Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: ssh traffic
Operating Systems Solaris ssh traffic Post 302263106 by pupp on Sunday 30th of November 2008 06:38:13 PM
Old 11-30-2008
ssh traffic
i have 3 servers running at home. i always connect to these servers from a windows box via ssh. recently i was snooping my interface on my database server and saw a lot of ssh traffic. this is a few lines of the snoop:
Code:
   deathstar -> xstar        TCP D=22 S=3190 Ack=662538517 Seq=1676539194 Len=0 Win=65535
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662538517 Len=116 Win=49640
   deathstar -> xstar        TCP D=22 S=3190 Ack=662538633 Seq=1676539194 Len=0 Win=65419
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662538633 Len=148 Win=49640
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662538781 Len=244 Win=49640
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662539025 Len=132 Win=49640
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662539157 Len=244 Win=49640
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662539401 Len=228 Win=49640
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662539629 Len=340 Win=49640
   deathstar -> xstar        TCP D=22 S=3190 Ack=662539629 Seq=1676539194 Len=0 Win=64423
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662539969 Len=228 Win=49640
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662540197 Len=148 Win=49640
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662540345 Len=132 Win=49640
   deathstar -> xstar        TCP D=22 S=3190 Ack=662540477 Seq=1676539194 Len=0 Win=65535
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662540477 Len=244 Win=49640
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662540721 Len=148 Win=49640
       xstar -> deathstar    TCP D=3190 S=22 Push Ack=1676539194 Seq=662540869 Len=244 Win=49640

deathstar is my winxp box and xstar is my db server. i've looked around and found that there maybe something with my windows xp gigabyte interface not buffering. is this normal ssh traffic? i've never seen this before. thoughts?
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Traffic Shaping

I'm using FreeBSD because I like how easy the system can be set up, how software can be installed/removed and ... many other reasons:-) But there is a thing I don't know how to deal with: I have few connections behind a machine and I want to give to the machines behind a minimum guaranteed... (2 Replies)
Discussion started by: eNTer
2 Replies

2. IP Networking

measuring traffic with iptables

i have a wireless network that is connected to internet over nat.there is ap that is connected to another ap in bridge mode, on ap is used for clients, and the other is connected to the machine that is doing masquerading. so i want to measure traffic of my clients and i thought about doing it with... (0 Replies)
Discussion started by: mdfk
0 Replies

3. HP-UX

NIC traffic

hi, there, are there any ways to monitor the NIC traffic on HP-UX, tools or system call? thanks. (2 Replies)
Discussion started by: Frank2004
2 Replies

4. Red Hat

SSH broke and network traffic / talking issue between hosts and server

Ok Time warner cable / voip modem feeding Cisco PIX 501 Wan port from PIX 501 LAN port to WAN port on Linksys wrt54GL wireless router. so -->Modem-->PIX 501-->WRT54GL-->Linux Server, wireless desktop, wireless laptop (2), Wireless MAC Pro, Wireless Apple TV, Wireless printer. my... (0 Replies)
Discussion started by: tedeansiii
0 Replies

5. Infrastructure Monitoring

Network Traffic

Hi all, Got a strange one here, well not so much strange, different :-) I need to work out if a server is particulary chatty, whether its talking / communicating heavily to a particular server, as Im planning to physically move the server to a different server, over a link. Hence the... (6 Replies)
Discussion started by: sbk1972
6 Replies

6. Linux

IP Traffic forwarding

Hello All I have the following setup of a network. Client machines sends requests to the server which is (192.168.1.50) running on Ubuntu server 8.04. And this server forwards all incoming traffic from clients to another server (192.168.1.100) when it's available. The availability is checked... (0 Replies)
Discussion started by: Anuradhai4i
0 Replies

7. Cybersecurity

DNS traffic

Hi All, I have just started learning Lunix; I hope you can help me to block unwanted DNS traffic. I have big spikes of traffic few times a day. The duration is from few minutes to two hours. Incoming traffic is 1 mbps, outgoing is 3mbps Using my friend's script I was able to get some... (1 Reply)
Discussion started by: OlegE
1 Replies

8. UNIX for Advanced & Expert Users

How to throttle network traffic?

Hi All I am resilience testing an application that is spread across multiple servers. One thing I will need to do soon is throttle the network traffic for specific interfaces within the test cluster. Specifically, maybe make a connection take twice or three times as long to respond.... I... (3 Replies)
Discussion started by: bbq
3 Replies

9. UNIX for Beginners Questions & Answers

Cant get traffic to my forum

<SNIP> edit by bakunin: You could have shown the courtesy to ask if it is OK to advertise your forum here. As generous as i know Neo to be and given you are probably a non-profit organisation he might have allowed it. But simply using us as your free advertising vehicle without as much as giving... (0 Replies)
Discussion started by: thomen
0 Replies

LEARN ABOUT SUSE

ssh-copy-id

SSH-COPY-ID(1)						      General Commands Manual						    SSH-COPY-ID(1)

NAME

       ssh-copy-id - install your public key in a remote machine's authorized_keys

SYNOPSIS

       ssh-copy-id [-i [identity_file]] [user@]machine

DESCRIPTION

       ssh-copy-id is a script that uses ssh to log into a remote machine (presumably using a login password, so password authentication should be
       enabled, unless you've done some clever use of multiple identities)

       It also changes the permissions of the remote user's home, ~/.ssh, and ~/.ssh/authorized_keys to remove group writability (which would oth-
       erwise prevent you from logging in, if the remote sshd has StrictModes set in its configuration).

       If  the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regardless of whether there are any keys in your
       ssh-agent.  Otherwise, if this:

	     ssh-add -L

       provides any output, it uses that in preference to the identity file.

       If the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file.  Once it has one or more  fin-
       gerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file, and directory,
       if necessary)

SEE ALSO

       ssh(1), ssh-agent(1), sshd(8)

OpenSSH 							 14 November 1999						    SSH-COPY-ID(1)
All times are GMT -4. The time now is 08:09 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy