Home / ubuntu / Questions / 1141206
In Process
Mohammad Etemaddar
Asked: 2019-05-08 03:32:17 +0800 CST

SSH freezes at pledge: network

  • 772

I setup passwordless ssh login. I could connect through ssh and also used sftp. suddenly I could not connect any more and ssh freezed.

  • Server: Ubuntu 16.04
  • Client: Ubuntu 18.04

ssh --vvv user@host freezes at pledge: network

...
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug2: input_userauth_pk_ok: fp SHA256:w7sj+s08FJPpL09IVtmXmGZOUgxVHGcgpjCL3vxzSaQ
debug3: sign_and_send_pubkey: RSA SHA256:w7sj+s08FJPpL09IVtmXmGZOUgxVHGcgpjCL3vxzSaQ
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to <host> ([<IP>]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting [email protected]
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: send packet: type 80
debug3: send packet: type 80
debug3: send packet: type 80
Timeout, server <host> not responding.

Before this happens, I started another ssh on the same host with same user and it freezed at sign_and_send_pubkey so I started the previously said ssh.

...
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug2: input_userauth_pk_ok: fp SHA256:w7sj+s08FJPpL09IVtmXmGZOUgxVHGcgpjCL3vxzSaQ
debug3: sign_and_send_pubkey: RSA SHA256:w7sj+s08FJPpL09IVtmXmGZOUgxVHGcgpjCL3vxzSaQ
debug3: send packet: type 50
Connection to <IP> port 22 timed out

  • I tried reinstalling openssh-server from server and ssh from client. also restarted both of them (Server and client computer).

  • Also tried to force connecting by password. It just changed the line Authentication succeeded (password) at output.

  • Somebody said set UsePAM no, It did not work.

  • Tried by -o IPQoS=0 and had the same output.

At server recorded these at syslog:

...
May  7 07:26:10 host systemd[1]: Started Session c103 of user <user>.
May  7 07:26:10 host systemd[1]: Started Session c104 of user <user>.
May  7 07:26:26 host systemd[1]: Started Session 47 of user <user>.
May  7 07:26:33 host systemd[1]: Started Session 48 of user <user>.

I think this problem is from client. Because my friend could connect to server from his own computer.

networking server ssh

2 Answers

  1. To debug your SSH connections it's better to view /var/log/auth.log.

    i.e.

    sudo tail -n 250 -f /var/log/auth.log

    Your connection might be also filtered or blocked by tools like fail2ban.

    Check if it's running on your server:

    sudo ps ax | grep fail2ban

    If it's present on your server, then by default it scans auth.log for failed login attempts and ban IP for 5 minutes.

    If you don't have fail2ban make sure that there's nothing wrong with your network or firewall.

    Use dmesg to read latest errors:

    sudo dmesg -T

    View your iptables rules with:

    sudo iptables -nvL

    and also check your interfaces for errors and overruns:

    sudo ifconfig | grep errors

    ifconfig is a part of net-tools, so make sure it's present on your Ubuntu

    sudo apt install net-tools
    • 0

  2. In my case the reason was a crashed rsyslogd. I found this out because there were no more log entries in /var/log/secure

    So I Restarted service rsyslog restart resolved the problem for us.

    • 0