Do I have an ssh problem?
Jonathan Underwood
jonathan.underwood at gmail.com
Tue Sep 11 15:08:11 UTC 2007
On 11/09/2007, Les <hlhowell at pacbell.net> wrote:
> I had the same problem on FC6. I asked lots of questions got lots of
> advice leading to iptables in the firewall being part of the problem.
> Finally I turned off the firewall, and things worked ok. I am now
> slowly going through the iptables and playing with combinations, to see
> what in there is mucking up the transfers. But it seems related to
> several things affecting different bits of the process.
> I can't isolate it well yet.
>
> If you have a separate firewall isolating you from the net threats as I
> do, then you can pretty safely turn off the machines firewall and see if
> it helps.
>
I have had probelms with scp of large files between two boxes each
behind a firewall - the scp would stalll after a few kb (the machine
wouldn't crash though). Turns out that one of the firewalls was
somehow causing many packets to be out of the TCP window.
doing an
echo 1 > /proc/sys/netfilter/nf_conntrack_tcp_be_liberal
fixed that for me. To make it persistent accross rebotts you need to
add this line to /etc/sysctl.conf
net.netfilter.nf_conntrack_tcp_be_liberal = 1
Another thing you might want to turn off is tcp window scaling - read
about that here:
http://lwn.net/Articles/92727/
However, I would not have expected any of these things to cause a box to hang.
> Regards,
> Les H
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the users
mailing list