Como você diagnostica a paralisação da conexão ssh após SSH2_MSG_KEXINIT?

EDIT: Este problema acabou por ser apenas quando eu faço uma viagem de ida e volta para fora da minha rede doméstica e depois de volta novamente. Funciona perfeitamente do lado de fora, então sou legal.

Consigo me conectar ao meu serviço sshd em uma máquina na minha rede doméstica, mas se eu acessá-lo de fora por meio de um roteador usando o encaminhamento de porta, ele só chegará até essa mensagem

debug1: SSH2_MSG_KEXINIT enviado

depois fica parado.

Existe alguma maneira de diagnosticar o que está falhando nesse ponto? O que está acontecendo nesse estágio do protocolo?

Eu encontrei algumas informações [online] [1] que isso pode estar relacionado aos tamanhos de MTU. Eu tentei definir o MTU para 576 no meu servidor e meu roteador, mas recebo o mesmo resultado.

Aqui está o log do cliente ssh:

OpenSSH_5.1p1 Debian-5ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to xx.xx.xx.xx [xx.xx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /home/justinhj/.ssh/identity type 0
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug3: Not a RSA1 key file /home/justinhj/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/justinhj/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/justinhj/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5ubuntu1
debug1: match: OpenSSH_5.1p1 Debian-5ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent

E aqui está a saída do servidor:

justinhj@ubuntu:~$ sudo /usr/sbin/sshd -ddd
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 875
debug2: parse_server_config: config /etc/ssh/sshd_config len 875
debug3: /etc/ssh/sshd_config:6 setting Port 22
debug3: /etc/ssh/sshd_config:7 setting ListenAddress 192.168.0.106:22
debug3: /etc/ssh/sshd_config:8 setting ListenAddress 127.0.0.1:22
debug3: /etc/ssh/sshd_config:9 setting Protocol 2
debug3: /etc/ssh/sshd_config:15 setting HostKey /etc/ssh/ssh_host_rsa_key
debug3: /etc/ssh/sshd_config:16 setting HostKey /etc/ssh/ssh_host_dsa_key
debug3: /etc/ssh/sshd_config:19 setting UsePrivilegeSeparation yes
debug3: /etc/ssh/sshd_config:22 setting KeyRegenerationInterval 3600
debug3: /etc/ssh/sshd_config:23 setting ServerKeyBits 768
debug3: /etc/ssh/sshd_config:26 setting SyslogFacility AUTH
debug3: /etc/ssh/sshd_config:27 setting LogLevel DEBUG3
debug3: /etc/ssh/sshd_config:29 setting GatewayPorts yes
debug3: /etc/ssh/sshd_config:32 setting LoginGraceTime 120
debug3: /etc/ssh/sshd_config:33 setting PermitRootLogin no
debug3: /etc/ssh/sshd_config:34 setting StrictModes yes
debug3: /etc/ssh/sshd_config:44 setting IgnoreRhosts yes
debug3: /etc/ssh/sshd_config:47 setting RhostsRSAAuthentication no
debug3: /etc/ssh/sshd_config:50 setting HostbasedAuthentication no
debug3: /etc/ssh/sshd_config:56 setting PermitEmptyPasswords no
debug3: /etc/ssh/sshd_config:60 setting ChallengeResponseAuthentication yes
debug3: /etc/ssh/sshd_config:63 setting PasswordAuthentication no
debug3: /etc/ssh/sshd_config:66 setting KerberosAuthentication no
debug3: /etc/ssh/sshd_config:68 setting KerberosOrLocalPasswd yes
debug3: /etc/ssh/sshd_config:69 setting KerberosTicketCleanup yes
debug3: /etc/ssh/sshd_config:72 setting GSSAPIAuthentication no
debug3: /etc/ssh/sshd_config:73 setting GSSAPICleanupCredentials no
debug3: /etc/ssh/sshd_config:74 setting GSSAPIKeyExchange no
debug3: /etc/ssh/sshd_config:76 setting X11Forwarding no
debug3: /etc/ssh/sshd_config:77 setting X11DisplayOffset 10
debug3: /etc/ssh/sshd_config:78 setting PrintMotd yes
debug3: /etc/ssh/sshd_config:79 setting PrintLastLog yes
debug3: /etc/ssh/sshd_config:80 setting TCPKeepAlive yes
debug3: /etc/ssh/sshd_config:85 setting Banner /etc/issue
debug3: /etc/ssh/sshd_config:88 setting AcceptEnv LANG LC_*
debug3: /etc/ssh/sshd_config:90 setting Subsystem sftp /usr/lib/openssh/sftp-server
debug3: /etc/ssh/sshd_config:92 setting UsePAM yes
debug1: sshd version OpenSSH_5.1p1 Debian-5ubuntu1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-ddd'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22 on 127.0.0.1.
Server listening on 127.0.0.1 port 22.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 22 on 192.168.0.106.
Server listening on 192.168.0.106 port 22.
debug3: fd 5 is not O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 8 config len 875
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
Connection from xx.xx.xx.x port 41016

Não. Informações do protocolo de destino da fonte de tempo      22 40.592821 192.168.0.106 192.168.0.100 TCP ssh > 4632 [RST] Seq = 1 Win = 0 Len = 0

Quadro 22 (60 bytes no fio, 60 bytes capturados) Ethernet II, Src: Asiarock_c9: 54:51 (00: 13: 8f: c9: 54: 51), Dst: AskeyCom_76: f6: 2b (00: 90: 96: 76: f6: 2b) Protocolo Internet, Src: 192.168.0.106 (192.168.0.106), Dst: 192.168.0.100 (192.168.0.100) Protocolo de controle de transmissão, Src Port: ssh (22), Dst Porto: 4632 (4632), Seq: 1, Len: 0

No.     Time        Source                Destination           Protocol Info  
     23 43.485533   192.168.0.100         xxx.xxx.xxx.xxx         TCP      [TCP         Retransmission] [TCP segment of a reassembled PDU]

Frame 23 (590 bytes on wire, 590 bytes captured)
Ethernet II, Src: AskeyCom_76:f6:2b (00:90:96:76:f6:2b), Dst: D-Link_fa:33:1e     (00:13:46:fa:33:1e)
Internet Protocol, Src: 192.168.0.100 (192.168.0.100), Dst: xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)
Transmission Control Protocol, Src Port: 4632 (4632), Dst Port: ssh (22), Seq: 1, Ack:  40, Len: 536
SSH Protocol

[1]: Talvez: link