Unable to browse or log in to linux host from local network

Discussion in 'macOS Sierra (10.12)' started by Daventry, Dec 11, 2016.

  1. Daventry macrumors member

    Joined:
    Sep 23, 2011
    #1
    Hi,

    I have a PC running Ubuntu 16.04 and I remote into it from my 2016 TB MBP with Mac OS Sierra 10.12.1

    Sometimes I can't log in to it, not by using its hostname nor the IP address. I can't browse the Plex Media Server which is hosted by the same PC either.

    At the same time I can still browse the Internet with no issues at all. And I can still access my NAS by both IP address and hostname.

    The connection to the Ubuntu host works if I turn Airport off and then I turn it back on.

    BTW I also experienced a similar behaviour with my old 2010 MBP running El Capitan.

    Has anyone had a similar issue before? If so - is there a fix?

    Thanks.
     
  2. MacUser2525 macrumors 68000

    MacUser2525

    Joined:
    Mar 17, 2007
    Location:
    Canada
    #2
    That to me suggests an IP conflict happening somehow. How are they getting their IPs, what protocol are they using to connect with ssh, smb, afp? I was trying out ElementaryOS based on 16.04 a few weeks ago and it had the ufw firewall enabled by default you may want to check that that is not messing with anything on your install. That said my Debian boxes running Jessie work perfectly fine to access via smb or ssh, I'm on 10.11.6.

    https://help.ubuntu.com/stable/ubuntu-help/net-firewall-on-off.html
     
  3. Daventry thread starter macrumors member

    Joined:
    Sep 23, 2011
    #3
    It fails to connect to the Ubuntu box via ssh and http, haven't tried any other methods.
    The Ubuntu box has a static IP and the MBP has a dynamic one, both assigned by an Asus RT-AC68U router.
    Ufw is diabled.

    BTW have noticed that when the connection is working the ping is quite bad:
    Request timeout for icmp_seq 0
    Request timeout for icmp_seq 1
    64 bytes from 192.168.1.40: icmp_seq=2 ttl=64 time=147.948 ms
    64 bytes from 192.168.1.40: icmp_seq=3 ttl=64 time=70.468 ms
    Request timeout for icmp_seq 4
    64 bytes from 192.168.1.40: icmp_seq=5 ttl=64 time=212.173 ms
    Request timeout for icmp_seq 6
    Request timeout for icmp_seq 7
    64 bytes from 192.168.1.40: icmp_seq=8 ttl=64 time=146.996 ms

    On the other hand pinging my NAS from my MBP has no issues at all.
     
  4. MacUser2525, Dec 11, 2016
    Last edited: Dec 11, 2016

    MacUser2525 macrumors 68000

    MacUser2525

    Joined:
    Mar 17, 2007
    Location:
    Canada
    #4
    ssh -vvv username@192.168.1.40 to see what it is doing while trying to connect. That last part on the ping suggest to me that Apple has messed it up again (connecting to other non-apple protocols) in Sierra. For the http you will want to check the Apache?? config/log/error files to ensure you are allowing access.

    Here is what it looks like when it does it properly.

    Code:
    MacUser2525:~$ ssh -vvv seeder1@192.168.0.105
    OpenSSH_6.9p1, LibreSSL 2.1.8
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: /etc/ssh/ssh_config line 21: Applying options for *
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to 192.168.0.105 [192.168.0.105] port 22.
    debug1: Connection established.
    debug1: identity file /Users/MacUser2525/.ssh/id_rsa type 1
    debug1: key_load_public: No such file or directory
    debug1: identity file /Users/MacUser2525/.ssh/id_rsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /Users/MacUser2525/.ssh/id_dsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /Users/MacUser2525/.ssh/id_dsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /Users/MacUser2525/.ssh/id_ecdsa type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /Users/MacUser2525/.ssh/id_ecdsa-cert type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /Users/MacUser2525/.ssh/id_ed25519 type -1
    debug1: key_load_public: No such file or directory
    debug1: identity file /Users/MacUser2525/.ssh/id_ed25519-cert type -1
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_6.9
    debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u3
    debug1: match: OpenSSH_6.7p1 Debian-5+deb8u3 pat OpenSSH* compat 0x04000000
    debug2: fd 3 setting O_NONBLOCK
    debug1: Authenticating to 192.168.0.105:22 as 'seeder1'
    debug3: hostkeys_foreach: reading file "/Users/MacUser2525/.ssh/known_hosts"
    debug3: record_hostkey: found key type ECDSA in file /Users/MacUser2525/.ssh/known_hosts:5
    debug3: load_hostkeys: loaded 1 keys from 192.168.0.105
    debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-ed25519,ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
    debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
    debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
    debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
    debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
    debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
    debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: Server host key: ecdsa-sha2-nistp256 SHA256:ZGf5GhKhAS3+Q06jFLLoc0ZSqSJ3sjHpqNv/zo5A7G0
    debug3: hostkeys_foreach: reading file "/Users/MacUser2525/.ssh/known_hosts"
    debug3: record_hostkey: found key type ECDSA in file /Users/MacUser2525/.ssh/known_hosts:5
    debug3: load_hostkeys: loaded 1 keys from 192.168.0.105
    debug1: Host '192.168.0.105' is known and matches the ECDSA host key.
    debug1: Found key in /Users/MacUser2525/.ssh/known_hosts:5
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug2: service_accept: ssh-userauth
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug2: key: /Users/MacUser2525/.ssh/id_rsa (0x7f9da241a460),
    debug2: key: /Users/MacUser2525/.ssh/id_dsa (0x0),
    debug2: key: /Users/MacUser2525/.ssh/id_ecdsa (0x0),
    debug2: key: /Users/MacUser2525/.ssh/id_ed25519 (0x0),
    debug1: Authentications that can continue: publickey,password
    debug3: start over, passed a different list publickey,password
    debug3: preferred publickey,keyboard-interactive,password
    debug3: authmethod_lookup publickey
    debug3: remaining preferred: keyboard-interactive,password
    debug3: authmethod_is_enabled publickey
    debug1: Next authentication method: publickey
    debug1: Offering RSA public key: /Users/MacUser2525/.ssh/id_rsa
    debug3: send_pubkey_test
    debug2: we sent a publickey packet, wait for reply
    debug1: Server accepts key: pkalg ssh-rsa blen 277
    debug2: input_userauth_pk_ok: fp SHA256:xzRc7+XXD2RSxs8LLT5molg2EZ9E6vOaq0efPd1Ix8Q
    debug3: sign_and_send_pubkey: RSA SHA256:xzRc7+XXD2RSxs8LLT5molg2EZ9E6vOaq0efPd1Ix8Q
    debug1: Authentication succeeded (publickey).
    Authenticated to 192.168.0.105 ([192.168.0.105]:22).
    debug1: channel 0: new [client-session]
    debug3: ssh_session2_open: channel_new: 0
    debug2: channel 0: send open
    debug1: Requesting no-more-sessions@openssh.com
    debug1: Entering interactive session.
    debug2: callback start
    debug2: fd 3 setting TCP_NODELAY
    debug3: ssh_packet_set_tos: set IP_TOS 0x10
    debug2: client_session2_setup: id 0
    debug2: channel 0: request pty-req confirm 1
    debug1: Sending environment.
    debug3: Ignored env TERM_PROGRAM
    debug3: Ignored env SHELL
    debug3: Ignored env TERM
    debug3: Ignored env TMPDIR
    debug3: Ignored env Apple_PubSub_Socket_Render
    debug3: Ignored env TERM_PROGRAM_VERSION
    debug3: Ignored env TERM_SESSION_ID
    debug3: Ignored env USER
    debug3: Ignored env SSH_AUTH_SOCK
    debug3: Ignored env __CF_USER_TEXT_ENCODING
    debug3: Ignored env PATH
    debug3: Ignored env PWD
    debug1: Sending env LANG = en_CA.UTF-8
    debug2: channel 0: request env confirm 0
    debug3: Ignored env XPC_FLAGS
    debug3: Ignored env XPC_SERVICE_NAME
    debug3: Ignored env SHLVL
    debug3: Ignored env HOME
    debug3: Ignored env LOGNAME
    debug3: Ignored env SECURITYSESSIONID
    debug3: Ignored env _
    debug3: Ignored env OLDPWD
    debug2: channel 0: request shell confirm 1
    debug2: callback done
    debug2: channel 0: open confirm rwindow 0 rmax 32768
    debug2: channel_input_status_confirm: type 99 id 0
    debug2: PTY allocation request accepted on channel 0
    debug2: channel 0: rcvd adjust 2097152
    debug2: channel_input_status_confirm: type 99 id 0
    debug2: shell request accepted on channel 0
    Linux SeedBox1 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 (2016-10-19) x86_64
    
    The programs included with the Debian GNU/Linux system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.
    
    Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
    permitted by applicable law.
    You have new mail.
    Last login: Thu Dec  8 20:46:20 2016 from 192.168.0.100
    
    Edit: Here is a working config file for you to compare against yours.

    Code:
    root@SeedBox1:/home/seeder1# cat /etc/ssh/ssh_config
    
    # This is the ssh client system-wide configuration file.  See
    # ssh_config(5) for more information.  This file provides defaults for
    # users, and the values can be changed in per-user configuration files
    # or on the command line.
    
    # Configuration data is parsed as follows:
    #  1. command line options
    #  2. user-specific file
    #  3. system-wide file
    # Any configuration value is only changed the first time it is set.
    # Thus, host-specific definitions should be at the beginning of the
    # configuration file, and defaults at the end.
    
    # Site-wide defaults for some commonly used options.  For a comprehensive
    # list of available options, their meanings and defaults, please see the
    # ssh_config(5) man page.
    
    Host *
    #   ForwardAgent no
    #   ForwardX11 no
    #   ForwardX11Trusted yes
    #   RhostsRSAAuthentication no
    #   RSAAuthentication yes
    #   PasswordAuthentication yes
    #   HostbasedAuthentication no
    #   GSSAPIAuthentication no
    #   GSSAPIDelegateCredentials no
    #   GSSAPIKeyExchange no
    #   GSSAPITrustDNS no
    #   BatchMode no
    #   CheckHostIP yes
    #   AddressFamily any
    #   ConnectTimeout 0
    #   StrictHostKeyChecking ask
    #   IdentityFile ~/.ssh/identity
    #   IdentityFile ~/.ssh/id_rsa
    #   IdentityFile ~/.ssh/id_dsa
    #   Port 22
    #   Protocol 2,1
    #   Cipher 3des
    #   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
    #   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
    #   EscapeChar ~
    #   Tunnel no
    #   TunnelDevice any:any
    #   PermitLocalCommand no
    #   VisualHostKey no
    #   ProxyCommand ssh -q -W %h:%p gateway.example.com
    #   RekeyLimit 1G 1h
        SendEnv LANG LC_*
        HashKnownHosts yes
        GSSAPIAuthentication yes
        GSSAPIDelegateCredentials no
    
    Just in case Ubuntu has made any "helpful" changes.
     
  5. Daventry, Dec 11, 2016
    Last edited: Dec 11, 2016

    Daventry thread starter macrumors member

    Joined:
    Sep 23, 2011
    #5
    Yeah my output is similar to yours when it's working. The ssh_config file is same as yours.

    Now it's not working again so ping and ssh time out.

    If I ssh from my MBP into my NAS, then from there I can SSH into the ubuntu box.

    So basically any device in the LAN can see the ubuntu box except the MBP. But the MBP can still see the NAS and has internet access.

    Any ideas?
     
  6. MacUser2525 macrumors 68000

    MacUser2525

    Joined:
    Mar 17, 2007
    Location:
    Canada
    #6
    Well that is whacked perhaps a bad cable going/port on the router going south, random bs with wifi I assume you are using on the laptop. I would strip it back nothing but known good cat 5e at least cables going to from everything then go with the extras once you get it going reliably.

    Edit: Although outgoing connections from the Mac make sure the firewall there is not on messing it up.

    Edit2: In the router check around there for QoS settings and your port forwarding and you may want to give everything a static DHCP IP address for good measure just to eliminate that part of the equation..
     
  7. Daventry thread starter macrumors member

    Joined:
    Sep 23, 2011
    #7
    I'll try above suggestions tonight. Thanks!
     

Share This Page