run tcpdump on your server when you do the outside connect. you can tcpdump -i eth0 -n |grep 209.122.208.175 do you don't get a tonne of crap. You may have to change eth0 to what is appropriate. also see if you have any iptables odd rules, or any odd routing.
-tl On Thu, Feb 12, 2015 at 11:22 PM, Dev Guy <[email protected]> wrote: > Hi All, > > I am having a real nagging problem with ssh. I setup dynamic dns so I > could I connect to my box from outside. > > My basic setup is a router connected to a cable modem. > I've opened the firewall port 22 tcp/udp on my router. > > However he is the problem I am having. > > I can ssh into my box from inside my LAN like, ssh 192.168.0.100, works > fine! > > However when I try to ssh using my dynamic dns (or the external IP), ssh > will hang and never return. > > 1) I've tried running my sshd in debug mode and here is the output > =====(SERVER SIDE)===== > > debug1: sshd version OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 > debug1: key_parse_private2: missing begin marker > debug1: read PEM private key done: type RSA > debug1: private host key: #0 type 1 RSA > debug1: key_parse_private2: missing begin marker > debug1: read PEM private key done: type DSA > debug1: private host key: #1 type 2 DSA > debug1: key_parse_private2: missing begin marker > debug1: read PEM private key done: type ECDSA > debug1: private host key: #2 type 3 ECDSA > debug1: private host key: #3 type 4 ED25519 > debug1: rexec_argv[0]='/usr/sbin/sshd' > debug1: rexec_argv[1]='-d' > Set /proc/self/oom_score_adj from 0 to -1000 > debug1: Bind to port 22 on 0.0.0.0. > Server listening on 0.0.0.0 port 22. > debug1: Bind to port 22 on ::. > Server listening on :: port 22. > debug1: Server will not fork when running in debugging mode. > debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 > debug1: inetd sockets after dupping: 3, 3 > Connection from 192.168.0.1 port 48996 on 192.168.0.100 port 22 > > > 2) Here is the ssh verbose output > =====(CLIENT SIDE)===== > > OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: ssh_connect: needpriv 0 > debug1: Connecting to yadav.duckdns.org [209.122.208.175] port 22. > debug1: Connection established. > debug3: Incorrect RSA1 identifier > debug3: Could not load "/home/yadav/.ssh/id_rsa" as a RSA1 public key > debug1: identity file /home/yadav/.ssh/id_rsa type 1 > debug1: identity file /home/yadav/.ssh/id_rsa-cert type -1 > debug1: identity file /home/yadav/.ssh/id_dsa type -1 > debug1: identity file /home/yadav/.ssh/id_dsa-cert type -1 > debug1: identity file /home/yadav/.ssh/id_ecdsa type -1 > debug1: identity file /home/yadav/.ssh/id_ecdsa-cert type -1 > debug1: identity file /home/yadav/.ssh/id_ed25519 type -1 > debug1: identity file /home/yadav/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-8 > > As you can see from the server output the connection gets established, but > then the hang happens and I can't figure out what's going on? > > Someone suggested that sshd might be trying to do a reverse lookup and to > add, > > 'UseDNS no' > > to /etc/ssh/sshd_config and restarting the daemon. This didn't work! > > Any ideas? I can't seem to find anything for my particular problem on the > Internet. > > --- > Talk Mailing List > [email protected] > http://gtalug.org/mailman/listinfo/talk > >
--- Talk Mailing List [email protected] http://gtalug.org/mailman/listinfo/talk
