SSH pérdida de connection después de un intervalo de time aleatorio, ambas partes afirman que el otro cerró la connection

Estoy conectando a una máquina solaris virtual del sistema del anfitrión de las windows que funciona la caja virtual. Esto funciona por un time, pero después de algún time la connection se desvanece.

Lo más curioso es que sshd afirma que la connection se restablece por pares, mientras que la session ssh dice que la connection está cerrada por el host remoto.

He conseguido iniciar el sshd manualmente ( /usr/lib/ssh/sshd -d ), para que yo consiga la salida de debugging mostrada a continuación, pero estoy completamente en una pérdida de cómo proceder.

Cosas probadas hasta ahora:

  • Compruebe /var/log/authlog : está vacío
  • Los packages de chequeo están actualizados (pkgchk -n SUNWsshcu, pkgchk -n SUNWsshdr, pkgchk -n SUNWsshdu, pkgchk -n SUNWsshhr, pkgchk -n SUNWsshr, pkgchk -n SUNWsshu): todos actualizados
  • Permitir acceso a la contraseña en /etc/ssh/ssh_config PasswordAuthentication sí y usar eso: no hay cambio

Pregunta: Estoy atascado, ¿cómo puedo seguir trabajando en el problema?


Más información:

Inicio del daemon ssh:

 bash-3.2# /usr/lib/ssh/sshd -d debug1: sshd version Sun_SSH_1.1.5 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: Bind to port 22 on ::. Server listening on :: port 22. 

Conexión desde el mando a distancia:

 debug1: Server will not fork when running in debugging mode. Connection from 10.0.2.2 port 26688 debug1: Client protocol version 2.0; client software version OpenSSH_6.2 debug1: match: OpenSSH_6.2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-Sun_SSH_1.1.5 monitor debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: use_engine is 'yes' monitor debug1: reading the context from the child debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers debug1: pkcs11 engine initialization complete debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client->server aes128-ctr hmac-md5 zlib debug1: kex: server->client aes128-ctr hmac-md5 zlib debug1: Peer sent proposed langtags, ctos: debug1: Peer sent proposed langtags, stoc: debug1: We proposed langtags, ctos: i-default debug1: We proposed langtags, stoc: i-default debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent debug1: dh_gen_key: priv key bits set: 134/256 debug1: bits set: 526/1024 debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT debug1: bits set: 497/1024 debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent debug1: newkeys: mode 1 debug1: set_newkeys: setting new keys for 'out' mode debug1: Enabling compression at level 6. debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: set_newkeys: setting new keys for 'in' mode debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user beginner service ssh-connection method none debug1: attempt 0 initial attempt 0 failures 0 initial failures 0 Failed none for beginn from 10.0.2.2 port 26688 ssh2 debug1: userauth-request for user beginner service ssh-connection method passworddebug1: attempt 1 initial attempt 0 failures 1 initial failures 0 Accepted password for beginner from 10.0.2.2 port 26688 ssh2 debug1: permanently_set_uid: 54324/1 debug1: sending auth context to the monitor debug1: will send 41 bytes of auth context to the monitor monitor debug1: finished reading the context monitor debug1: use_engine is 'yes' monitor debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers monitor debug1: pkcs11 engine initialization complete monitor debug1: Entering monitor loop. monitor debug1: fd 9 setting O_NONBLOCK monitor debug1: fd 10 setting O_NONBLOCK debug1: Entering interactive session for SSH2. debug1: fd 9 setting O_NONBLOCK debug1: fd 10 setting O_NONBLOCK debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384 debug1: input_session_request debug1: channel 0: new [server-session] debug1: session_new: init debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session debug1: server_input_channel_req: channel 0 request x11-req reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req x11-req debug1: bind port 6010: Address already in use; skipping this port debug1: bind port 6011: Address already in use; skipping this port debug1: bind port 6012: Address already in use; skipping this port debug1: bind port 6013: Address already in use; skipping this port debug1: fd 11 setting O_NONBLOCK debug1: channel 1: new [X11 inet listener] debug1: server_input_channel_req: channel 0 request pty-req reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req pty-req debug1: Allocating pty. debug1: session_pty_req: session 0 alloc /dev/pts/8 debug1: server_input_channel_req: channel 0 request shell reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req shell debug1: Setting controlling tty using TIOCSCTTY. debug1: fd 4 setting TCP_NODELAY debug1: SSH receive window size: 198560 B debug1: fd 13 setting O_NONBLOCK 

Comenzando emacs y trabajando por un time:

 debug1: server_input_global_request: rtype keepalive@openssh.com want_reply 1 debug1: server_input_global_request: rtype keepalive@openssh.com want_reply 1 debug1: X11 connection requested. debug1: fd 16 setting TCP_NODELAY debug1: channel 2: new [X11 connection from 127.0.0.1 port 33079] debug1: channel 2: open confirm rwindow 2097152 rmax 16384 debug1: channel 2: read<=0 rfd 16 len 0 debug1: channel 2: read failed debug1: channel 2: close_read debug1: channel 2: input open -> drain debug1: channel 2: ibuf empty debug1: channel 2: send eof debug1: channel 2: input drain -> closed debug1: channel 2: rcvd eof debug1: channel 2: output open -> drain debug1: channel 2: obuf empty debug1: channel 2: close_write debug1: channel 2: output drain -> closed debug1: channel 2: rcvd close debug1: channel 2: send close debug1: channel 2: is dead debug1: channel 2: garbage collecting debug1: channel_free: channel 2: X11 connection from 127.0.0.1 port 33079, nchan nels 3 debug1: X11 connection requested. debug1: fd 16 setting TCP_NODELAY debug1: channel 2: new [X11 connection from 127.0.0.1 port 33080] debug1: channel 2: open confirm rwindow 2097152 rmax 16384 debug1: channel 2: read<=0 rfd 16 len 0 debug1: channel 2: read failed debug1: channel 2: close_read debug1: channel 2: input open -> drain debug1: channel 2: ibuf empty debug1: channel 2: send eof debug1: channel 2: input drain -> closed debug1: X11 connection requested. debug1: fd 17 setting TCP_NODELAY debug1: channel 3: new [X11 connection from 127.0.0.1 port 33081] debug1: channel 2: rcvd eof debug1: channel 2: output open -> drain debug1: channel 2: obuf empty debug1: channel 2: close_write debug1: channel 2: output drain -> closed debug1: channel 2: rcvd close debug1: channel 2: send close debug1: channel 2: is dead debug1: channel 2: garbage collecting debug1: channel_free: channel 2: X11 connection from 127.0.0.1 port 33080, nchan nels 4 debug1: channel 3: open confirm rwindow 2097152 rmax 16384 debug1: channel 3: read<=0 rfd 17 len 0 debug1: channel 3: read failed debug1: channel 3: close_read debug1: channel 3: input open -> drain debug1: channel 3: ibuf empty debug1: channel 3: send eof debug1: channel 3: input drain -> closed debug1: channel 3: rcvd eof debug1: channel 3: output open -> drain debug1: channel 3: obuf empty debug1: channel 3: close_write debug1: channel 3: output drain -> closed debug1: channel 3: send close debug1: channel 3: rcvd close debug1: channel 3: is dead debug1: channel 3: garbage collecting debug1: channel_free: channel 3: X11 connection from 127.0.0.1 port 33081, nchan nels 3 debug1: X11 connection requested. debug1: fd 16 setting TCP_NODELAY debug1: channel 2: new [X11 connection from 127.0.0.1 port 33084] debug1: channel 2: open confirm rwindow 2097152 rmax 16384 debug1: X11 connection requested. debug1: fd 17 setting TCP_NODELAY debug1: channel 3: new [X11 connection from 127.0.0.1 port 33085] debug1: channel 2: read<=0 rfd 16 len 0 debug1: channel 2: read failed debug1: channel 2: close_read debug1: channel 2: input open -> drain debug1: channel 2: ibuf empty debug1: channel 2: send eof debug1: channel 2: input drain -> closed debug1: channel 3: open confirm rwindow 2097152 rmax 16384 debug1: channel 2: rcvd eof debug1: channel 2: output open -> drain debug1: channel 2: obuf empty debug1: channel 2: close_write debug1: channel 2: output drain -> closed debug1: channel 2: rcvd close debug1: channel 2: send close debug1: channel 2: is dead debug1: channel 2: garbage collecting debug1: channel_free: channel 2: X11 connection from 127.0.0.1 port 33084, nchan nels 4 debug1: X11 connection requested. debug1: fd 16 setting TCP_NODELAY debug1: channel 2: new [X11 connection from 127.0.0.1 port 33086] debug1: channel 3: read<=0 rfd 17 len 0 debug1: channel 3: read failed debug1: channel 3: close_read debug1: channel 3: input open -> drain debug1: channel 3: ibuf empty debug1: channel 3: send eof debug1: channel 3: input drain -> closed debug1: channel 2: open confirm rwindow 2097152 rmax 16384 debug1: channel 3: rcvd eof debug1: channel 3: output open -> drain debug1: channel 3: obuf empty debug1: channel 3: close_write debug1: channel 3: output drain -> closed debug1: channel 3: rcvd close debug1: channel 3: send close debug1: channel 3: is dead debug1: channel 3: garbage collecting debug1: channel_free: channel 3: X11 connection from 127.0.0.1 port 33085, nchan nels 4 

Después de algún intervalo de time aleatorio: la connection se pierde:

 Read error from remote host 10.0.2.2: Connection reset by peer debug1: Calling cleanup 0x806d882(0x80afd90) debug1: session_pty_cleanup: session 0 release /dev/pts/8 debug1: Calling cleanup 0x80729a7(0x0) debug1: channel_free: channel 0: server-session, nchannels 3 debug1: channel_free: channel 1: X11 inet listener, nchannels 2 debug1: channel_free: channel 2: X11 connection from 127.0.0.1 port 33086, nchannels 1 debug1: Calling cleanup 0x8064fe7(0x80c1318) debug1: Calling cleanup 0x807e79a(0x0) debug1: compress outgoing: raw data 36410262, compressed 3980612, factor 0.11 debug1: compress incoming: raw data 18374832, compressed 674656, factor 0.04 monitor debug1: Monitor received SIGCHLD. 

Salida de ssh entrante:

 ~> ssh beginner@127.0.0.1 -p 2222 Connection to 127.0.0.1 closed by remote host. Connection to 127.0.0.1 closed 

2 Solutions collect form web for “SSH pérdida de connection después de un intervalo de time aleatorio, ambas partes afirman que el otro cerró la connection”

¿Existe un enrutador NAT entre las dos máquinas? Puede estar cerrando la connection a la inactividad y los times muertos?

El cliente SSH puede activar KeepAlive de nivel SSH para intentar evitar este escenario.

Para el cliente openssh, incluimos lo siguiente en el file de configuration del cliente (o bien / etc / ssh / ssh_config o ~ / .ssh / config):

KeepAlive sí

Sólo se solucionó una situación similar a esta en una caja de CentOS7. Resulta que el cuadro de dialog de command 'nmtui' añadió silenciosamente un '/ 32' al final de nuestra dirección IP estática. Eso cambió la máscara de networking a 255.255.255.255 y la IP de difusión a la misma IP que la interfaz. Esto resultó en un comportamiento ARP muy inusual y causó muchas conexiones caídas. Ejecute un 'ifconfig -a' para revisar su configuration de máscara de networking y difusión.

  • Copia de security y restauración de files grandes en Windows Server 2008
  • "Agregar clave de host correcta en known_hosts" / varias llaves de host ssh por nombre de host?
  • TCP reenvío a través de SSH con socat o cualquier otro promotor tcp, en sshd con reenvío tcp deshabilitado
  • Cómo configurar un server público rsync y sftp
  • sshd rechazó la authentication de keys
  • Medir RTT para SSH
  • SSH en serveres NAT'd en la misma dirección IP pública
  • Obtener la list de conexiones ssh abiertas por nombre
  • Túnel inverso SSH: ¿cómo puedo enviar mi número de puerto al server?
  • configurar un server SSH
  • ¿Se ha comprometido mi server Linux? ¿Cómo lo digo?
  • Habilitar inicio de session remoto (SSH) sin GUI en una Mac
  • ¿Cómo puedo omitir el post de contraseña de OTP para sudo pero mantenerlo para ssh?
  • El linux y los temas del servidor de Windows, como ubuntu, centos, apache, nginx, debian y consejos de red.