Bug 114345

Summary: Cannot connect to ssh server from windows client
Product: [Fedora] Fedora Reporter: bednar <borkows>
Component: opensshAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED CURRENTRELEASE QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 1   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-02-02 20:42:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description bednar 2004-01-26 22:50:02 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031202

Description of problem:
Form windows ssh client (putty, window commander, etc) I cant't
connect to my Fedora Box. I turned on highest level of logging in
/etc/ssh/sshd_conf but in /var/log/secure.0.log there is no trace
after connecion. On the other hand I can connect to ssh server from
another linux box or from WinXP under vmware on the Fedora box. Then I
hade a lot of messages in secure.0.log. This is very strange and looks
like no packets are sent form windows computers to my Fedora box. I
tested it from various windows clients (98, ME, XP). I tested all
config options of putty, with no results. Tehere is no firewall on the
Fedora box. Iptables -L speaks there are no rules blocking anything.

Version-Release number of selected component (if applicable):
kernel 2.4.22-2149smp

How reproducible:
Always

Steps to Reproduce:
1. Run putty 
2. Try to connect to the Fedora linux ssh server.
3.
    

Actual Results:  None. Black, epmty window of putty.

Expected Results:  Requester asking If you accept new key/certificate
from remote machine, and after clicking YES normal commandline.

Additional info:

ASUS P4P800 motehrboard with 3Com 3C2000 (3C5xx) driver from Asus site
(compiled by myself form source against current kernel). Newest
motherboard bios.
I wonder if it is a security issue?!

Comment 1 Jef Spaleta 2004-01-29 15:07:41 UTC
Is this a problem...specific with putty?
I can connect from a win2k system using www.ssh.com's secure shell.
I've had other people test their putty clients..and so far noone has
confirmed your problem.

I'm going to close this as WORKSFORME, since it appears to be a
configuration issue on your end. 
*Please make sure you have the latest putty version
*Please check for basic networking issues, like being able to ping the
  FC1 box from the windows machines
*Please try another windows client besides putty and try to narrow
down the problem. 



Comment 2 Jef Spaleta 2004-01-29 15:09:31 UTC
oh sorry...you said window commander as well as putty...i missed that
the first time.

The bulk of my comment still holds though. But once you have tried
multiple ssh clients, possible network connectivity problems seem
more likely

Comment 3 bednar 2004-01-29 15:56:02 UTC
Hi! I've  done some test with ethereal sniffer. Here are the results,
they are very strange. At beginning I tell that same problem exists
with  following clients of ssh: putty, ssh secure shell from ssh.com,
total commander, as well as vnc clients: real vnc, tight vnc. The
problem seems to be at higher level than ssh or vnc. It is tcp or
something similar. Frind of my friend has also Fedora box and similar
problem: he can connect to ssh server on Fedora from Toschiba laptop
with Windows 2K PL but cannot connect from desktop with Windows 2K EN.
I've also tested connection from various machines (2x WinXP, 1x Win2K,
1x Win98). The results of sniffing:

Here are sniff session when I tried to connect from Windows do Fedora:
    No. Time        Source                Destination          
Protocol Info
     21 26.099826   WindowsXP       Fedora       TCP      1077 > ssh
[SYN] Seq=0 Ack=0 Win=64240 Len=0 MSS=1460
     22 26.099849   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
     32 30.297496   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
     44 36.297491   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
     58 48.297492   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
   1174 72.497491   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460

I can submit also full frames from this session decoded with ethereal.

Here are part of sniff session when I tried to connect from RedHat7.2
do Fedora:
    No. Time        Source                Destination          
Protocol Info
      2 0.435379    Fedora       RedHat       SSH      Encrypted
request packet len=48
      3 0.438067    RedHat       Fedora       SSH      Encrypted
response packet len=48
      4 0.438082    Fedora       RedHat       TCP      32821 > ssh
[ACK] Seq=48 Ack=48 Win=8832 Len=0 TSV=121764 TSER=380388807
      5 0.768222    RedHat       Fedora       TCP      4433 > ssh
[SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=380388840 TSER=0 WS=0
      6 0.768249    Fedora       RedHat       TCP      ssh > 4433
[SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1460 TSV=121797
TSER=380388840 WS=0
      7 0.768715    RedHat       Fedora       TCP      4433 > ssh
[ACK] Seq=1 Ack=1 Win=5840 Len=0 TSV=380388840 TSER=121797
      8 0.769302    Fedora       RedHat       SSHv2    Server
Protocol: SSH-1.99-OpenSSH_3.6.1p2
      9 0.769741    RedHat       Fedora       TCP      4433 > ssh
[ACK] Seq=1 Ack=26 Win=5840 Len=0 TSV=380388841 TSER=121797
     10 0.803007    RedHat       Fedora       SSHv2    Client
Protocol: SSH-2.0-OpenSSH_3.1p1
     11 0.803059    Fedora       RedHat       TCP      ssh > 4433
[ACK] Seq=26 Ack=23 Win=5792 Len=0 TSV=121800 TSER=380388844
     12 0.808696    RedHat       Fedora       SSHv2    Client: Key
Exchange Init
     13 0.808711    Fedora       RedHat       TCP      ssh > 4433
[ACK] Seq=26 Ack=503 Win=6432 Len=0 TSV=121801 TSER=380388844
     14 0.827153    Fedora       RedHat       SSHv2    Server: Key
Exchange Init
     15 0.829123    RedHat       Fedora       SSHv2    Client:
Diffie-Hellman GEX Request
     16 0.851150    Fedora       RedHat       SSHv2    Server:
Diffie-Hellman Key Exchange Reply
     17 0.889649    RedHat       Fedora       TCP      4433 > ssh
[ACK] Seq=527 Ack=994 Win=7616 Len=0 TSV=380388853 TSER=121805
     19 2.085660    RedHat       Fedora       SSHv2    Client:
Diffie-Hellman GEX Init
     20 2.122699    Fedora       RedHat       SSHv2    Server:
Diffie-Hellman GEX Reply
     21 2.123286    RedHat       Fedora       TCP      4433 > ssh
[ACK] Seq=943 Ack=1730 Win=8832 Len=0 TSV=380388976 TSER=121932
     22 2.144750    RedHat       Fedora       SSH      Encrypted
response packet len=240
     23 2.144776    Fedora       RedHat       TCP      32821 > ssh
[ACK] Seq=48 Ack=288 Win=8832 Len=0 TSV=121935 TSER=380388978
     24 3.485668    Fedora       RedHat       SSH      Encrypted
request packet len=48
     25 3.487368    RedHat       Fedora       SSH      Encrypted
response packet len=48
     26 3.487383    Fedora       RedHat       TCP      32821 > ssh
[ACK] Seq=96 Ack=336 Win=8832 Len=0 TSV=122069 TSER=380389112
     27 3.574789    Fedora       RedHat       SSH      Encrypted
request packet len=48
     28 3.576357    RedHat       Fedora       SSH      Encrypted
response packet len=48
     29 3.576372    Fedora       RedHat       TCP      32821 > ssh
[ACK] Seq=144 Ack=384 Win=8832 Len=0 TSV=122078 TSER=380389121

I've also used a sniffer on Windows box and I saw that Windows replies
for second frame (SYN,ACK) from Fedora, but this packet doesn't arrive
to Fedora box. Fedora retransmites SYN, ACK from time to time, but has
no answer, but answer from Windows Box is sent. Like on the figure below:

No.   WindowsXP       Fedora     
1        SYN     >    got it
2       got it   <  SYN, ACK
3      SYN, ACK  >  ???? Missed in action :)



Comment 4 bednar 2004-01-29 16:07:32 UTC
Hi! I've  done some test with ethereal sniffer. Here are the results,
they are very strange. At beginning I tell that same problem exists
with  following clients of ssh: putty, ssh secure shell from ssh.com,
total commander, as well as vnc clients: real vnc, tight vnc. The
problem seems to be at higher level than ssh or vnc. It is tcp or
something similar. Frind of my friend has also Fedora box and similar
problem: he can connect to ssh server on Fedora from Toschiba laptop
with Windows 2K PL but cannot connect from desktop with Windows 2K EN.
I've also tested connection from various machines (2x WinXP, 1x Win2K,
1x Win98). The results of sniffing:

Here are sniff session when I tried to connect from Windows do Fedora:
    No. Time        Source                Destination          
Protocol Info
     21 26.099826   WindowsXP       Fedora       TCP      1077 > ssh
[SYN] Seq=0 Ack=0 Win=64240 Len=0 MSS=1460
     22 26.099849   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
     32 30.297496   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
     44 36.297491   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
     58 48.297492   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
   1174 72.497491   Fedora       WindowsXP       TCP      ssh > 1077
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460

I can submit also full frames from this session decoded with ethereal.

Here are part of sniff session when I tried to connect from RedHat7.2
do Fedora:
    No. Time        Source                Destination          
Protocol Info
      2 0.435379    Fedora       RedHat       SSH      Encrypted
request packet len=48
      3 0.438067    RedHat       Fedora       SSH      Encrypted
response packet len=48
      4 0.438082    Fedora       RedHat       TCP      32821 > ssh
[ACK] Seq=48 Ack=48 Win=8832 Len=0 TSV=121764 TSER=380388807
      5 0.768222    RedHat       Fedora       TCP      4433 > ssh
[SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=380388840 TSER=0 WS=0
      6 0.768249    Fedora       RedHat       TCP      ssh > 4433
[SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1460 TSV=121797
TSER=380388840 WS=0
      7 0.768715    RedHat       Fedora       TCP      4433 > ssh
[ACK] Seq=1 Ack=1 Win=5840 Len=0 TSV=380388840 TSER=121797
      8 0.769302    Fedora       RedHat       SSHv2    Server
Protocol: SSH-1.99-OpenSSH_3.6.1p2
      9 0.769741    RedHat       Fedora       TCP      4433 > ssh
[ACK] Seq=1 Ack=26 Win=5840 Len=0 TSV=380388841 TSER=121797
     10 0.803007    RedHat       Fedora       SSHv2    Client
Protocol: SSH-2.0-OpenSSH_3.1p1
     11 0.803059    Fedora       RedHat       TCP      ssh > 4433
[ACK] Seq=26 Ack=23 Win=5792 Len=0 TSV=121800 TSER=380388844
     12 0.808696    RedHat       Fedora       SSHv2    Client: Key
Exchange Init
     13 0.808711    Fedora       RedHat       TCP      ssh > 4433
[ACK] Seq=26 Ack=503 Win=6432 Len=0 TSV=121801 TSER=380388844
     14 0.827153    Fedora       RedHat       SSHv2    Server: Key
Exchange Init
     15 0.829123    RedHat       Fedora       SSHv2    Client:
Diffie-Hellman GEX Request
     16 0.851150    Fedora       RedHat       SSHv2    Server:
Diffie-Hellman Key Exchange Reply
     17 0.889649    RedHat       Fedora       TCP      4433 > ssh
[ACK] Seq=527 Ack=994 Win=7616 Len=0 TSV=380388853 TSER=121805
     19 2.085660    RedHat       Fedora       SSHv2    Client:
Diffie-Hellman GEX Init
     20 2.122699    Fedora       RedHat       SSHv2    Server:
Diffie-Hellman GEX Reply
     21 2.123286    RedHat       Fedora       TCP      4433 > ssh
[ACK] Seq=943 Ack=1730 Win=8832 Len=0 TSV=380388976 TSER=121932
     22 2.144750    RedHat       Fedora       SSH      Encrypted
response packet len=240
     23 2.144776    Fedora       RedHat       TCP      32821 > ssh
[ACK] Seq=48 Ack=288 Win=8832 Len=0 TSV=121935 TSER=380388978
     24 3.485668    Fedora       RedHat       SSH      Encrypted
request packet len=48
     25 3.487368    RedHat       Fedora       SSH      Encrypted
response packet len=48
     26 3.487383    Fedora       RedHat       TCP      32821 > ssh
[ACK] Seq=96 Ack=336 Win=8832 Len=0 TSV=122069 TSER=380389112
     27 3.574789    Fedora       RedHat       SSH      Encrypted
request packet len=48
     28 3.576357    RedHat       Fedora       SSH      Encrypted
response packet len=48
     29 3.576372    Fedora       RedHat       TCP      32821 > ssh
[ACK] Seq=144 Ack=384 Win=8832 Len=0 TSV=122078 TSER=380389121

I've also used a sniffer on Windows box and I saw that Windows replies
for second frame (SYN,ACK) from Fedora, but this packet doesn't arrive
to Fedora box. Fedora retransmites SYN, ACK from time to time, but has
no answer, but answer from Windows Box is sent. Like on the figure below:

No.   WindowsXP       Fedora     
1        SYN     >    got it
2       got it   <  SYN, ACK
3      SYN, ACK  >  ???? Missed in action :)

Comment 5 bednar 2004-01-29 16:17:26 UTC
I've done another test form Windows 2000. The ssh connection works.
Here are logs form Putty connection:
    No. Time        Source                Destination          
Protocol Info
     83 1.197571    Windows2K       Fedora       TCP      2082 > ssh
[SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1460
     84 1.197599    Fedora       Windows2K       TCP      ssh > 2082
[SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
     85 1.197667    Windows2K       Fedora       TCP      2082 > ssh
[ACK] Seq=1 Ack=1 Win=65535 Len=0
     86 1.198264    Fedora       Windows2K       SSHv1    Server
Protocol: SSH-1.99-OpenSSH_3.6.1p2
     87 1.199405    Windows2K       Fedora       SSHv1    Client
Protocol: SSH-1.5-PuTTY
     88 1.199464    Fedora       Windows2K       TCP      ssh > 2082
[ACK] Seq=26 Ack=15 Win=5840 Len=0
     89 1.202613    Fedora       Windows2K       SSHv1    Server:
Public Key
     92 1.204949    Windows2K       Fedora       SSHv1    Client:
Session Key
     95 1.216701    Fedora       Windows2K       SSHv1    Server:
Encrypted packet len=5
    112 1.340366    Windows2K       Fedora       TCP      2082 > ssh
[ACK] Seq=171 Ack=314 Win=65222 Len=0



Comment 6 bednar 2004-01-29 16:20:58 UTC
Three of tested Windows boxes are connected to the same Plaent 100
mbit Switch with Fedora box connected to it too. The two of they
(WinXP, WinME cannot connect while one Win2K can). Sorry for
submitting the log twice, but someone closed this bug while I was
writing new comment :)


Comment 7 bednar 2004-01-30 23:58:10 UTC
*** Bug 113870 has been marked as a duplicate of this bug. ***

Comment 8 bednar 2004-02-02 20:42:56 UTC
Hi! I've solved the problem. The problem laid in the driver written by
3Com. I've found that default kernel for Fedora has compiled as module
driver for various 1 GBit ethernet NICs like for example 3c940. The
driver's name is sk98lin.o. I changed the 3c2000.o driver to the
sk98lin.o and the connection to the ssh port or vnc por from windows
just works.