On 02/09/2015 06:09 PM, mathew wrote: > Trying to connect from Fedora 21 to CentOS 6.6, OpenSSH on both ends. > Connection is via a VPN. > > Initially the connection seems good, but OpenSSH stalls at > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP. > > Software version on servers: > openssh-server-5.3p1-104.el6_6.1.x86_64 > openssh-5.3p1-104.el6_6.1.x86_64 > > Software version on client: > openssh-6.6.1p1-11.1.fc21.x86_64 > also duplicated problem using local build of openssh-6.7p1.tar.gz > > Connections to other CentOS 6 servers with identical SSH versions and > configurations are successful. (Configs are managed by Puppet so I'm > confident they really are identical, and I rebooted the server before the > test below.) > > Connections to the problem server using Windows PuTTY SSH are successful! > (Using a Windows VM running on the same Fedora 21 client machine, inside > VirtualBox.) > > VPN MTU is 1400. Ping check for packet size: > % ping -M do -s 1372 10.77.16.71 > PING 10.77.16.71 (10.77.16.71) 1372(1400) bytes of data. > 1380 bytes from 10.77.16.71: icmp_seq=1 ttl=61 time=69.4 ms > Server MTU is 1500, and I've confirmed that 1472-byte packets ping > successfully from other servers to the problem server. It seems to be the same problem as described and discussed in this [1] thread. MTU 1400 is not enough for packet sent by openssh-6.6.1p1-11.1.fc21 with default settings. The size of one of initial packets could be even 1968. Your VPN probably makes a fragmentation but doesn't do the correct defragmentation. As a workaround you can set shorter lists of MACs used by your client, eg: $ ssh -m hmac-sha1 ... [1] https://lists.mindrot.org/pipermail/openssh-unix-dev/2013-November/031775.html > > Here's a transcript using ssh -vvv and a build of OpenSSH from > openssh-6.7p1 sources: > > % ./ssh -vvv docs.rtp.tecnet > OpenSSH_6.7p1, OpenSSL 1.0.1k-fips 8 Jan 2015 > debug1: Reading configuration data /home/meta/.ssh/config > /home/meta/.ssh/config line 1: Unsupported option "gssapiauthentication" > debug2: ssh_connect: needpriv 0 > debug1: Connecting to docs.rtp.tecnet [10.77.16.71] port 22. > debug1: Connection established. > debug1: identity file /home/meta/.ssh/id_rsa type 1 > debug1: key_load_public: No such file or directory > debug1: identity file /home/meta/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /home/meta/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /home/meta/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /home/meta/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /home/meta/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /home/meta/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /home/meta/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_6.7 > debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 > debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000 > debug2: fd 3 setting O_NONBLOCK > debug3: load_hostkeys: loading entries for host "docs.rtp.tecnet" from file > "/home/meta/.ssh/known_hosts" > debug3: load_hostkeys: loaded 0 keys > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug2: kex_parse_kexinit: curve25519-sha256@xxxxxxxxxx > ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 > debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx, > ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx, > ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx,ssh-ed25519-cert-v01@xxxxxxxxxxx, > ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-dss-cert-v01@xxxxxxxxxxx, > ssh-rsa-cert-v00@xxxxxxxxxxx,ssh-dss-cert-v00@xxxxxxxxxxx > ,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss > debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr, > aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,chacha20-poly1305@xxxxxxxxxxx > ,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, > rijndael-cbc@xxxxxxxxxxxxxx > debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr, > aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,chacha20-poly1305@xxxxxxxxxxx > ,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, > rijndael-cbc@xxxxxxxxxxxxxx > debug2: kex_parse_kexinit: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx, > hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx, > hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx > ,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@xxxxxxxxxxx, > hmac-ripemd160-etm@xxxxxxxxxxx,hmac-sha1-96-etm@xxxxxxxxxxx, > hmac-md5-96-etm@xxxxxxxxxxx,hmac-md5,hmac-ripemd160, > hmac-ripemd160@xxxxxxxxxxx,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx, > hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx, > hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx > ,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@xxxxxxxxxxx, > hmac-ripemd160-etm@xxxxxxxxxxx,hmac-sha1-96-etm@xxxxxxxxxxx, > hmac-md5-96-etm@xxxxxxxxxxx,hmac-md5,hmac-ripemd160, > hmac-ripemd160@xxxxxxxxxxx,hmac-sha1-96,hmac-md5-96 > debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx,zlib > debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx,zlib > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: first_kex_follows 0 > debug2: kex_parse_kexinit: reserved 0 > debug2: kex_parse_kexinit: > diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss > debug2: kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour > debug2: kex_parse_kexinit: > aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,arcfour > debug2: kex_parse_kexinit: hmac-sha1,hmac-ripemd160 > debug2: kex_parse_kexinit: hmac-sha1,hmac-ripemd160 > debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx > debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: > debug2: kex_parse_kexinit: first_kex_follows 0 > debug2: kex_parse_kexinit: reserved 0 > debug2: mac_setup: setup hmac-sha1 > debug1: kex: server->client aes128-ctr hmac-sha1 none > debug2: mac_setup: setup hmac-sha1 > debug1: kex: client->server aes128-ctr hmac-sha1 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<7680<8192) sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > [hangs] > > Here's the config output from building OpenSSH as used above: > > OpenSSH has been configured with the following options: > User binaries: /usr/local/bin > System binaries: /usr/local/sbin > Configuration files: /usr/local/etc > Askpass program: /usr/local/libexec/ssh-askpass > Manual pages: /usr/local/share/man/manX > PID file: /var/run > Privilege separation chroot path: /var/empty > sshd default user PATH: > /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin > Manpage format: doc > PAM support: no > OSF SIA support: no > KerberosV support: no > SELinux support: no > Smartcard support: > S/KEY support: no > MD5 password support: no > libedit support: no > Solaris process contract support: no > Solaris project support: no > IP address in $DISPLAY hack: no > Translate v4 in v6 hack: yes > BSD Auth support: no > Random number source: OpenSSL internal ONLY > Privsep sandbox style: seccomp_filter > > Host: x86_64-unknown-linux-gnu > Compiler: gcc > Compiler flags: -g -O2 -Wall -Wpointer-arith -Wuninitialized > -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess > -Wno-pointer-sign -Wno-unused-result -fno-strict-aliasing > -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -fstack-protector-strong > -fPIE > Preprocessor flags: > Linker flags: -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack > -fstack-protector-strong -pie > Libraries: -lcrypto -ldl -lutil -lz -lnsl -lcrypt -lresolv > > So... Any ideas what I can try next to track down the source of the problem? > > > mathew > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > -- Petr Lautrbach _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev