Teraterm Macro SSH connection failures

RouterOS General
1

I got a doozy for you all.

First a tiny bit of background information.
Teraterm is a terminal emulator program that I use pretty much exclusively. It comes in a few ‘parts’ for want of a better word. A bit like a car, they come with wheels, motor, seats etc to make it function. When I refer to ‘teraterm’ I mean the bundle of these components.

  1. ttermpro.exe is the executable file which launches an application exactly the same as putty or securecrt.
  2. ttpmacro.exe is the executable which you can run scripts/macros to get ttermpro to do your bidding like a good minion. Similar to AutoHotKey or how I’d imagine Python scripting working.
  3. TTSSH looks like the module used to form SSH connections for ttermpro to use.

There are other parts which for simplicity I’ll skip past, if you really want, you can dive in here.

Now that is out of the way, I’ve been having some issues with scripts that I’ve been using quite well for about 6-8 years and I don’t know where the issue really lies and would like to bounce some ideas off you all.

If I use ttermpro to connect to any Mikrotik, I have no issues with it. Doesn’t matter if its local, remote, routed or bridged, as long I can ping it, it works. Now Teraterm gets updated periodically (change log) and as of version 4.107 my macros wont connect with SSH to a Mikrotik that has ‘some’ Round Trip Time (RTT) delay. The ‘some’ value is a bit rubbery, by 50ms it’s pretty reliably failing and wont connect, less than 5ms, no problems, 5-10ms sometimes works, sometimes fails.

So to do some testing I built a network. Please refer to Test.pdf (44.1 KB)

Its pretty simple with OSPF running between all the Cisco’s and Mikrotik’s all in area 0. Everyone is running SSH on an open TCP port, no port knocking or anything like that. The WAN Emulator is a linux Ubuntu machine, I give it a command, it sets a delay value for traffic running across it’s bridge. Its just Traffic Control if your wondering.

Now the laptop can ping all the devices and interfaces in the network. When I set a delay on the WAN Emulator, I see that reflected in the RTT for ping and I see it in the console responsiveness, so I’m confident that is working.

The laptop can SSH using ttermpro to any of device regardless of the delay I set in the WAN emulator. Even 500ms…

With 100ms in the WAN Emulator I get the following results, all launched with ttpmacro.

  1. Teraterm 5.5.0 x64 portable connecting to Mikrotik’s - Fails
  2. Teraterm 5.5.0 x64 portable connecting to Cisco’s - Connects
  3. Teraterm 5.5.0 x64 installed same results as 1 and 2.
    For reference I have tried other version of Teraterm in the 5 range, all the same results.
  4. Teraterm 4.106 portable connecting to Mikrotik’s or Cisco’s - Connects
  5. I havent tried the installed version for 4.106 but I’m close to certain it will work.
  6. If I dial down the WAN Emulator delay back to 0, everything connects just fine doesn’t matter which version of Teraterm I use.

The failure message looks like this.

  1. The top message is the macro freaking out that I’m trying to use commands that need an active connection which doesn’t exist due to the error at the bottom.)
  2. The second message is the macro itself just displaying that it’s at line 47 in the macro waiting for ‘[admin’ to appear in the console
  3. This is the error message TTSSH is giving when trying to connect to the Mikrotik.

TT Failure
TT Failure545×650 26.6 KB

Out of the mikrotik when I log the SSH system I get this for a log

log.0.txt (53.8 KB).

In that log there is a connection that works from the start until line 529. Then I quickly add some delay and from line 530 to the end is what is captured in the Mikrotik log when that picture above happens.

I do have wireshark captures from the laptop for both working and failing connections, but it’s at work so I can put them in if wanted. I’ve decided to just put them in, it might help.Teraterm Wireshark.zip (110.6 KB)

Config files from the Mikrotik I know will be requested so I’ll put them in tomorrow. Its very basic, an interface or two, ospf and a local user account. The Mikrotiks are all running 7.20.4.
Here are those configs. Mikrotik configs.txt (2.4 KB)

I’ve had a good look at the changelog for Teraterm and can’t spot anything that changes between 4.106 and 4.107 which causes to me to be concerned, it looks like pretty mundane fixes and improvements to me at least.

I suppose my question are,

  1. What should I test next?
    1. I’ll probably test ROS 6.47 or whatever long term is.
  2. Are there any known or suspected ‘features’ with SSH on Mikrotik units?

Its getting late here and I’m certain I’ve missed something so ask and I’ll edit this original post as long as I can.

2

Two things come to mind to me.

  1. When connecting with ssh and it's slow first when connecting?
    Maybe there are the dns revers lookup thing, if that have to timeout.
    I think you can disable that in the ssh server, but don't know if you can do it in the Mikrotik Device.
  2. And there being some problems with ssh and using cmd line with there newer (beta) version of firmware.
  3. And 6.47 why so old firmware/routeros ?

Can you test just with the regular ssh.
Yes if you running Windows you can now use ssh at command prompt.

ssh admin@192.168.88.1

Here is the thread we talked about the problem with ssh thingy:

And have being fixed with 7.20.3

What's new in 7.20.3 (2025-Oct-28 14:45):

*) lte - fixed LED behavior for Chateau 5G R17 ax;
*) ppp - do not automatically add apn=internet for manually created ppp-client interfaces;
*) ppp - fixed ppp-client not dialing when two interfaces use same multi-channel port;
*) snmp - fixed various connection tracking OID definitions in MIKROTIK-MIB;
*) ssh - fixed non-interactive command execution (introduced in v7.20);
*) wifi - changed country code to "XA" for "UK 5.8 fixed outdoor" regulatory domain;

https://download.mikrotik.com/routeros/7.20.3/CHANGELOG

1 Like
3

Good questions,

  1. There are no DNS based lookups happening here, I’m just using the IP address in the macro.
  2. This probem has been going on for at least 12 months, I’ve been avoiding it by using Teraterm 4.106
  3. Sorry I got the numbers a bit munted, 6.49.18 is what I’ll try as its the long term release tree latest release.
    For the testing I did yesterday.
    Test unit 1 is running 7.19.4
    Test units 2,3,4 are running 7.20.4

ttermpro.exe which is the terminal emulator works without issue, it’s only when launched via the ttpmacro.exe that becomes a problem.

4

Well the test for the long term release tree proved useful.

So same network as before except the following changes.
Test Unit 1, 2, 3 are all running ROS 6.49.19.
Test Unit 4 is running ROS 7.20.4

Test unit 1,2,3 all can connect without issues.
Test Unit 4 causes the macro to crash as before.

Now I Netinstalled all these devices when doing the down/upgrades so they are fresh, I didn’t even stick the wireless package on it.

Testing from the laptop (Windows 10) using the inbuilt SSH from command prompt I got some mixed results. Sometime it timed out, but most of the time it worked. Edit* This looks to have been a routing issue, Test unit 4 had a priority of 128 which the Cisco units didn’t seem to like. Once I set the priority back to 1 it updated the routing table and connected reliably from there on.

5

I went dumpster diving through all the versions from 7.1 to 7.20.4. Turns out this problem was first introduced at 7.4.

I tried changing some of the IP/SSH settings for a bit of fun but it made no difference. I think I’ll report this to Mikrotik support and see what they say.

1 Like
6

I am seeing the same thing… ssh can take up to 30 seconds to connect. If I /quit and then ssh back in, it works instantly. Running MikroTik RouterOS 7.20.4

To clarify: I am not using Teraterm, but just running SSH from a Unix server. When I do tcpdump, the Mikrtoik sends back no packets when first attempting to ssh in (also, the Mikrotik is not doing any DNS queries, I dumped those packets as well). This is not a DNS issue.

7

I’ll give that a test.

In the mean time I did raise a ticket back in November. SUP-204735

8

Well I tested this from a Ubuntu machine. I didn’t see any issues.

9

You may want to read this manual page carefully: Command Line Interface - RouterOS - MikroTik Documentation

(you may be affected by the automatic terminal type detection)

Also, in general it is not desirable to use the user command line interface for automated actions. I can understand you want to do that in a heterogeneous environment, but for MikroTik it is better to use the API (classic or REST API).