SCP Problem

Matthew Carpenter mcarpenter at intelguardians.com
Sat Oct 27 13:46:35 PDT 2007 

On Wednesday 24 October 2007, Kurt Wall wrote:
> Hola, list,
>
> I have an interesting problem. The short version is that there is host
> out there into which I can ssh without incident from my systems here
> at KurtWerks (using either password or public key authentication - I
> use public keys). I can also ssh back to KurtWerks. Similarly, from the
> remote host, I can scp files to and from KurtWerks.
>
> The problem, though, is that scp from KurtWerks to the remote system, that
> is, when KurtWerks is the orgin of the scp session, will not work. I
> start the session, authenticate, and then it stops. No data is
> transmitted. When I turn debugging with scp -vvv, the last few lines
> read like so:
>
> debug1: Sending command: scp -v -r -p -d -t /usr/www/users/kwall
> debug2: channel 0: request exec confirm 0
> debug2: fd 3 setting TCP_NODELAY
> debug2: callback done
> debug2: channel 0: open confirm rwindow 0 rmax 32768
> debug2: channel 0: rcvd adjust 131072
>
> That last line is the last thing I see; 10 minutes later, it hasn't
> moved and I just kill the session with Ctrl-c. I ran an strace on the
> scp session, and the last few lines look like so:
>
> rt_sigaction(SIGTERM, NULL, {SIG_DFL}, 8) = 0
> rt_sigaction(SIGTERM, {0x80001d50, [], 0}, NULL, 8) = 0
> rt_sigaction(SIGINT, NULL, {SIG_DFL}, 8) = 0
> rt_sigaction(SIGINT, {0x80001d50, [], 0}, NULL, 8) = 0
> rt_sigaction(SIGHUP, NULL, {SIG_DFL}, 8) = 0
> rt_sigaction(SIGHUP, {0x80001d50, [], 0}, NULL, 8) = 0
> read(7,
>
> Yes, that's an incomplete read() syscall because that's where the strace
> output stops. Finally, running a tcpdump on the session, I see much the
> same thing: session initiation followed by authentication, and then
> nothing. Again, the last few lines of tcpdump's output:
>
> 02:06:22.710183 IP latte.local.51303 > the.remote.host.ssh: P
> 2238:2366(128) ack 2088 win 93 <nop,nop,timestamp 2640818 4136540140>
> 02:06:22.749597 IP the.remote.host.ssh > latte.local.51303: P
> 2088:2136(48) ack 2366 win 32942 <nop,nop,timestamp 4136540183 2640818>
> 02:06:22.789387 IP latte.local.51303 > the.remote.host.ssh: . ack 2136
> win 93 <nop,nop,timestamp 2640838 4136540183>
>
> I'm stumped for how to proceed. Suggestions welcome and thanks.

Ever check to see if you have an MTU issue?  
Try this from Kurtwerks:

$ ping -s 1472 site1.com
$ ping -s 1472 site2.com

use one that works for site1.com and the one that doesn't work for site2.com.
Vary the size if site1.com doesn't work to see what you can get to.  If you 
can get 
	PING site1.com (207.44.234.4) 1472(1500) bytes of data.
and ping responses from site1.com but not site2.com, see what you can get from 
site2.com.  Try a binary-search method (not 1500?  try 750?  try 1125?  
etc...)

Setting the NIC at one end to a more appropriate MTU may solve your problem.  
Heaven forbid you should have to set both.



matt at faramir:/tmp$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:16:36:DA:DC:FD
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Base address:0x4000 Memory:da000000-da020000

matt at faramir:/tmp$ sudo ifconfig eth0 mtu 1300
Password:
matt at faramir:/tmp$ ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:16:36:DA:DC:FD
          UP BROADCAST MULTICAST  MTU:1300  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Base address:0x4000 Memory:da000000-da020000

-- 
Matthew Carpenter
mcarpenter at intelguardians.com
http://www.intelguardians.com

PGP Fingerprint: 
87EB 54A8 FB42 0A0E B8AE CDA7 FF99 2A64 E70F 4466
hkp://wwwkeys.pgp.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mailman.celestial.com/pipermail/linux-users/attachments/20071027/6804b89c/attachment-0002.bin

More information about the Linux-users mailing list