I was recently having issues when trying to ssh into one of my servers. The normal debugging techniques and solutions didn't work for me and I had to debug this in depth to figure out the issue was actually with my router blocking the packets
The actual problem.!
When you ask for a regular ssh terminal, ssh sets the TCP packet type of service (ToS) to "interactive". I was working from a cafe using a public wifi hotspot and the public wifi router that I was using was blocking those packet types!
So I now need to way to figure out and bypass those headers that were being set. I found that using
netcat, the tunnelled TCP packets get no type of service directives. Thus, if you tunnel all your ssh traffic through
netcat, you reset the ToS of the TCP packets to the default ones.
you can just add this to your ssh config file (either
Host *.example.com ProxyCommand nc %h %p
What is Type of Service(ToS)
The type of service (ToS) field in the IPv4 header. It had various definitions over time and the modern redefinition of the ToS field is a six-bit Differentiated Services Code Point (DSCP) field and a two-bit Explicit Congestion Notification (ECN) field.
The ToS field could specify a datagram's priority and request a route for low-delay, high-throughput, or highly-reliable service.
Based on these ToS values, a packet would be placed in a prioritized outgoing queue, or take a route with appropriate latency, throughput, or reliability.