sshd also dies when certain other kinds of traffic is generated, such as `man pw' using the most pager[1], and many x11 apps such as emacs. However, it is stable when running simple x11 apps such as xeyes, and the link its self is stable -- a terminal will stay connected without issue for days, as long as not much happens in it. Also a sshfs connection dies immediately. ssh -Y karren gkrellm & *sshd dies* Cutting to the chase, the log message which seems the most important is: Aug 23 14:45:11 karen sshd[62451]: fatal: Fssh_packet_write_poll: Connection from 174.77.777.77 port 57670: Permission denied However, even if I put both machines outside their respective firewalls, opening all ports, the message is still the same. It sounds like something internal to the server is denying access to the high port it wants, but other high port services work ok: irc & mosh. And yeah, mosh works atop of ssh, but it doesn't do everything I need, and it scrambles keycodes going to emacs. Even more confusing, these two machines work fine when they're both on the same LAN, so it seems like it must be something with the uplink to the Internet. I also suspect the server's uplink as the behavior was the same when I took the client to our local university. `sshd -ddd' doesn't add any further insights for me, only lots of PAM diagnostics: debug1: Setting controlling tty using TIOCSCTTY. Fssh_packet_write_poll: Connection from 174.52.251.44 port 32812: Permission denied debug1: do_cleanup debug3: PAM: sshpam_thread_cleanup entering debug3: mm_request_receive entering debug1: do_cleanup debug1: PAM: cleanup debug1: PAM: closing session debug1: PAM: deleting credentials debug3: PAM: sshpam_thread_cleanup entering debug1: session_pty_cleanup: session 0 release /dev/pts/23 Feedback on one of the FreeBSD forums suggested that the MTU on the routers might be less than what the machines was using, and that excessive fragmentation might be causing the connection to die. The router MTUs were 1492, and the system MTUs were 1500. Unfortunately, reducing the systems' MTUs to 1400 did not affect the problem but at least I have less fragmentation now. I've tried every config option and commandline switch that looked even remotely related, but nothing has affected it. -ddd -vvv -E -D and all sorts of keepalives. Of course, I'm hoping that someone is going to point at one that I missed and magically make it work. I've used ssh for many years and never had a problem like this before. The Server ---------- $ uname -a FreeBSD karren.example.com 11.0-RELEASE-p9 FreeBSD 11.0-RELEASE-p9 #0: Tue Apr 11 08:48:40 UTC 2017 root@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx:/usr/obj/usr/src/sys/GENERIC amd64 $ sshd -v OpenSSH_7.2p2, OpenSSL 1.0.2k-freebsd 26 Jan 2017 The ISDN-TA is a CenturyLink ZyXEL PK5001Z The Client ---------- $ uname -a Linux piglet 4.10.0-32-generic #36~16.04.1-Ubuntu SMP Wed Aug 9 09:19:02 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ ssh -V OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g 1 Mar 2016 The Cable Modem is a ARRIS TG1682 Even after writing all this I'm not sure what makes sense to try next. I could upgrade the binaries, but these are the standard shipping ones on the distros; and no one else seems to be having this problem. This thing has really crimped my style for the last week of head banging against it. Please can someone help? [1] The failure with `man pw' and the more pager is quasi intermittent. Sometime the link dies before the first screen full is rendered. Other times you can page up and down a bit before it croaks. The `man pw' page is stable using the less pager. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev