Any advice here please?

I’ve taken a copy of a production Ubuntu server VM and spun it up in our Lab to turn into a development server. I’ve changed the IP addressing and hostname, and touched nothing else.

I can now SSH to it, but the session disconnects me after a few seconds – or rather, the session just freezes, then PuTTY terminates a little while later.

What am I missing here? Is there something froody I need to do with SSH if I rename a machine?

Yeah, you’ll have to er.. change the entry in.. then add.. er.. umm.. I dunno, sorry.

That’s pretty much where I’m at.

but i can’t offer any help…

I would re-install the SSH server. It could be that the change in hostname is upsetting the crypto.

Something like:

sudo apt-get remove –purge openssh-server && sudo apt-get install openssh-server

Are you using Putty or Kitty? (I know you said Putty, but you might be using a general term)

I use lots of servers every day, Kitty connects fine to most of them, but one doesn’t like it and only allows Putty… I haven’t worked out why.

Hmm.

I’ve just done a round of updates (via the console) on it and, perhaps coincidentally, now that I’ve gone back to SSH it seems to have stopped doing it. Bizarre.

If it reoccurs I’ll reinstall the SSH server as suggested. Cheers.

Are you sure the IP details have been set OK – no clashes etc?
Is the hostname the same as any other machine on the available network?
If you look in the log can you see the ssh server starting and stopping?
If you use other network ops like ftp, (x)rdp, do these hold up ok?
Can you ssh from the VM to your client Ok?

Edit: Fixed automagically – the best type of fixes. 🙂

Also, where have you changed the hostname?

/etc/hosts/
/etc/sysconfig/network

I’m using RedHat/CentOS, so may be different in Ubuntu, but I’ve never known needing to reinstall openssh after a hostname change.

Are you using Putty or Kitty? (I know you said Putty, but you might be using a general term)

Kitty’s the one that gives you clickable URLs, isn’t it? But no, I’m using PuTTY and not a.n.other terminal emulator.

Are you sure the IP details have been set OK – no clashes etc?

Reasonably so.

Is the hostname the same as any other machine on the available network?

Nope.

If you look in the log can you see the ssh server starting and stopping?

I looked in, er, /var/log/auth I think, nothing leaps out at me.

If you use other network ops like ftp, (x)rdp, do these hold up ok?
Can you ssh from the VM to your client Ok?

Didn’t try either of those. Being a clone of a production server there’s not a lot of extra services running.

Also, where have you changed the hostname?

IP addressing in /etc/network/interfaces
Hostname in /etc/hostname and /etc/hosts

I don’t have a sysconfig, that must be a RH thing.

somouk – Member
I would re-install the SSH server. It could be that the change in hostname is upsetting the crypto.

Something like:

sudo apt-get remove –purge openssh-server && sudo apt-get install openssh-server

Good thinking, but I would have thought it would fail to connect in that case..?

I hate it when things fix themselves. You never know if it’s really sorted, or whether it’s going to raise its ugly head at 2am on Sunday night a few weeks from now.

There is something strange with Ubuntu’s SSH setup though. If you edit a config file, e.g. to change permit root logins to YES then just restarting or even stopping and starting the SSH/SSHd services isn’t enough. You need to actually reboot the box to get it to pick up the change… Most strange

I think I’m going to write this off as sunspots. Thanks all who replied.

I hate it when things fix themselves. You never know if it’s really sorted, or whether it’s going to raise its ugly head at 2am on Sunday night a few weeks from now.

“Have you fixed that intermittent fault?”

Umm… so far…

Kitty is Putty with added bells and whistles. Personal favourites are;

– Drag and drop SCP
– CTRL+Shift+left-click to open duplicate session
– Shift+F3 to open WinSCP connection to server

It does more too, but those are the bits that I find “invaluable”.

Hostname in /etc/hostname and /etc/hosts

What does hostname -f return (and does it return swiftly?)

Yeah, I’ve used it previously but a long time ago. The author of PuTTY is a friend of mine, so straying away from it seems… dirty.

What does hostname -f return (and does it return swiftly?)

The correct FQDN, and yes. (I’m connecting via IP address rather than hostname.)

straying away from it seems… dirty

It’s def not as solid as Putty, but the added trinkets have lured me away.

If it’s connecting successfully then freezing, it’s not an issue with the hostname.

The most likely explanation for this is a duplicate IP address (you haven’t managed to spin up two copies of the VM have you?). Other possibilities are an MTU issue (if it freezes the first time you run a command that produces a lot of output, unlikely on a local network) or a NAT router timing-out your session, unlikely to happen after just a few seconds.

Any intrusion detection systems on the network?

Rachel

IP was my first thought. If it is a duplicate IP, then it’s something not responding to ICMP (and there’s nothing like that in the Lab that I’m aware of). Plus, I could still ping out from a console session when it did it.

Network issues seem unlikely, if only because nothing else is doing it.

Any intrusion detection systems on the network?

Nothing like that. The Lab network is frankly a sprawling mess that has grown organically as a succession of engineers have buggered about with it over the years before it came under my jurisdiction, but one thing it’s not is sophisticated. There’s no budget attached so it’s all built out of Wombled cast-offs.

– CTRL+Shift+left-click to open duplicate session

right click on top of window, select “Duplicate” session with Putty

Is it on the same sub net? Ping, check your ARP table, try disabling the NIC on the server or in plug or something, clear the ARP ping the server again see if a different Mac address terms up.

name dropper

I’m sure I’ve had a similar issue which I solved, but can’t remember at all what the problem was – that’s not really very helpful is it! ISTR it was something to do with IP and routing though (maybe worth checking the remote client doesn’t have a conflict either, and check subnetting).

Checked the syslog / authlog for any entries which explain the session termination ?