Date: Thu, 25 Oct 2001 13:19:35 -0400 From: "Colin Legendre" <sudz@ns3g.com> To: <freebsd-stable@FreeBSD.ORG>, <freebsd-questions@FreeBSD.ORG> Subject: RE: Openssh Message-ID: <EGEAJNBPMIDPDNBOENHFMEJECLAA.sudz@ns3g.com> In-Reply-To: <20011025170531.K30100@itouchlabs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Once again though, if it was a little bit of trafic I could see it but this much nope. AND why would it be different on a 4.3 box from a 4.4 box? and why different when using ssh1 vs ssh2? Colin Legendre CCNA, MCP sudz@ns3g.com http://www.ns3g.com -----Original Message----- From: Barry Irwin [mailto:bvi@devco.net]On Behalf Of Barry Irwin Sent: Thursday, October 25, 2001 11:06 AM To: Colin Legendre Cc: freebsd-stable@FreeBSD.ORG; freebsd-questions@FreeBSD.ORG Subject: Re: Openssh On Thu 2001-10-25 (10:16), Colin Legendre wrote: > Explain to me then why doing this with ssh1 it is only 2-3k of traffic but > with ssh2 it is 25-75K of traffic. Explain as well that doing this under > FreeBSD 4.3 Stable only creates 2-3K of traffic, using ssh1 or ssh2? setup as follows: [client] ---{NET}---- [SERVER] You log into the server and run trafshow/tcpdump on the server's (external??) interface For every packet that is captured and displayed, another is generated to convey the information to your client. This of course generates another packet ad nauseum, untill you can pretty much saturate your link. Using the compression option (-C) to ssh can help with his a bit, but a better option is to use pcap logic in a filter expression (man tcpdump) to exlude your clients ssh traffic to the server from the capture. So try something like tcpdump -i fxp0 not host client and \(host srver and port 22 \) trafshow takes the same logic. Have a good read of the tcpdump man page which explains this syntax in greater detail. Good use of filter expressions can make yout life a hell of a lot easier when debugging. Barry -- Barry Irwin Systems Administrator (Networks and Security) Itouch Labs bvi @ itouchlabs.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EGEAJNBPMIDPDNBOENHFMEJECLAA.sudz>