I am trying to run ssh to a server continuously and quickly. Out of
about 10-12 times of good run or result, once the client gets stuck.
It does not connect. This we are observing after upgrading both the
server and client to OpenSSL 9.6p1.
We are running this cmd on the client side:
ssh -vvv -p 1022 -o UserKnownHostsFile=/dev/null -o
GSSAPIAuthentication=no -o StrictHostKeyChecking=no -o
ConnectTimeout=60 -o PubkeyAuthentication=yes -o
PreferredAuthentications=publickey -o ServerAliveInterval=60 -i
/root/id_rsa root@10.0.0.2 "/usr/sbin/dmidecode -s
system-product-name"
On the client side (working):
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug2: resolve_canonicalize: hostname 10.0.0.6 is address
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to 10.0.0.6 [10.0.0.6] port 1022.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug2: fd 3 setting O_NONBLOCK
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.
debug3: timeout: 60000 ms remain after connect
Client side non0-working:
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug2: resolve_canonicalize: hostname 10.0.0.6 is address
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to 10.0.0.6 [10.0.0.6] port 1022.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug2: fd 3 setting O_NONBLOCK <----------- hangs here
debug1: connect to address 10.0.0.6 port 1022: Connection timed out
ssh: connect to host 10.0.0.6 port 1022: Connection timed out
Netstat output shows client is stuck after receiving the syn-ack. It
remains in SYN_RECV status.
//client
root@node2:~# netstat -ant | grep 1022
tcp 0 0 10.0.0.6:1022 10.0.0.5:52836 SYN_RECV
//server
root@node1:~# netstat -ant | grep 1022
tcp 0 0 10.0.0.5:1022 0.0.0.0:* LISTEN
tcp 0 0 10.0.0.5:39668 10.0.0.6:1022 TIME_WAIT
tcp 0 1 10.0.0.5:52836 10.0.0.6:1022 SYN_SENT
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
about 10-12 times of good run or result, once the client gets stuck.
It does not connect. This we are observing after upgrading both the
server and client to OpenSSL 9.6p1.
We are running this cmd on the client side:
ssh -vvv -p 1022 -o UserKnownHostsFile=/dev/null -o
GSSAPIAuthentication=no -o StrictHostKeyChecking=no -o
ConnectTimeout=60 -o PubkeyAuthentication=yes -o
PreferredAuthentications=publickey -o ServerAliveInterval=60 -i
/root/id_rsa root@10.0.0.2 "/usr/sbin/dmidecode -s
system-product-name"
On the client side (working):
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug2: resolve_canonicalize: hostname 10.0.0.6 is address
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to 10.0.0.6 [10.0.0.6] port 1022.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug2: fd 3 setting O_NONBLOCK
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.
debug3: timeout: 60000 ms remain after connect
Client side non0-working:
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug2: resolve_canonicalize: hostname 10.0.0.6 is address
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to 10.0.0.6 [10.0.0.6] port 1022.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug2: fd 3 setting O_NONBLOCK <----------- hangs here
debug1: connect to address 10.0.0.6 port 1022: Connection timed out
ssh: connect to host 10.0.0.6 port 1022: Connection timed out
Netstat output shows client is stuck after receiving the syn-ack. It
remains in SYN_RECV status.
//client
root@node2:~# netstat -ant | grep 1022
tcp 0 0 10.0.0.6:1022 10.0.0.5:52836 SYN_RECV
//server
root@node1:~# netstat -ant | grep 1022
tcp 0 0 10.0.0.5:1022 0.0.0.0:* LISTEN
tcp 0 0 10.0.0.5:39668 10.0.0.6:1022 TIME_WAIT
tcp 0 1 10.0.0.5:52836 10.0.0.6:1022 SYN_SENT
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev