Date: Wed, 05 Mar 2014 11:22:19 -0500 From: Mike Tancsa <mike@sentex.net> To: Brett Glass <brett@lariat.net>, questions@freebsd.org Subject: Re: SSH Protocol 2 between 9.x and 10.0 fails Message-ID: <53174F3B.1080403@sentex.net> In-Reply-To: <201403050528.WAA21620@mail.lariat.net> References: <201403050528.WAA21620@mail.lariat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3/4/2014 11:54 PM, Brett Glass wrote: > Everyone: > > I'm making my first FreeBSD 10.0 server, and have been trying to use scp > to copy files onto it from a machine running 9.1. However, for some > reason, transfers only work if I specify the "-1" option on the command > line. The same is true of interactive SSH sessions; I can't log into > either machine from the other with SSH Protocol 2. Has anyone else > noticed this incompatibility? Here's an excerpt from the "verbose" > output from a failed scp session in which I attempted a file transfer > from the 9.1 server to the 10.0 server: > > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: Remote protocol version 1.99, remote software version > OpenSSH_6.4_hpn13v11 FreeBSD-20131111 > debug1: match: OpenSSH_6.4_hpn13v11 FreeBSD-20131111 pat OpenSSH* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_5.8p2 FreeBSD-20110503 > debug1: SSH2_MSG_KEXINIT sent > > ...and then the transaction freezes until it times out. I dont have a 9.1 box to test with, but 9.2 to 10 works fine for me. The next line should be debug1: match: OpenSSH_6.4_hpn13v11 FreeBSD-20131111 pat OpenSSH* debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received Are you sure its not something else ? Do you have pf on the remote box ? perhaps a missing keep state rule ? P-MTU issue ? Try a tcpdump to see if packets are being missed or re-transmitted ? ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53174F3B.1080403>