inbound ssh ceased on 4 servers at same time

John Brooks john at day-light.com
Sat Jun 4 23:48:33 GMT 2005 

> > sshd is running on the affected machines
> > 
> > no errors on console or logs, just times out waiting for
> > the password prompt. interestingly: when investigating this
> > at the console, attempting ssh sessions from the db server
> > and backup server to the file server (these two are 'deeper'
> > in the network so there was never an occasion to ssh FROM
> > them before) produced the std warning about an unknown host
> > prompting for inclusion in the ~/.ssh/known_hosts file.
> > 
> > dns is not really involved, the ssh session is sent to the
> > ip address directly as in "ssh john at 10.3.3.10"
> > 
> > ping works in both directions as does all other network
> > services (internal mysql, intranet http, pop3, smtp, smbd, 
> > nmdb, dns). network hardware and cabling issues have been 
> > effectively ruled out.
> > 
> 
> 
> Have you tried ssh with the -vvv switch to get extra debugging info at
> the console? If there's anything happening with ssh, it should show up
> there, I'd expect. Are you testing to/from multiple hosts here? If so,
> what's different between each set of hosts you're testing?
> 
> Hope that helps,
> G
> 

Have not tried the -vvv switch, good call, I have several other
networks running the same versions of FreeBSD that are not affected
so that will make for a good comparison. Will do that later this
evening.

I have tested each of the four boxes in the following ways:

>From OpenBSD firewall to each of the four FreeBSD servers:  times out
>From each FreeBSD server to the OpenBSD firewall:  works as expected
>From each FreeBSD server to off network BSD boxes:  works as expected
>From each FreeBSD server to other FreeBSD server:  times out

For the last 18 months I have almost daily ssh'd into these 5 boxes
for maintenance, programming, logs, mail tracing, backups, etc. I am
the only login shell user on them. I had been in the network on these
boxes earlier in day, before this started. There were no config changes 
made. That is part of what is puzzling, and to happen to all four boxes
at the same time is cause for conceern. The why of it all is my primary
objective at this point.

I'll post the results of the -vvv switch a little later this evening.

More information about the freebsd-questions mailing list