.42-151.net24.it.ssh > hyde.home.loc.49531: P [tcp sum ok] 355:383(28) ack 370 win 32947 <nop,nop,timestamp 4028780 4958118> (DF) (ttl 54, id 891, len 80) 23:52:22.467999 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: . [tcp sum ok] 370:370(0) ack 383 win 32947 <nop,nop,timestamp 4958147 4028780> (DF) (ttl 64, id 3116, len 52) 23:52:27.963242 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P 370:422(52) ack 383 win 32947 <nop,nop,timestamp 4958696 4028780> (DF) (ttl 64, id 3117, len 104) 23:52:28.144856 adsl-ull-76-182.42-151.net24.it.ssh > hyde.home.loc.49531: P [tcp sum ok] 383:395(12) ack 422 win 32947 <nop,nop,timestamp 4029358 4958696> (DF) (ttl 54, id 892, len 64) 23:52:28.149515 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P 422:570(148) ack 395 win 32947 <nop,nop,timestamp 4958715 4029358> (DF) (ttl 64, id 3118, len 200) 23:52:28.374885 adsl-ull-76-182.42-151.net24.it.ssh > hyde.home.loc.49531: P [tcp sum ok] 395:407(12) ack 570 win 32947 <nop,nop,timestamp 4029382 4958715> (DF) (ttl 54, id 893, len 64) 23:52:28.375581 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P [tcp sum ok] 570:582(12) ack 407 win 32947 <nop,nop,timestamp 4958737 4029382> (DF) [tos 0x10] (ttl 64, id 3119, len 64) 23:52:28.958093 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P [tcp sum ok] 570:582(12) ack 407 win 32947 <nop,nop,timestamp 4958796 4029382> (DF) [tos 0x10] (ttl 64, id 3120, len 64) 23:52:29.938112 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P [tcp sum ok] 570:582(12) ack 407 win 32947 <nop,nop,timestamp 4958894 4029382> (DF) [tos 0x10] (ttl 64, id 3121, len 64) 23:52:31.698130 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P [tcp sum ok] 570:582(12) ack 407 win 32947 <nop,nop,timestamp 4959070 4029382> (DF) [tos 0x10] (ttl 64, id 3122, len 64) 23:52:35.018187 hyde.home.loc.49531 > adsl-ull-76-182.42-151.net24.it.ssh: P [tcp sum ok] 570:582(12) ack 407 win 32947 <nop,nop,timestamp 4959402 4029382> (DF) [tos 0x10] (ttl 64, id 3123, len 64) > Tschuess. Charming, but I'm not German. :-) Cheers, -- walter pelissero http://www.pelissero.de _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
