Red Hat

Hello,
For some reason we are unable to ssh into one of our servers. It is running Red Hat 6.1. We have tried moving in a new sshd_config file as well as a new /etc/pam.d/system-auth file. The server has LDAP enabled and the server side is Oracle directory server. Just to simplify things we disabled all the LDAP portions from the client side and were still not able to ssh into the server as root. The odd part is that once enabled LDAP, we were able to switch users to another user on the server however not able to ssh into the server with that user account. Here is the verbose ssh output.. and yes it stops at that point every time

Sun_SSH_1.1.2, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to server [10.xx.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /export/home/ps151m/.ssh/identity type -1
debug1: identity file /export/home/ps151m/.ssh/id_rsa type 1
debug1: identity file /export/home/ps151m/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.1.2
debug1: use_engine is 'yes'
debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers
debug1: pkcs11 engine initialization complete
debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible
Unknown code 0
)
debug1: SSH2_MSG_KEXINIT sent





here's the tcpdump from the incoming server side:
[incoming_server] /var/log # tcpdump -vvi eth2 tcp
tcpdump: WARNING: eth2: no IPv4 address assigned
tcpdump: listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
12:02:35.602053 IP (tos 0x0, ttl 64, id 55166, offset 0, flags [DF], proto TCP (6), length 61)
server.ourdomain.com.ssh > source_server.34894: Flags [P.], cksum 0x7edd (incorrect -> 0x0e42), seq 1179647841:1179647862, ack 1731800226, win 46, length 21
12:02:45.141593 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
server.ourdomain.com.hp-alarm-mgr > 10.32.000.000.56194: Flags [R.], cksum 0x038b (correct), seq 0, ack 1275004056, win 0, length 0
12:03:18.042557 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
server.ourdomain.com.us-cli > 10.32.000.000.34909: Flags [S.], cksum 0x3577 (correct), seq 1870858369, ack 1129696866, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
12:03:21.441876 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
server.ourdomain.com.us-cli > 10.32.000.000.34909: Flags [S.], cksum 0x3577 (correct), seq 1870858369, ack 1129696866, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
12:03:27.841945 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
server.ourdomain.com.us-cli > 10.32.000.000.34909: Flags [S.], cksum 0x3577 (correct), seq 1870858369, ack 1129696866, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
12:03:28.617933 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 40)
server.ourdomain.com.hp-managed-node > 10.32.000.000.56625: Flags [R.], cksum 0x9fae (correct), seq 0, ack 3548700480, win 0, length 0
12:03:38.813770 IP (tos 0x0, ttl 64, id 26285, offset 0, flags [DF], proto TCP (6), length 40)
server.ourdomain.com.us-cli > 10.32.000.000.34961: Flags [.], cksum 0x2599 (correct), seq 2186573910, ack 1148563891, win 54, length 0
12:03:38.895528 IP (tos 0x0, ttl 64, id 26287, offset 0, flags [DF], proto TCP (6), length 144)
server.ourdomain.com.us-cli > 10.32.000.000.34961: Flags [P.], cksum 0xf190 (incorrect -> 0x610d), seq 221:325, ack 423, win 63, length 104
12:03:41.801376 IP (tos 0x0, ttl 64, id 12029, offset 0, flags [DF], proto TCP (6), length 40)
server.ourdomain.com.us-cli > 10.32.000.000.34909: Flags [.], cksum 0x8b73 (correct), seq 1, ack 369, win 54, length 0
12:03:41.803891 IP (tos 0x0, ttl 64, id 12031, offset 0, flags [DF], proto TCP (6), length 261)
server.ourdomain.com.us-cli > 10.32.000.000.34909: Flags [P.], cksum 0xf205 (incorrect -> 0x6e95), seq 222:443, ack 369, win 54, length 221

---------- Post updated at 03:05 PM ---------- Previous update was at 12:28 PM ----------

Nevermind guys. There is something odd with the network. When we disable one interface of the bond, our problems go away. So we have isolated the problems to one interface only.

Thanks,
Shaun