Date: Sat, 4 Jun 2005 18:48:41 -0500 From: "John Brooks" <john@day-light.com> To: <greg@grokking.org>, <freebsd-questions@freebsd.org> Subject: RE: inbound ssh ceased on 4 servers at same time Message-ID: <NHBBKEEMKJDINKDJBJHGMEPHJAAD.john@day-light.com> In-Reply-To: <42A22FBA.8040908@grokking.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > sshd is running on the affected machines > > > > no errors on console or logs, just times out waiting for > > the password prompt. interestingly: when investigating this > > at the console, attempting ssh sessions from the db server > > and backup server to the file server (these two are 'deeper' > > in the network so there was never an occasion to ssh FROM > > them before) produced the std warning about an unknown host > > prompting for inclusion in the ~/.ssh/known_hosts file. > > > > dns is not really involved, the ssh session is sent to the > > ip address directly as in "ssh john@10.3.3.10" > > > > ping works in both directions as does all other network > > services (internal mysql, intranet http, pop3, smtp, smbd, > > nmdb, dns). network hardware and cabling issues have been > > effectively ruled out. > > > > > Have you tried ssh with the -vvv switch to get extra debugging info at > the console? If there's anything happening with ssh, it should show up > there, I'd expect. Are you testing to/from multiple hosts here? If so, > what's different between each set of hosts you're testing? > > Hope that helps, > G > Have not tried the -vvv switch, good call, I have several other networks running the same versions of FreeBSD that are not affected so that will make for a good comparison. Will do that later this evening. I have tested each of the four boxes in the following ways: >From OpenBSD firewall to each of the four FreeBSD servers: times out >From each FreeBSD server to the OpenBSD firewall: works as expected >From each FreeBSD server to off network BSD boxes: works as expected >From each FreeBSD server to other FreeBSD server: times out For the last 18 months I have almost daily ssh'd into these 5 boxes for maintenance, programming, logs, mail tracing, backups, etc. I am the only login shell user on them. I had been in the network on these boxes earlier in day, before this started. There were no config changes made. That is part of what is puzzling, and to happen to all four boxes at the same time is cause for conceern. The why of it all is my primary objective at this point. I'll post the results of the -vvv switch a little later this evening.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NHBBKEEMKJDINKDJBJHGMEPHJAAD.john>
