Hello ssh users, I would like to share my experience with openssh. I had problem connecting to any server from my home using ssh. However putty worked both under Windows and Linux. I've tried setting up netcat tunnel and connecting through it with ssh in following way, which worked. radim@targa ~ $netcat -Lserver.domain:22 -p10001 -vv (in other terminal) radim@targa ~ $ssh -lradim -vvv localhost -p10001 So it seemed there is some bug in openssh! Plain ssh connection like radim@targa ~ $ssh -lradim server.domain asked for password and after successfull authentication hanged up. With verbose option set, last three lines before hangup said debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 I've searched forums pretty thoroughly, but only thing I got were few other users (pretty desperate) trying to solve same problem with no reply. So we've done research with my friend using tcpdump both on server and client side. It came up, that either my ISP (I have ADSL connection, provider Telefonica O2, Czech Republic) in their DSLAM or my modem is blocking TCP packets with Type Of Service set to interactive (tos==16). OpenSSH sets tos interactive when it's going to give you new console. I got the problem fixed with following rule aded to linux firewall iptables -A OUTPUT -t mangle -p tcp --dport 22 -j TOS --set-tos 0x00 The connection works after this tweak. At this point I would like to thank my friend Tomas, who has greatly helped me resolving this problem. I wish that fruits of our research will help other users with same problem and that it will save their time and stress. I see that this may not be only reason for strange behavior described before. Best regards (and metta too) Radim
