l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
April 21: Google Glass
Next Installfest:
TBD
Latest News:
Mar. 18: Google Glass at LUGOD's April meeting
Page last updated:
2006 Jul 22 13:31

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] SSH Troubles
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] SSH Troubles



On Sat, Jul 22, 2006 at 06:37:46AM -0700, Ken Herron wrote:
> Marc Elliot Hall wrote:
> >On Fri, Jul 21, 2006 at 08:50:46AM -0700, Ken Herron wrote:
> >  
> >>Ken Herron wrote:
> >>Okay, see <http://www.ncftp.com/ncftpd/doc/misc/ftp_and_firewalls.html>, 
> >>in particular "Why PORT Poses Problems for Routing Devices" and 
> >>"Problems when the FTP Server is Listening on a Non-Standard Port 
> >>Number". Now imagine your netgear thinks it's dealing with FTP and is 
> >>doing that to your ssh sessions.
> >>    
> >Not that I'm disagreeing with you about the router's possible confusion,
> >but I'm not running an FTP server. ;-)
> 
> I never said you were. You're running ssh over port 21, which is 
> normally the ftp command channel port. So the router might be applying 
> its ftp forwarding support to your ssh traffic and scrambling it in the 
> process.
> 
> >I'll investigate further in this direction; however I don't think my 
> >appliance is nearly smart enough to rewrite packet headers. It just 
> >accepts inbound traffic on designated ports and passes it through 
> >unmodified to the same port on a specified host on my network. 
> 
> Netgear routers can  port-forward ftp. If you'd read the link above, 
> you'll see that dumb packet forwarding isn't sufficient to port-forward 
> ftp. So netgear routers almost certainly have logic to do the protocol 
> monitoring and packet rewriting described.

Thank you for the additional comments, Ken. I have read the link you
referenced, and agree that there is a possible relationship between the 
issue I'm experiencing and the Netgear WGT624's firmware thinking that 
if an incoming packet is hitting port 21, it must therefore be FTP -
not that that would be "normal" given my last 18-odd months of
successful ssh-ing with the same config. 

However, I have concluded that this broken behavior is indicative of a
hardware failure (Cosmic rays? Overheating? Whatever...), because 
while tinkering with various PuTTY settings while troubleshooting 
(frex, enabling and disabling single-DES in SSH-2, deleting the saved 
rsa key, etc.), I got this PuTTY Fatal Error:

++++++
Server sent disconnect message" 
type 2 (SSH_DISCONNECT_PROTOCOL_ERROR)
Corrupted MAC on input
++++++

and that led me here:

http://www.derkeiler.com/Newsgroups/comp.security.ssh/2005-03/0113.html

I'm going to attempt to update the firmware to 4.2.11; but if that
doesn't fix things, I'll have to get me a new device (OpenWrt doesn't
have a Free replacement available yet).


-- 
Marc Elliot Hall
www.hallmarc.net
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!