On 2019-06-28 1:41 p.m., Peter King via talk wrote:
Up until 3am on Wednesday, 26 June, I had a solid and reliable way to ssh into the UofT, talking to my computers (three of them) there; they would also provide redundant backup for my data every night. Well, without any warning, suddenly I can no longer ssh in to those computers -- all attempts to connect just time out. They are still running, I just can't get to them, and since I'm about 1000km away at the moment this is pretty rough.
I talked to the JOG (Joint Operations Group) at the UofT, who had no real idea about this but pointed out that they had tightened their "security" recently because of a massive hole in RDP. I looked at the bug description and it didn't look like it had anything to do with ssh, and besides they did that a few weeks ago and everything was working for me perfectly until the day before yesterday. On the other hand, someone somewhere might have just decided it was easier to block all remote access -- though you'd think there would be a hue and cry were that so, and the JOG didn't know anything about it. The problem has been bucked over to the local UofT support group but the people on this list are far more knowledgeable, and more likely to have noticed problems, indeed to have solved them too. So I thought I'd ask. Has anyone noticed anything about ssh access to the UofT in the past few days?
Did they ask you to try
traceroute -4 -T foo.philosophy.utoronto.ca
optionally with -p 22
I tried it, but I don't know any actual philosophy domain names.
All I got was
$ sudo traceroute -4 -T -p 22 philosophy.utoronto.ca
traceroute to philosophy.utoronto.ca (142.1.176.100), 30 hops max, 60 byte packets
1 router (192.168.0.1) 1.599 ms 2.291 ms 3.324 ms
2 * * *
3 8081-dgw01.ym.rmgt.net.rogers.com (67.231.222.137) 21.460 ms 21.786 ms 30.481 ms
4 0-14-0-11-cgw01.ym.rmgt.net.rogers.com (209.148.235.149) 29.720 ms 209.148.233.205 (209.148.233.205) 25.956 ms 3033-cgw01.ym.rmgt.net.rogers.com (209.148.232.73) 29.857 ms
5 209.148.235.18 (209.148.235.18) 30.500 ms 30.933 ms 30.738 ms
6 orion.ip4.torontointernetxchange.net (206.108.34.40) 31.624 ms 30.090 ms 30.225 ms 7 66.97.16.21 (66.97.16.21) 28.504 ms 66.97.21.21 (66.97.21.21) 21.920 ms 66.97.16.21 (66.97.16.21) 21.731 ms
8 66.97.23.58 (66.97.23.58) 20.783 ms 22.078 ms 22.948 ms
9 utoronto1-ut-hub-if-re.gtanet.ca (205.211.94.234) 22.671 ms 26.360 ms 26.128 ms
10 128.100.96.20 (128.100.96.20) 25.821 ms 21.075 ms 25.145 ms
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
No host or network unreachables...
Port 80 (the default) did get farther than 22, so that says something.
$ sudo traceroute -4 -T philosophy.utoronto.ca
traceroute to philosophy.utoronto.ca (142.1.176.100), 30 hops max, 60 byte packets
1 router (192.168.0.1) 1.770 ms 2.432 ms 3.775 ms
2 * * *
3 8081-dgw01.ym.rmgt.net.rogers.com (67.231.222.137) 20.456 ms 21.383 ms 29.671 ms
4 3033-cgw01.ym.rmgt.net.rogers.com (209.148.232.73) 29.211 ms 29.439 ms 28.414 ms
5 209.148.228.218 (209.148.228.218) 27.324 ms 28.236 ms 29.261 ms
6 21-cgw01.ym.rmgt.net.rogers.com (209.148.228.217) 36.569 ms 35.019 ms 35.040 ms
7 209.148.230.10 (209.148.230.10) 34.115 ms 17.087 ms 209.148.235.22 (209.148.235.22) 21.829 ms
8 orion.ip4.torontointernetxchange.net (206.108.34.40) 22.905 ms 22.442 ms 22.065 ms
9 66.97.16.21 (66.97.16.21) 18.974 ms 19.721 ms 66.97.21.21 (66.97.21.21) 20.855 ms
10 66.97.23.58 (66.97.23.58) 21.092 ms 18.229 ms 17.258 ms
11 utoronto1-ut-hub-if-re.gtanet.ca (205.211.94.234) 17.942 ms 17.856 ms 17.582 ms
12 128.100.96.20 (128.100.96.20) 17.657 ms 20.620 ms 18.898 ms
13 myweb.eis.utoronto.ca (142.1.176.100) 29.901 ms 29.365 ms 28.471 ms
I'd pass that on to your contacts: about utoronto1-ut-hub-if-re.gtanet.ca the port 22 packetss stop drawing a response.
--dave
(The problem occurs on several different networks, accessing from computers as far away as Virginia and North Carolina, to one located in Toronto itself but not on the University network -- all have the same problem.) I've managed to come up with a workaround to be able to check/read email, but I would like to be able to ssh in to my other computers -- one runs a git server, for instance. All suggestions welcome! Thanks.
--- Talk Mailing List talk@gtalug.org https://gtalug.org/mailman/listinfo/talk
-- David Collier-Brown, | Always do right. This will gratify System Programmer and Author | some people and astonish the rest dave.collier-brown@indexexchange.com | -- Mark Twain
CONFIDENTIALITY NOTICE AND DISCLAIMER : This telecommunication, including any and all attachments, contains confidential information intended only for the person(s) to whom it is addressed. Any dissemination, distribution, copying or disclosure is strictly prohibited and is not a waiver of confidentiality. If you have received this telecommunication in error, please notify the sender immediately by return electronic mail and delete the message from your inbox and deleted items folders. This telecommunication does not constitute an express or implied agreement to conduct transactions by electronic means, nor does it constitute a contract offer, a contract amendment or an acceptance of a contract offer. Contract terms contained in this telecommunication are subject to legal review and the completion of formal documentation and are not binding until same is confirmed in writing and has been signed by an authorized signatory.