Hi all,

This is slightly off-topic here, but I hope that someone here might be
able to help me...

We are having some problems using SSH across the Internet.

We have a client with an ADSL broadband connection, and dynamic external
IP address. I am using no-ip.com to provide me with a subdomain name,
that is dynamically updated to point to the client's current IP address.

I have a port forwarded through from the outside, to a server running
RedHat 9, running 'sshd'.

I can connect to the machine from elsewhere on the Internet, using 'ssh'
on my own Linux machine, and AlphaCom, WinSCP, and PuTTY on my Windows
2000 notebook.

However, after a seemingly random period of time, I am disconnected.
This is obviously no good if I am using D3 at the time - the user will
remain logged on, potentially using up the last user licence...

'ssh' says: ''
PuTTY says: ''
WinSCP says: 'Network error: Connection reset by peer'

One thing which I have noticed is that, if I have several programs
simultaneously connected to the server, they all seem to get kicked off
at the same time.

Does anyone have any ideas?

Regards
Michael Nelson
Softec Ltd

I apologise. I sent my last post mistakenly before finishing this bit:

Michael Nelson wrote:

Here is what I meant to type:

'ssh' at the shell in Linux says:
Read from remote host <hostname>: Connection reset by peer

PuTTY says:
Network error: Connection reset by software

WinSCP says:
Network error: Connection reset by peer

AlphaCom6 says:
Connection closed by host
Disconnected

This is just a guess, but it looks like that may be occurring when the
IP address is changed.

hartingm wrote:
yea that's what I would guess too. or just the ADSL modem resetting.
Either way its going to drop you briefly =(

Suggest the following:
1. Get into the DSL modem setup using a browser, and change the "IP
allowed" settings to allow the IP address of the host on which D3 is
running, making "public" port 23
2. Using no-ip will then work just fine. You dont even need to run the
no-ip DUC on the server, since it will automatically map to the IP
address allocated by the ISP.
3. Remember to properly password protect your accounts, since anyone
can now "ping" your hostname, and by implication get into the database
via port 23. I change the default port to a hidden one, and also have
some stuff preventing access. I use this to do remote support for
almost all my clients in South Africa.
4. The other option would be to installa VNC on the remote site.

HTH

Diets

"Michael Nelson" wrote
for needing 'keepalives' -- which later versions of putty and accuterm
provide as config options, by the way.

Tedd Scofield wrote:

In the openssh I'm running, the sshd config file has a keepalive flag you
can set.

Art

hartingm wrote:
Ok, thanks everyone for your replies.

Basically, every time I connect, I get kicked off in this way -
sometimes within seconds, sometimes minutes.

I don't really expect an ADSL modem to reset itself, or change its IP
address within a few seconds or minutes of me connecting.

Is that unreasonable? It's my understanding that the external IP address
will only change when the Internet connection is dropped and then
reconnected.

Thanks
Michael Nelson
Softec Ltd

Art Martz wrote:
I don't think that the modem is resetting either. If it is resetting
itself for some reason - then it's doing it very frequently.

Two other people in the office are using the same broadband connection
for their Internet connection and VoIP, and they haven't suffered any
problems at all.

Yes, I was hopeful when I found this setting, but I've tried with it
turned on and turned off, and it didn't seem to make a difference.

Maybe the ISP (who provided the broadband modem) may be able to help?

Thanks
Michael Nelson
Softec Ltd

diets wrote:
Thanks. I may be misunderstanding you, but this sounds like what I'm
doing already.

The DSL modem is set to forward an arbitrary port number on the outside
through to the SSH port on the D3 Linux server.

I have the no-ip DUC installed on a PC elsewhere on the subnet.

Passwords are reasonably secure already, and I'm planning to use
public/private keys when I have ironed out this problem.

It looks as though SSH will be a very handy tool for us, but this
problem is preventing us from taking advantage of it.

Thanks
Michael Nelson
Softec Ltd