# ssh disconnects when starting gkrellm



## cira8u (Aug 23, 2017)

When using `ssh` to connect to FreeBSD 11.0 the link will occasionally shut down with the following in /var/log/messages

Aug 23 14:45:11 karen sshd[62451]: fatal: Fssh_packet_write_poll: Connection from 174.77.777.77 port 57670: Permission denied

If no program is running in the shell, the link is stable and will remain connected for days.  Sufficiently complex man pages, for instance, will cause the link to die when paging.  For instance, pw() with the `most` pager will do it.  Running `emacs` is dicey at best, but `gkrellm` will *always* cause the link to die immediately.  While a simple X11 app, such as `xeyes`, is stable.  `sshfs` is also unstable and disconnects after it experiences a few directory listings.  In each case, some I/O precipitates the disconnect.


----------



## aragats (Aug 24, 2017)

Try decreasing the MTU value, e.g.:
	
	



```
# ifconfig wlan0 mtu 1400
```
I've seen such behavior caused by wrong MTU. SSH doesn't like fragmented packets. By default MTU is 1500, check your modem configuration, e.g. my DSL modem uses MTU=1492.


----------



## cira8u (Aug 25, 2017)

First off, thank you so so so much for responding.  I poked at the two modems to see what their MTUs were.  One is a CenturyLink ZyXEL PK5001Z, and I found it's MTU.  Modem Status ==> Internet Status ==> MTU Size: 1492   MSS Size:1452    The other is a ARRIS TG1682, and I couldn't find it's MTU.  Neither seems to provide a way of increasing it by 8, so I changed the MTU on both ends.  Saddly the symptoms did not change.  At least I'll have less fragmentation now.


```
sudo ifconfig wlp3s0 mtu 1400  #linux box
sudo ifconfig igb0 mtu 1400    #server
```

The error message says it's trying to make a connection on a high numbered port, so I tried forwarding a large swath of high numbered ports to the server from the modem.  Hey, it worked for mosh.  It didn't work here though.  I'd like to know why it says "Permission denied", who is denying and why?  It almost sounds like something on the server its self.

The `mosh` link works and is stable.  So the terminal things which die in `ssh` are ok in `mosh`.  Unfortunately, `mosh` seems to scramble command sequences and C-BkSp C-S-+ C-S-- C-S-number (at least) don't make it through to emacs.  Plus `mosh` has no facility to transfer files, or for X11.  Though I can see how it might be possible to extend `mosh` to do X11.  You'd need to write a moshX-client that could handle fixing erroneous screen update guesses (like mosh-client), a sort of better-vnc.  So I still need to fix `ssh`.


----------



## Galactic_Dominator (Aug 30, 2017)

What are your FW rules?  Are you using keep-state?


----------

