SSH Constantly Hangs at SSH2_MSG_SERVICE_ACCEPT Received

5

1

I'm having problems with SSH. I can't connect to anything; every connection hangs indefinitely at SSH2_MSG_SERVICE_ACCEPT RECEIVED. I'm on OSX 10.6.8.

I'm thinking that it's a problem with my SSH configuration, but I can't figure it out. I have the original openssh that came with os x installed in /usr/bin/, and a brewed installation in /usr/local/bin/. I'm using the homebrew one - is there possibly some conflict going on here?

Any ideas on solutions or what could be causing this? Here is my ssh_config:

 Host *
#   ForwardAgent no
#   ForwardX11 no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   GSSAPIKeyExchange no
#   GSSAPITrustDNS no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
   IdentityFile ~/.ssh/identity
   IdentityFile ~/.ssh/id_rsa
   IdentityFile ~/.ssh/id_dsa
   Port 22
#   Protocol 2,1
   Cipher 3des
   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no

user2594363

Posted 2013-10-03T23:12:06.760

Reputation: 151

My connection also stopped at SSH2_MSG_SERVICE_ACCEPT -- turned out my ssh-agent wasn't started/properly initiated. https://serverfault.com/questions/484977/ssh-sftp-connections-fails-silently-on-osx-10-8-2-ssh-agent-issue

– Joel Purra – 2015-07-25T10:15:42.107

So, you have a Mac running 10.6.8 that you're trying to use as an SSH client, but you see this hang, no matter what "ssh server" (host running sshd) you try to connect to. How many different ssh server hosts have you tried to connect to? What were they running? How did they have sshd configured? Your question almost makes it sound like you edited sshd_config on your ssh client machine and wondered why that didn't make a difference. sshd is the server side of ssh; it only matters on the machine you're connecting to, not the machine you're connecting from. – Spiff – 2013-10-04T00:03:36.973

no, i totally did edit my own sshd config file thinking it might somehow do something..lol. i've tried to SSH to an EC2 instance, to heroku's git server, to my local university's SSH server, etc, getting the same error each time. I don't know what their sshd configurations are, but I've been able to connect to them in the past, so i'm pretty sure it's a problem with my client configuration. – user2594363 – 2013-10-04T00:37:39.803

Try using one of those "what is my IP" websites to see what the rest of the world sees as your IP address and hostname. If it doesn't give you a host name, your site may not have reverse-dns set up correctly. If it does give you a host name, use an external DNS lookup website to look up the IP address for that hostname, and make sure it points to your machine's public IP address. – Spiff – 2013-10-04T04:46:33.067

my hostname seems correct - shows up as "my.ip.address.myISP.net". DNS lookup of the hostname gave the correct IP address. – user2594363 – 2013-10-04T21:40:20.153

Answers

6

It's possible that the host(s) you're connecting to (the one(s) running the sshd server, not the one you're running the ssh client from), is hanging here as it tries—and then times out and fails—to do a reverse-DNS lookup of your ssh client machine's host name based on its IP address.

One workaround is to edit /etc/sshd_config on the sshd server machine, not your ssh client machine to set "UseDNS" to "no". (From the way you originally wrote your question, it sounded like you may have edited that file on your client, which wouldn't make a difference.)

Another solution would be to have your ISP (or whatever institution is responsible for your publicly-routable IP addresses) fix their reverse-DNS record for your IP address on their DNS name servers that are authoritative for the reverse-DNS records for that block of IP addresses. In other words, "make it so people can find your host name based on your IP address, and make sure the hostname they find maps back to your IP address".

Spiff

Posted 2013-10-03T23:12:06.760

Reputation: 84 656

To check what you said, I edited '/etc/hosts' in the remote host, adding my hostname and my ip. It fixed the issue. Thanks! – JorgeeFG – 2016-05-11T15:28:25.597

"UseDNS no" fixed the problem for me on Ubuntu. I needed to add the line to /etc/ssh/sshd_config on the server and run "service ssh restart". No more 30 second delays on every scp. Thanks! (I'm communicating from a Mac to a BeagleBone over an Ethernet cable, so DNS doesn't make sense in this environment.) – Ken Shirriff – 2017-03-03T01:28:19.463

i attached my ssh_config file, maybe something sticks out? – user2594363 – 2013-10-04T00:42:04.063

@user2594363 Nothing sticks out. It's pretty close to the system defaults. By the way, does the built-in ssh binary from /usr/bin have this same problem, or is this problem only with the Homebrew one? – Spiff – 2013-10-04T04:47:58.510

the built in binary has the same problem. – user2594363 – 2013-10-04T21:30:22.940

1i also just tried using ssh-add -l to list identities, then ssh-add -D to delete all identities - both commands hung indefinitely and didn't do anything. – user2594363 – 2013-10-04T23:21:54.990

1

More information on this issue here: https://github.com/Homebrew/homebrew-dupes/issues/242

Apparently this is a problem with the current version on Homebrew. (I've just run into it myself.)

JP Barringer

Posted 2013-10-03T23:12:06.760

Reputation: 11

-1

I think Homebrew's libssh2 messes up Apple`s ssh binaries. Try:

brew uninstall --force libssh2.

DagGum

Posted 2013-10-03T23:12:06.760

Reputation: 1

Can you please provide some evidences, examples for your claim? – Romeo Ninov – 2016-03-16T07:18:00.470

Asked: 2013-10-03T23:12:06.760

Viewed: 5 204 times

Active: 2016-03-08T01:52:42.677