Bug 487423
Summary: | SSH hangs after login at "debug1: Sending environment." | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Dennis Magee <nelswad90> | ||||||||
Component: | openssh | Assignee: | Jan F. Chadima <jchadima> | ||||||||
Status: | CLOSED NOTABUG | QA Contact: | BaseOS QE <qe-baseos-auto> | ||||||||
Severity: | urgent | Docs Contact: | |||||||||
Priority: | low | ||||||||||
Version: | 5.5 | CC: | rjones | ||||||||
Target Milestone: | rc | Keywords: | Reopened | ||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2011-07-11 16:42:51 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Attachments: |
|
Description
Dennis Magee
2009-02-25 21:54:05 UTC
debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to *** [***.***.***.***] port **. debug1: Connection established. debug1: identity file /home/***/.ssh/identity type -1 debug1: identity file /home/***/.ssh/id_rsa type -1 debug1: identity file /home/***/.ssh/id_dsa type -1 debug1: loaded 3 keys debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '***' is known and matches the RSA host key. debug1: Found key in /home/***/.ssh/known_hosts:2 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: gssapi-with-mic,password debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Next authentication method: password ***@***'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 Hangs after this To properly prioritize solution for your problem, can you please contact Red Hat Support through the regular channels? http://www.redhat.com/support No response from reporter. Insufficient data to fix the bug. Reopening. I get the same thing, it hangs at: debug1: Next authentication method: publickey debug1: Offering public key: /Users/rich/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: Sending environment. [then nothing] What more data do you need? The only thing I have found that "fixes" the problem is running this command for each port that has problems: sudo /sbin/iptables -A OUTPUT -t mangle -p tcp --dport 22 -j TOS --set-tos 0x00 then I saved my iptables so I don't have to run the command every time I reboot (In reply to comment #4) > Reopening. > > I get the same thing, it hangs at: > > debug1: Next authentication method: publickey > debug1: Offering public key: /Users/rich/.ssh/id_rsa > debug1: Server accepts key: pkalg ssh-rsa blen 277 > debug1: Authentication succeeded (publickey). > debug1: channel 0: new [client-session] > debug1: Entering interactive session. > debug1: Sending environment. > > [then nothing] > > What more data do you need? the version of the openssh on the backends, the type of the line between them, the OSes used and so on... (In reply to comment #6) > the version of the openssh on the backends, the type of the line between them, > the OSes used and so on... This is happening again for me very reliably. I will add here and attach as much relevant info as I can. The situation is ssh from a host into a KVM virtual machine running on that same host. Host: CentOS release 5.5 (Final) $ rpm -qf /usr/bin/ssh openssh-clients-4.3p2-41.el5 Virtual machine: Debian 4.0 openssh-server 4.3p2-9etch3 From the host I can telnet to port 22: $ telnet 192.168.122.80 22 Trying 192.168.122.80... Connected to 192.168.122.80 (192.168.122.80). Escape character is '^]'. SSH-2.0-OpenSSH_4.3p2 Debian-9etch3 Created attachment 421826 [details]
ssh -v log
As described in the summary, ssh client hangs after the
last line "debug1: Sending env LANG = en_US.UTF-8". I left
it like that for a few minutes, with no apparent progress
happening.
This is the full log from ssh -v.
Created attachment 421828 [details]
tcpdump capture file
This is the tcpdump capture file.
This is not a plain text file. To view this file you will need to do:
/usr/sbin/tcpdump -r tcpdump.log
Note that the hang occurs at 14:36:10, and then 15 seconds later at
14:36:25 I killed the ssh connection from the client end using the
~. key sequence.
Created attachment 421830 [details]
Virtual machine network configuration.
Sorry, had to do this one as a screenshot. This shows
the network configuration inside the VM.
I'm not yet successfully reproduce the bug, is there some extra condition? The only idea I've got: On some virtual configurations is necessary to reduce the MTU. can you make some experiments with this issue? 1) can you try to connect to VM from outside? 2) can you test to connect to the same version CaOS in VM as is on the host? potentially can you test KVM in rhel6.1? thanks in a advice ping! Is this "ping" for me? I am no longer seeing this issue. The reason it was happening (for me, can't comment on others) is that /dev/pts/ was missing or not being created with the correct permissions on the server side. This was due to some bug in a Debian upgrade script. By manually creating /dev/pts I was able to make the server work. closing as not a bug, if you disagree, you can reopen it |