From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JYNEQ-0003sZ-DH for garchives@archives.gentoo.org; Sun, 09 Mar 2008 15:14:34 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 12DAEE050D; Sun, 9 Mar 2008 15:14:33 +0000 (UTC) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.152]) by pigeon.gentoo.org (Postfix) with ESMTP id 9B32EE050D for ; Sun, 9 Mar 2008 15:14:32 +0000 (UTC) Received: by fg-out-1718.google.com with SMTP id e21so1976742fga.14 for ; Sun, 09 Mar 2008 08:14:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:reply-to:to:subject:date:user-agent:references:in-reply-to:mime-version:content-type:content-transfer-encoding:message-id; bh=LpgoU2WSe6eR/gevwG8Cl4deeLy+mjELfebOZhGKyBg=; b=mSU6TX1L4UV+4UazIYX3l8oAkgGhk4MDU1PlrgGyQzZ0wUrcfnZN8x1/RzirYjVGkON9NwJD6qBp6GJB0w3rohfexeZGDqwHoa4QgWIOXuxwJwPWJKsVh3va/bjj+r1cyOOpsssAWwjW7ME4tSMolu9W4purGVynYyd/J+SvQI0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:reply-to:to:subject:date:user-agent:references:in-reply-to:mime-version:content-type:content-transfer-encoding:message-id; b=H7xrKff9BIl3sZ51jvIHB4/x/lT+RCZqSY7zgVjXZJPYgf05HQpwrBnO9S1dUZZwRQGRErU9yc37SCSFAr/zzlGr2isDAdBoXMYJEYH7TTdtsjC7BpSxtFpuJ0RNAxDGf4pN6+A9dp3IJdDJBgx4oQ0qm18pHADd3pm4AkFXqG8= Received: by 10.86.89.4 with SMTP id m4mr4948565fgb.45.1205075671569; Sun, 09 Mar 2008 08:14:31 -0700 (PDT) Received: from lappy.study ( [212.159.46.48]) by mx.google.com with ESMTPS id j12sm11656748fkf.6.2008.03.09.08.14.29 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 09 Mar 2008 08:14:30 -0700 (PDT) From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Bizarre SSH connection reset Date: Sun, 9 Mar 2008 15:12:14 +0000 User-Agent: KMail/1.9.7 References: <20080309080351.6kdf31qb4s08gggw@webmail.collinstarkweather.com> In-Reply-To: <20080309080351.6kdf31qb4s08gggw@webmail.collinstarkweather.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3021720.z4ba9Gpma5"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200803091512.32474.michaelkintzios@gmail.com> X-Archives-Salt: 9accf2a2-f159-494b-9287-0919d0d8f83a X-Archives-Hash: 706bfcb288bfd2a1920d0cba838dae10 --nextPart3021720.z4ba9Gpma5 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 09 March 2008, Collin Starkweather wrote: > To preface the question, I should mention that I'm currently residing > in China, so communication with the networking guys on this end is a > bit difficult because the communication algorithm typically begins, > "Step 1: Learn Chinese." I would argue that your Chinese domain is blacklisted due to exhaustive num= ber=20 of owned MSWindows boxen and botnets that ping the rest of us without=20 respite, from China. I really wish their step 1 was "learn how to protect= =20 your PC, even if it runs an illegitimate Mickey Mouse OS". > I am having difficulties with getting bumped out of an SSH connection > from a server in the U.S. with "Connection reset by peer" maybe 5-10 > seconds after logging in. > > It *only* occurs in my apartment; i.e., when I go to a local wifi > hotspot, I have no difficulties whatsoever. So I don't think it's > coming from my end, and I don't think it's coming from the server I'm > logging in to. > > Some details: > > 1) To ensure that I'm not having problems with keepalives, I > configured SSHD on the other end very liberally (with some > impressively fast typing, if I do say so myself). In sshd_config, I > have > > TCPKeepAlive no > ClientAliveInterval 15 > ClientAliveCountMax 12 Why don't you leave keepalive On? I would switch that flag to yes and perh= aps=20 increase the Interval to 60 seconds or more? > 2) I then set ethereal running. Just as I got bumped, it indicated > > Source Destination Protocol Info > (the server) (my laptop) TCP 22 > 1259 [RST, ACK] Seq=3D5357 > Ack=3D4037 Win=3D63856 Len=3D0 The packet flag [RST, ACK] indicates that the port is closed. > I'm not a networking guy, but I think that means a reset packet is > being sent, ostensibly from the server. Yep, to indicate that the port has closed. > 3) When I get bumped, ssh -vvv gives the following > > debug1: channel 0: free: client-session, nchannels 1 > debug3: channel 0: status: The following connections are open: > #0 client-session (t4 r0 i0/0 o0/0 fd 4/5 cfd -1) > debug3: channel 0: close_fds r 4 w 5 e 6 c -1 > Read from remote host www.bogusdomain.com: Connection reset by peer > Connection to www.bogusdomain.com closed. > debug1: Transferred: stdin 0, stdout 0, stderr 126 bytes in 17.1 secon= ds > debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 7.4 > debug1: Exit status -1 The server closes the connection. > If the reset is not coming from the server or the client (I don't have > any problems when I'm at a hotspot), where could it be coming from? Are you using the same NIC on the laptop? If yes, then the issue could be= =20 related to your router configuration., but my money is on your keepalive=20 settings. See if my suggestions above help. =2D-=20 Regards, Mick --nextPart3021720.z4ba9Gpma5 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQBH0/5g5Fp0QerLYPcRAuaZAJ9qjfVAGrLvp2NeO+QIHhZpkdmz1ACguYKb hU3g9WpdhNpvPmCuPly8mbE= =7mIB -----END PGP SIGNATURE----- --nextPart3021720.z4ba9Gpma5-- -- gentoo-user@lists.gentoo.org mailing list