On 2011/12/27 09:13, Bluejay Adametz wrote:
>>> When it fails, does it fail immediately, or does it take a few seconds
>>> before the error shows up?
>>>
>>> If it fails immediately, it could be a router or firewall blocking
>>> something or maybe iptables.
>>
>> It fails immediately, and soon the error message is gone in the next try.
>> That is happened sometimes, say once in seven times ssh.  I don't think
>> firewall could work that way.  Am I right?
>
> Yes, I would expect a firewall to either deny (possibly generating the
> 'no route' error by explicitly denying the connect), or allow it,
> every time.
>
> Are there any routers involved, or are both the home and office
> machines on the same LAN, in the configuration where you see the
> failures?

On the other hand, there may be a way to actually achieve this effect
intentionally with iptables. When I get a chance I'll have to explore
it. At the moment I use one of the iptables options to allow only one
connection to my machine within a short period. The command for
doing this might be able to be perverted into rejecting the first
attempt, allowing the second, and denying all subsequent until a few
seconds have passed. Then you'd have to fail once before connecting.

If the server is not busy that might be an interesting way to keep
hackers out of the machine. It would also make my log files smaller.
I log each ssh attempt that is rejected with my iptables setup. I
just had a dumb<censored> from Zimbabwe spend nearly 4 hours attempting
an ssh connection. That amounted to 160,000 rejects. Some scripts are
DUMB.

{^_-}   Joanne