Topic: [RESOLVED] Trouble connecting two servers via ssh.

[crazybob]

I am having a problem connecting to a remote server using ssh. I have set the key on the remote server, and I can connect from my local server to the remote server using ssh user@remote.server.com one time. If I disconnect from the remote server and try to connect again, it fails. At that point I can no longer connect to the remote server via putty or winscp. The only resolution I have is to reboot the remote server, which is possible because I have a vpn connection to it.

I am able to preform this function with other SME servers, both 8.2 and 9.1. I look at the logs for sshd, and nothing appears wrong.
I need an idea as to where to look.
TIA

[mmccarn]

Are you tunneling traffic over the ssh connection? 
I frequently use putty to tunnel local traffic through my SME, and I've noticed that a putty or ssh session that is tunneling traffic doesn't close when I tell it to -- so perhaps a linux ssh tunnel that's in active use doesn't close when you expect it to

Can you reconnect if you kill sshd on the remote server instead of rebooting it?
When I attempt to restart sshd over an ssh connection from my macbook, the process number for sshd does not change...  If you're rebooting from server-manager over the VPN you could try disabling ssh then re-enabling it.

Is there any chance that the access rights are messed up on your sshd log folder?
I've seen odd behavior from runsv and multilog when the access rights to the log folder are incorrect.

Is there anything odd in /var/log/sshd/current or /var/log/messages?

Do you see the same behavior if you do not have the VPN connected (or - when you say you have a vpn connection to it -- do you mean that after sshd freezes you establish a vpn connection in order to reboot the server, or do you have a continuous vpn between the two servers)?

Do  you have fail2ban or another IPS package loaded?
fail2ban seems to block my workstation on my local network after the first connection.  To get back in I have to un-block myself...

[crazybob]

I was not really passing anything, just setting up to rsync some files. That is when I notice it was failing.
After I made the connection, I sent a ctrl-d to disconnect. when I tried to connect again it just hangs there.
I did not have vpn running at that point, but was able to connect. I used sme9admin, and stopped and started sshd, but that made no difference.
I am not using fail2ban on this server.

I just attempted to log in via ssh with another user name, and I rejected. Then it was frozen up again.

I am trying to do all this to use an old dungog contrib for rsync backup which is working flawlessly with other servers I am backing up.

[mmccarn]

You might want to check & verify the "pmtu" between your two servers.

These notes are talking about qpsmtpd and connection timeouts, but the same issue could apply to ssh connections:
https://wiki.contribs.org/Email#qpsmtpd_.22Connection_Timed_Out.22_errors

[crazybob]

path mtu to google.com seems OK, 1500 from both servers

[guest22]

Just a quick thought, does Autoblock come in to play somehow?

https://wiki.contribs.org/AutoBlock

[Stefano]

Just a quick thought, does Autoblock come in to play somehow?

https://wiki.contribs.org/AutoBlock

I agree, it could be the cause.. It took me some time to realize I locked myself out on some test servers

[crazybob]

Thank you.
The autoblock was the culprit. I didn't realize it was enabled by default. All is working wonderfully now.