I have a ssh server on an old CentOS 5 installation. I can connect to the server without any problems. However, if i disconnect from the server and want to login again after exiting the previous session, the server is not responding and i got a "connection timed out" error. After a while (must be between 1 and 5 minutes) i can login normally. If i then exit the session, the same timeout happens again.
From the network where the client resides, i can connect to other ssh servers without any problems, so i dont think, this is a firewall issue.
Any suggestions, where i can look for the problem?
I tried to login with key instead of password and i stopped the fail2ban service on the ssh server. Both without any success.
I solved my problem:
There is a iptables rule, which is limiting the connections per ip to one attempt per minute. I have whitelisted my ip and now there is no delay when reconnecting.
Related
Context:
We have a VPS set up to which we connect through SSH (private keys auth, passwords forbidden, Fail2Ban running).
Recently we've been experiencing issues with the connection when we'd be kicked out (broken pipe) and re-connection attempts would end up with the "Connection closed by remote host" error. After several minutes of "down time" we could connect back as usual. During this time, communication on all other ports is dead as well (AApanel, WebApp ports).
Another thing to mention is that we can verify from VNS that during this down time the server is running and SSH ports are listening as if nothing happened (through lsof).
last command doesn't show any suspicious logins.
The problems persist even after a clean VPS re-install.
Any suggestion what these symptoms might be caused by?
Thanks
I think there is a simple answer to this question, but everything I find online is about preventing SSH client connections from timing out.
In this case, the client has established a connection to the server, and remains connected. Then the connection is disrupted, say the ethernet cable is unplugged, or the router is powered off.
When this happens, the client connection is not dropped.
The ssh client connection is part of a script and the line that performs the ssh login looks like this:
ssh -Nn script#example.com
The .ssh/config contains the following parameters:
Host *
ServerAliveInterval 60
ServerAliveCountMax 2
When these disconnects occur, I'd like the client ssh connection to timeout, and allow the script to attempt reconnect...
Thanks!
I guess I was wrong about this being a simple question, since no one was able to provide an answer.
My further reading and asking led to one reply on the openssh IRC channel, around 2022-06-06. I was advised that the options:
ServerAliveInterval 60
ServerAliveCountMax 2
Often don't disconnect the client as one might expect.
The ssh_config man page:
ServerAliveCountMax
Sets the number of server alive messages (see below) which
may be sent without ssh(1) receiving any messages back from
the server. If this threshold is reached while server alive
messages are being sent, ssh will disconnect from the server,
terminating the session...
The default value is 3. If, for example, ServerAliveInterval
(see below) is set to 15 and ServerAliveCountMax is left at
the default, if the server becomes unresponsive, ssh will
disconnect after approximately 45 seconds.
Seems to pretty conclusively state that disconnecting on lack of server response is the intention of these parameters. However, in practice this doesn't happen in all cases. Maybe the caveat here is: "while server alive messages are being sent"?
If the application calls for a reliable client disconnect when the server becomes unresponsive, the advice was to implement an external method, separate from the ssh client login script, that monitors server responsiveness, and kills the ssh client process on timeout.
I created a user using 'adduser' on a Ubuntu 18 virtual machine that I ssh'd into using Vagrant. I am now trying to ssh into the server using the user credentials I created. I keep getting connection refused. I believe it is my syntax that is causing this so what is the correct syntax for this?
Maybe add here your "code"
but Connection refused can be caused by several reasons.
SSH service is down, Wrong credentials, port is closed, wrong permissions or don't have permissions to connect at all.
Take a look here and try to solve it.
I have been working on a http server which accepts connections and then based on the host name, loads up the right project from .so, generates the page the client is asking for, then sends them back.
Now that I have several working projects, I am interested in making them available to others but here is my problem :
I am connecting to my dedicated server through ssh, and starting my daemon from there, but after a while, the pages are no longer accessible because my program is no longer running.
I also get kicked by the server after a while. I wonder :
How do I keep my server running ? Does the fact that I keep getting kicked out by ssh after a little idle time explains why my daemon is being shutdown ?
Thanks in advance to whoever will be able to give me some element of answer.
When your SSH session times out SIGHUP was sent to the sub-processes forked from the current interactive shell. That's why the processes were terminated (server no longer running).
To avoid idle SSH connection being kicked by the server, set the ServerAliveInterval to send a request for response from server (e.g. ~/.ssh/config)
Host *
ServerAliveInterval 30
To avoid shell sub-process termination, refer to
https://askubuntu.com/questions/348836/keep-the-running-processes-alive-when-disconneting-the-remote-connection/348921#348921
https://askubuntu.com/questions/349262/run-a-nohup-command-over-ssh-then-disconnect
In short, there are 3 options:
nohup
disown / setsid
start the servers in CLI in tmux or screen session on the server
NOTE: If the server instances are already properly daemonized, try looking at monit or supervisord to keep them running ;-D
I've been searching and haven't found a solution for this yet.
I have a LAMP server running Centos 5 and cPanel. I have converted the site from http to https. The site works just fine. However, periodically there are ERR_CONNECTION_REFUSED errors on my PC only. This happens only over https and only periodically. Port 443 is open on the server.
FTP, Remote MySQL, SSH, and HTTPS connections are refused during that brief period. I've checked the server's firewall to allow my ip and unblock my ip. The ip is allowed and was never blocked.
We have other PCs connected to the same network with no issues during the brief period where only my connection is refused. I've cleared my cookies and cache with no luck. However, when I run a trace route, it stops at the first hop in our network.
Any suggestions with what I need to do or look at?
Do you think it is a server related issue?
Do you think it is an internal network related issue?
Could it be the issuer of the SSL cert?
You're probably running into a full backlog queue. A Windows server will actively refuse a connection if the backlog queue is currently full. The defence is to increase the backlog or speed up the accept loop.