Problem logging in over GRE/IPSec tunnel?
Damien Miller
djm at mindrot.org
Mon Oct 20 14:08:05 EST 2014
On Sun, 19 Oct 2014, Paul Suh wrote:
> Hello,
>
> First time posting here, but I?ve been using OpenBSD for since 2.7 or
> so. I hope this is the right place to ask.
>
> Anyway, I?m running into a puzzler.
[...]
> On the server, I get this line in /var/log/authlog:
>
> > Oct 19 22:42:17 ravelin sshd[5880]: fatal: Read from socket failed:
> > Connection reset by peer [preauth]
Whatever the problem is, it's happening at a lower level than ssh/sshd.
Can you connect the the sshd using telnet or netcat from the client?
If not, then that's your problem.
If so, then the problem is more subtle. In the absence of further
information, I'd expect a MTU blackhole in one/both directions,
since the KEXINIT packet is likely to be the first bit of data sent
that is >1KB. You might be able to check this using ping's size
and don't-fragment options (make sure you test both the client->server
and server->client directions).
-d
More information about the openssh-unix-dev
mailing list