Login requires SSL, you're on Ubuntu, did you update your OpenSSL library or something?

I had a similar glitch with my email system recently after an OpenSSL update and had to make some changes to the tls server.

Maybe it was in an automatic update... I just reinstalled it but still no go.

Just a hunch, but I would look at firewall or anti-virus software. Those programs can cause odd effects sometimes. If you have something like that installed and it's practical to temporarily disable it, then it's worth a try because it's a quick test.

I forgot to mention, I removed the firewall :-D
No need for anti-virus on Linux based OS

[edited by: Asia_Expat at 8:28 pm (utc) on July 3, 2009]

No firewall, no AV? Don't fool yourself, lots of malware aimed at Linux.

You're probably hacked then which would stop certain things from working if they installed a rootkit.

[edited by: incrediBILL at 8:52 pm (utc) on July 3, 2009]

Have you tried other browsers? I'd try Epiphany first since it's native. Can you ping Google from the terminal? (ping google.com)

I only removed the FW and AV in order to diagnose this problem. I use Avast free edition for Linux and iptables FW

I've tried FF, Opera, WINE IE, and Arora.

Google pings fine... just can't log in to anything there.

Remember, login is SSL, I've seen rootkits impact SSL, probably not the problem but I'd certainly look there first.

Additionally, pinging Google doesn't mean you can ping their SSL server, totally different beast.

Try this command to test connecting to Google SSL:
openssl s_client -starttls smtp -crlf -connect www.google.com:443

Should say CONNECTED if it works.

Here's the result:

CONNECTED(00000003)
{long pause here}
didn't found starttls in server response, try anyway...
32618:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

OOPS! I left the SMTP parm in there, but I still got a different result.

Try this, it's the proper command:
openssl s_client -connect www.google.com:443 -state

If it works it should spit out a lot of text including the Google SSL Cert.

CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDITCCAoqgAwIBAgIQASo5dg0/T8kL570rz5UuejANBgkqhkiG9w0BAQUFADBM
MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0wOTAzMjcyMjIwMDdaFw0x
MDAzMjcyMjIwMDdaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMRcw
FQYDVQQDEw53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEA1rnhrbhhCx9OtjwJPavo4yu26KQ6eC/TUSAiRZXYAJEzmqeiSOowVyaXZsda
7/GbDD/huX97w8fMr5zQHzyBFRBY/Aazv7ycArlR3PumuRdC5kbnIs9sJxD+VOaS
bAxgdprO+H+suFoIStyxZL2gdEGyrI+GnRreWAn9bAol4HkCAwEAAaOB5zCB5DAo
BgNVHSUEITAfBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATA2BgNVHR8E
LzAtMCugKaAnhiVodHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlU0dDQ0EuY3Js
MHIGCCsGAQUFBwEBBGYwZDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AudGhhd3Rl
LmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy50aGF3dGUuY29tL3JlcG9zaXRv
cnkvVGhhd3RlX1NHQ19DQS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUF
AAOBgQA5tvsRvDMsw5BI427DmzixQtEACVhjoOGYHIXy7xAdYE5RCWL1Bb2dT4ds
mHIHgMNZSBTi1u/QjzNqaDH6t7uFzPfHR3tnkzzDFlGbb4cg/WdMK+pqSdsR0b3X
lSJDegZ7TvY3jqK5zx+l0r07BJc5sw/6OLWvVSCIYJPy3tv/3w==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
issuer=/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
---
No client certificate CA names sent
---
SSL handshake has read 1765 bytes and written 304 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-SHA
Session-ID: DEEDB9359BD33CAC83011B97A38E85CEA65FE78E58CA2CA2F4BFBCD2D51ADDD5
Session-ID-ctx:
Master-Key: 7919920E8EC830F437831CC5A1FE94E4024589AADA7A3599D289A5A3A7C4F7446BA4E8C1874BED1B6B1B34F2A58878E3
Key-Arg : None
Start Time: 1246707977
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
read:errno=0
SSL3 alert write:warning:close notify

Well, we've verified you can in fact connect with the Google SSL server but all of my servers return "Verify return code: 0 (ok)" while yours returns "Verify return code: 20 (unable to get local issuer certificate)"

Not sure that would cause the browser to fail as the browsers include their own certificate.

I'll poke around a bit and see if I can find anything useful regarding that issue.

BTW, you sure you wiped out all Google cookies?

I found something that said FF was having this problem on Ubuntu but Konqueror was working just fine, maybe see if you can get Konqueror to work as it might yield more clues if it does or doesn't work with Google.

I just installed Konqueror with synaptic, got as far as the log in page (which is https) but again, stalled when clicking 'login' and nothing happens.

I wonder, how can I use a terminal to make sure EVERYTHING from the alpha release of Chrome is gone? Maybe that's not the problem but it's worth a try... I'm bordering on a fresh install of Ubuntu now... drastic, but what else is there to do? :-(

Do other login pages work like on Yahoo, Bing, your online bank?

Are you using the latest version of Firefox (3.5)?
It has several bugs, not sure if there are SSL related bugs on Linux.

I use Firefox on Linux and I am able to login fine.

[offtopic]
> No firewall, no AV? Don't fool yourself, lots of malware aimed at Linux.

You really don't need AV on Linux, its that good. A simple firewall (default lokkit on Fedora) is all you need. Even that is for the paranoid.
[/offtopic]

[off topic]

You really don't need AV on Linux, its that good. A simple firewall (default lokkit on Fedora) is all you need. Even that is for the paranoid.

Let's not lead people into a false sense of security.

If Linux was "that good" why are Linux servers, even the most hardened, hacked all the time?

Most of the virus programs in email and such are aimed at Windows which is why a Linux desktop seems "that good".

Security by obscurity is a only a false sense of security.

[/offtopic]

@Asia_Expat: This is a long shot since I'm on Windows, but the same thing happened to me about six months ago. I could browse everything that wasn't Google-related. Very bizarre. I finally contacted my ISP and the tech support guy told me to uninstall the driver for my ethernet card, and then reboot so that it would be automatically reinstalled. I never would have believed that would solve the problem, but it did.

happened to me a few times with Firefox...if you have adblock or another ad blocking add-on, it may hide the login.

[edited by: FrostyMug at 11:15 pm (utc) on July 4, 2009]

I just remastered my system... fresh everything...

I STILL CAN'T LOG IN!

I've also noticed that when searching Google web search, I've started getting the 'You are a bot' page often and I have to input a code to continue... I wonder if my mac address is somehow getting blocked over at Mountain View.

I can still log in with my notebook.

I think I'd better write to an Adwords rep... something is very wrong here.

Problem solved...

Now my hairline has receded due to excessive facepalming, I've figured it out. I was using the DNS servers of dnsadvantage in my router. These were in iptables in Linux. Removing them from my router, shutting down iptables, restarting the system... I can now log into my Google accounts...

It wasn't stopping my notebook connecting, so I wonder why iptables was having difficulty?

I really need to be using these DNS servers because my ISP here in Thailand is cr@p.

[edited by: Asia_Expat at 5:34 pm (utc) on July 5, 2009]

I occasionally have problems with the DNS servers of Time Warner Cable. When I do, I switch to the Level 3 DNS server 4.2.2.1. It is very fast. Not sure if it will work in Thailand.

Glad you figured it out. Lots of DNS server choices around the world I think, so now might be a good time to do some research and keep a few handy for the next time there's a problem.

I'll do some testing later on... but I don't think the DNS server was the problem because I could still log in with my notebook (running Vista) so I wonder if anyone has any insight as to why iptables was blocking the connection?

I'll test with some other DNS servers when I have time.