Bug 487423 - SSH hangs after login at "debug1: Sending environment."
SSH hangs after login at "debug1: Sending environment."
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: openssh (Show other bugs)
5.5
All Linux
low Severity urgent
: rc
: ---
Assigned To: Jan F. Chadima
BaseOS QE
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-02-25 16:54 EST by Dennis Magee
Modified: 2011-07-11 12:42 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-07-11 12:42:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
ssh -v log (1.75 KB, text/plain)
2010-06-07 09:39 EDT, Richard W.M. Jones
no flags Details
tcpdump capture file (7.39 KB, application/octet-stream)
2010-06-07 09:44 EDT, Richard W.M. Jones
no flags Details
Virtual machine network configuration. (38.41 KB, image/png)
2010-06-07 09:46 EDT, Richard W.M. Jones
no flags Details

  None (edit)
Description Dennis Magee 2009-02-25 16:54:05 EST
Description of problem:
trying to use ssh to remotely connect to a computer. After login it hangs and does not bring up a remote terminal

Version-Release number of selected component (if applicable):
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

How reproducible:
Every time you try to SSH

Steps to Reproduce:
1. run ssh command to any computer
2. enter password
3. hangs
  
Actual results:
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to *** [***.***.***.***] port **.
debug1: Connection established.
debug1: identity file /home/***/.ssh/identity type -1
debug1: identity file /home/***/.ssh/id_rsa type -1
debug1: identity file /home/***/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '***' is known and matches the RSA host key.
debug1: Found key in /home/***/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Next authentication method: password
***@***'s password: 



Expected results:
brings up remote terminal

Additional info:
works fine if you use putty but not when you use ssh command in terminal
Comment 1 Dennis Magee 2009-02-25 16:57:29 EST
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to *** [***.***.***.***] port **.
debug1: Connection established.
debug1: identity file /home/***/.ssh/identity type -1
debug1: identity file /home/***/.ssh/id_rsa type -1
debug1: identity file /home/***/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '***' is known and matches the RSA host key.
debug1: Found key in /home/***/.ssh/known_hosts:2
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Next authentication method: password
***@***'s password: 
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8

Hangs after this
Comment 2 Tomas Mraz 2009-02-25 17:19:10 EST
To properly prioritize solution for your problem, can you please contact Red Hat Support through the regular channels?

http://www.redhat.com/support
Comment 3 Jan F. Chadima 2009-10-29 11:28:18 EDT
No response from reporter. Insufficient data to fix the bug.
Comment 4 Richard W.M. Jones 2010-04-13 15:19:32 EDT
Reopening.

I get the same thing, it hangs at:

debug1: Next authentication method: publickey
debug1: Offering public key: /Users/rich/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.

[then nothing]

What more data do you need?
Comment 5 Dennis Magee 2010-04-13 18:50:12 EDT
The only thing I have found that "fixes" the problem is running this command for each port that has problems:

sudo /sbin/iptables -A OUTPUT -t mangle -p tcp --dport 22 -j TOS --set-tos 0x00

then I saved my iptables so I don't have to run the command every time I reboot
Comment 6 Jan F. Chadima 2010-05-10 02:24:15 EDT
(In reply to comment #4)
> Reopening.
> 
> I get the same thing, it hangs at:
> 
> debug1: Next authentication method: publickey
> debug1: Offering public key: /Users/rich/.ssh/id_rsa
> debug1: Server accepts key: pkalg ssh-rsa blen 277
> debug1: Authentication succeeded (publickey).
> debug1: channel 0: new [client-session]
> debug1: Entering interactive session.
> debug1: Sending environment.
> 
> [then nothing]
> 
> What more data do you need? 
the version of the openssh on the backends, the type of the line between them, the OSes used and so on...
Comment 7 Richard W.M. Jones 2010-06-07 09:37:46 EDT
(In reply to comment #6)
> the version of the openssh on the backends, the type of the line between them,
> the OSes used and so on...    

This is happening again for me very reliably.  I will
add here and attach as much relevant info as I can.

The situation is ssh from a host into a KVM virtual machine
running on that same host.

Host: CentOS release 5.5 (Final)
$ rpm -qf /usr/bin/ssh
openssh-clients-4.3p2-41.el5

Virtual machine: Debian 4.0
openssh-server 4.3p2-9etch3

From the host I can telnet to port 22:

$ telnet 192.168.122.80 22
Trying 192.168.122.80...
Connected to 192.168.122.80 (192.168.122.80).
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3p2 Debian-9etch3
Comment 8 Richard W.M. Jones 2010-06-07 09:39:30 EDT
Created attachment 421826 [details]
ssh -v log

As described in the summary, ssh client hangs after the
last line "debug1: Sending env LANG = en_US.UTF-8".  I left
it like that for a few minutes, with no apparent progress
happening.

This is the full log from ssh -v.
Comment 9 Richard W.M. Jones 2010-06-07 09:44:03 EDT
Created attachment 421828 [details]
tcpdump capture file

This is the tcpdump capture file.

This is not a plain text file.  To view this file you will need to do:

  /usr/sbin/tcpdump -r tcpdump.log

Note that the hang occurs at 14:36:10, and then 15 seconds later at
14:36:25 I killed the ssh connection from the client end using the
~. key sequence.
Comment 10 Richard W.M. Jones 2010-06-07 09:46:41 EDT
Created attachment 421830 [details]
Virtual machine network configuration.

Sorry, had to do this one as a screenshot.  This shows
the network configuration inside the VM.
Comment 11 Jan F. Chadima 2010-06-14 04:18:08 EDT
I'm not yet successfully reproduce the bug, is there some extra condition?
Comment 12 Jan F. Chadima 2010-06-14 05:07:16 EDT
The only idea I've got: On some virtual configurations is necessary to reduce the MTU.
Comment 13 Jan F. Chadima 2011-05-24 11:15:56 EDT
can you make some experiments with this issue? 
1) can you try to connect to VM from outside? 
2) can you test to connect to the same version CaOS in VM as is on the host?
potentially can you test KVM in rhel6.1?
thanks in a advice
Comment 14 Jan F. Chadima 2011-07-11 05:39:41 EDT
ping!
Comment 15 Richard W.M. Jones 2011-07-11 06:54:33 EDT
Is this "ping" for me?

I am no longer seeing this issue.  The reason it was happening
(for me, can't comment on others) is that /dev/pts/ was missing
or not being created with the correct permissions on the server
side.  This was due to some bug in a Debian upgrade script.  By
manually creating /dev/pts I was able to make the server work.
Comment 16 Jan F. Chadima 2011-07-11 12:42:51 EDT
closing as not a bug, if you disagree, you can reopen it

Note You need to log in before you can comment on or make changes to this bug.