run tcpdump on your server when you do the outside connect.
you can
tcpdump -i eth0 -n |grep 209.122.208.175
do you don't get a tonne of crap. You may have to change eth0 to what is appropriate.
also see if you have any iptables odd rules, or any odd routing.

-tl


On Thu, Feb 12, 2015 at 11:22 PM, Dev Guy <devguy.ca@gmail.com> wrote:
Hi All,

I am having a real nagging problem with ssh. I setup dynamic dns so I could I connect to my box from outside.

My basic setup is a router connected to a cable modem.
I've opened the firewall port 22 tcp/udp on my router.

However he is the problem I am having.

I can ssh into my box from inside my LAN like, ssh 192.168.0.100, works fine!

However when I try to ssh using my dynamic dns (or the external IP), ssh will hang and never return.

1) I've tried running my sshd in debug mode and here is the output
=====(SERVER SIDE)=====

debug1: sshd version OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type ECDSA
debug1: private host key: #2 type 3 ECDSA
debug1: private host key: #3 type 4 ED25519
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
Connection from 192.168.0.1 port 48996 on 192.168.0.100 port 22


2) Here is the ssh verbose output
=====(CLIENT SIDE)=====

OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to yadav.duckdns.org [209.122.208.175] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/home/yadav/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /home/yadav/.ssh/id_rsa type 1
debug1: identity file /home/yadav/.ssh/id_rsa-cert type -1
debug1: identity file /home/yadav/.ssh/id_dsa type -1
debug1: identity file /home/yadav/.ssh/id_dsa-cert type -1
debug1: identity file /home/yadav/.ssh/id_ecdsa type -1
debug1: identity file /home/yadav/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/yadav/.ssh/id_ed25519 type -1
debug1: identity file /home/yadav/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-8

As you can see from the server output the connection gets established, but then the hang happens and I can't figure out what's going on?

Someone suggested that sshd might be trying to do a reverse lookup and to add,

'UseDNS no'

to /etc/ssh/sshd_config and restarting the daemon. This didn't work!

Any ideas? I can't seem to find anything for my particular problem on the Internet.

---
Talk Mailing List
talk@gtalug.org
http://gtalug.org/mailman/listinfo/talk