Problem with SSH? [Solved]

Discussions Regarding Software

Moderator: Moderators

Problem with SSH? [Solved]

Postby BHReach » Tue Jan 10, 2012 15:49

openssh-5.9_p1-r3

LXDE AMD64 daily 1/4/2012

It appears there is some sort of limit on the number of characters transferred in a time period. If I run a command (like cat) that has a lot of output, the screen freezes part way through and does not continue for several minutes. Small files are not a problem.

When I first open a session, it works fine. Once the problem starts, if I use sftp with a file manager, the same stalling action occurs. If the stall lasts long enough, the server closes the connection.

The effect is worse if there are several login sessions for the same user. This is painful because the time delay can be very long. It also makes X forwarding over ssh useless.

Does anyone know how to fix this? Could it be a configuration setting? Could it be a network issue?
Last edited by BHReach on Wed Jan 11, 2012 8:33, edited 1 time in total.
BHReach
Growing Hen
 
Posts: 193
Joined: Thu Jan 31, 2008 20:40

Re: Problem with SSH?

Postby BHReach » Wed Jan 11, 2012 2:10

Update ->

Ping results in errors:

ping -Mdo -s 1500 -c 10 192.168.0.5

Frag needed and DF set (mtu = 1500)

ping -Mdo -s 1472 -c 10 192.168.0.5

works without errors, 1472 is the largest number that works.

Didn't help much. SSH still stalls but once the problem occurs, I can sftp files with a file manager with minimal delay.

I tried a different wifi card and the problem seems to go away. The adapter with the problem has a Realtek RTL8187 chipset. The one that works well has an Atheros ath9k_htc chipset. Must be a driver problem with the RTL8187 chipset.

I returned MTU to the 1500 default.

Some research yielded a solution:

The problem appears to be the driver continuously trying to connect to the AP at a better transmission rate. The work around is to make it connect at a fixed rate.

iwconfig wlan0 rate 48M fixed

I tried 5.5MB/s to 54MB/s They all worked OK except 54MB/s. 48 seemed to be the fastest so I will keep it there for now.

I cannot figure out how to make the rate of 48M stick in NetworkManager?
BHReach
Growing Hen
 
Posts: 193
Joined: Thu Jan 31, 2008 20:40

Re: Problem with SSH?

Postby Fitzcarraldo » Wed Jan 11, 2012 7:14

There are a couple of ways to make a system-wide start-up command stick over reboots, but the easiest is probably to put the command in a new file /etc/local.d/01network.start and make it executable:

Code: Select all
# chmod +x /etc/local.d/01network.start

Have you tried that with your iwconfig command? I know it is not configuring NetworkManager, but it could be a viable work-around.
User avatar
Fitzcarraldo
Sagely Hen
 
Posts: 7984
Joined: Sat Mar 10, 2007 5:40
Location: United Kingdom

Re: Problem with SSH?

Postby BHReach » Wed Jan 11, 2012 8:32

Fitzcarraldo wrote:There are a couple of ways to make a system-wide start-up command stick over reboots, but the easiest is probably to put the command in a new file /etc/local.d/01network.start and make it executable:

Code: Select all
# chmod +x /etc/local.d/01network.start

Have you tried that with your iwconfig command? I know it is not configuring NetworkManager, but it could be a viable work-around.

That may be the best way right now. NetworkManager cannot control individual interfaces only the wireless network as a whole and I only want to fix the transmission rate on the wifi adapter with the Realtek chipset. wpa_supplicant seems to suffer from the same short coming.

I cannot simply put the configuration in /etc/conf.d/network because NetworkManager will overwrite it. One solution is to prevent NetworkManager from managing the interfaces and do it manually in /etc/conf.d/network but I think using the startup script is simpler.

Also, 48M is not reliable. I had to drop to 11M. 18M worked for quite a while before it crashed the wifi adapter (I had to unplug and replug the usb adapter to reset it). At 11M, even with compression, applications tunneled over ssh are sluggish. ksudoku is a good application for testing, you can easily see how slowly the graphics respond to mouse movement.

I had an old Ralink wifi adapter that required a fixed bit rate to work reliably. These wifi adapters seem to work better under Windows than they do under Linux.

Also, I discovered than setting ip6v to ignore in NetworkManager speeds up the connection to an AP.

Code: Select all
echo 'iwconfig wlan0 rate 11M fixed' >/etc/local.d/01network.start
chmod +x /etc/local.d/01network.start
BHReach
Growing Hen
 
Posts: 193
Joined: Thu Jan 31, 2008 20:40

Re: Problem with SSH? [Solved]

Postby Fitzcarraldo » Wed Jan 11, 2012 11:38

The files that NetworkManager touches is affected by what is specified in the file /etc/NetworkManager/nm-system-settings.conf, which may be of interest to you:

networkmanager 0.9 and openrc

Ifnet updates for NetworkManager 0.9
User avatar
Fitzcarraldo
Sagely Hen
 
Posts: 7984
Joined: Sat Mar 10, 2007 5:40
Location: United Kingdom

Re: Problem with SSH? [Solved]

Postby BHReach » Wed Jan 11, 2012 22:26

Fitzcarraldo wrote:The files that NetworkManager touches is affected by what is specified in the file /etc/NetworkManager/nm-system-settings.conf, which may be of interest to you:

networkmanager 0.9 and openrc

Ifnet updates for NetworkManager 0.9


Thank you for the links.

You prevent NetworkManager from overwriting the network config file by putting managed=false in its config file. That means it does not manage your network interfaces, you have to do it manually.

NetworkManager is incomplete. The 1st clue you have is its version number 0.9... By convention, software versions that begin with 0 are usually alpha. The real problem is that you cannot completely configure your network with its editor but it takes over the network configuration file so you cannot use it. That is a very poor choice.

I like the way icewm handles configuration. It has a primary configuration file and a preference override file. If NM had its own configuration file and used the global network configuration file as an override file it would be much easier to use it as a network configuration tool.

IMO, wicd is a much better choice for network management. It is more mature and more complete than NM.
BHReach
Growing Hen
 
Posts: 193
Joined: Thu Jan 31, 2008 20:40

Re: Problem with SSH? [Solved]

Postby Fitzcarraldo » Thu Jan 12, 2012 5:55

BHReach wrote:IMO, wicd is a much better choice for network management. It is more mature and more complete than NM.

In my case NetworkManager is the better choice. On two of my Linux machines Wicd does not connect to wireless networks, and on my third Linux machine it works unreliably.

Wicd is not more complete than NetworkManager:

Connection Manager Comparison

NetworkManager vs wicd vs wpa_gui

Dan Williams wrote:This release [NetworkManager 0.9.2] packs in some great stuff aside from the usual bug fixes and pixie dust: translated country names in the mobile broadband provider wizard, VPN details in the applet’s Connection Information dialog, auto-unlocking of GSM modems, support for libnl2 and libnl3, better IPv6 handling, enhancements for nmcli, rfkill fixes for EeePCs, GObject Introspection updates, better cooperation with unmanaged devices, timestamps for VPN connections, increased dnsmasq cache size, and more.

What’s even more exciting is what’s all piled up for 0.9.4. We’ve killed WEXT and now use the more robust nl80211 for talking to well-behaved kernel drivers. We’ve uncoupled IPv4 and IPv6 addressing so that when one completes the connection is usable while we wait for the other one to complete or time out. We’ve added bonding support, and VLANs and bridges are next. We’ll have better firewall interaction. We’ll probably have connectivity detection as well. Many of these features are finished and merged to git master already.

Hey, 0.8.6 is out too!

If you’re into anachronisms, then we’ve got another release for you too. 0.8.6 got tagged earlier this week, and it’s got IPv6 fixes, auto-unlocking of GSM modems, improved usability of IP address and routing entry in the editor, notifications of mobile broadband changes, VPN information in the Connection Information dialog, better handling of gadget devices, retry of Ethernet connections on carrier bounces, allowing certificate paths in keyfile plugins, MAC address blacklists, on-the-fly recognition of newly installed VPN plugins, subject verification of 802.1x certificates, builds without PolicyKit, and much more.
User avatar
Fitzcarraldo
Sagely Hen
 
Posts: 7984
Joined: Sat Mar 10, 2007 5:40
Location: United Kingdom

Re: Problem with SSH? [Solved]

Postby BHReach » Thu Jan 12, 2012 15:33

When I said wicd was more complete, I did not mean it had more features just that it talked to more wifi adapters. NM, wpa_supplicant and wicd all have trouble talking to adapters. iwconfig seems able to talk to them all reliably (at least all the one I have tried). If iwconfig added support for WPA encryption, you would not need wpa_supplicant at all.

Until recently, I never used any network manager. I just configured my network using /etc/con.d/net and iwconfig (I don't use encryption, more on that later). The only drawback is if your connection gets dropped, you have to restart it manually. The network managers and wpa_supplicant all have daemons to do that automatically (iwconfig doesn't). I could 'create my own deamon' by testing the connection periodically and restarting it if it is down but using a network manager is much simpler, too bad that they all have serious shortcomings right now.

The overhead of using encryption reduces your data throughput to 1/2 - 1/5 of maximum. IMO, unless you have a special situation, there is no need to encrypt a home wifi LAN. The radio's range is only a few hundred feet. Some people have trouble getting a reliable connection to their own router inside their house. Master hackers are not driving around trying to break into home LANs and you still have your computers' firewalls that they would have to get through. There are other precautions you can take to make your LAN more secure without using encryption like not broadcasting your essid and some routers let you restrict access by mac address or IP address. More than a billion computers have access to your computer via the Internet and you don't use encryption there except for special situations, why do you need it on your home LAN?
BHReach
Growing Hen
 
Posts: 193
Joined: Thu Jan 31, 2008 20:40

Re: Problem with SSH? [Solved and Updated]

Postby BHReach » Tue Jan 17, 2012 20:19

The system wide start up script is not an effective solution. If the the network gets restarted for any reason, the fix in the start up script does not get made.

Code: Select all
rm /etc/local.d/01network.start


I disabled interface management by NetworkManager and tried to manage the interfaces manually.

Code: Select all
sed -i -e 's/managed=true/managed=false/' /etc/NetworkManager/nm-system-settings.conf


I failed at that probably because I did not know how to do it correctly. I decided to use wpa_supplicant alone.

Code: Select all
/etc/init.d/NetworkManager stop
/etc/init.d/net.wlan0 restart
rc-update delete NetworkManager
rc-update add net.wlan0 default


It did not work right away because the configuration files were not correct. Kept getting the following warning/error:

WARNING: net.wlan0 has started, but is inactive

Finally got it to work using the following configuration files.

# Create /etc/conf.d/net
Code: Select all
echo 'dns_servers="208.67.220.220 208.67.222.222"
routes_bingo="default via 192.168.0.5"
config_bingo="192.168.0.20/24"

# Needed for RTL8187 based adapter to be stable.
iwconfig_wlan0="rate 11M fixed"

# Select wpa_supplicant
modules="wpa_supplicant"

# Tell wpa_supplicant what driver to use (generic for rtl8187)
wpa_supplicant_wlan0="-Dwext"' > /etc/conf.d/net


# Create /etc/wpa_supplicant/wpa_supplicant.conf
Code: Select all
echo '# This line enables the use of wpa_cli
ctrl_interface=/var/run/wpa_supplicant

# By default, only root (group 0) may use wpa_cli
ctrl_interface_group=0

eapol_version=1
ap_scan=1
fast_reauth=1

# Plaintext connection (no WPA, no IEEE 802.1X).
network={
  ssid="bingo"
  key_mgmt=NONE
  priority=0
}' > /etc/wpa_supplicant/wpa_supplicant.conf


I still get the warning but the network works fine. For configuration, you just have to remember that for wpa_supplicant, you have to configure networks globally and not by interface.

NetworkManager is under rapid development, it probably won't be too long before we will be able to do complete network configuration using their configuration editor.
BHReach
Growing Hen
 
Posts: 193
Joined: Thu Jan 31, 2008 20:40


Return to Software in General

Who is online

Users browsing this forum: No registered users and 2 guests