LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 08-29-2009, 09:13 AM   #1
VipX1
Member
 
Registered: Jun 2009
Location: Dublin, IRL
Distribution: Arch
Posts: 35
Blog Entries: 1

Rep: Reputation: 15
Question ssh, Trying to call a friends Ubuntu desktop, Default settings?


My friend is having trouble with vsftpd. I told him to install Openssh-Server. Set me up as a user on the desktop anding me to admin group and ssh group. He also ticked the Administrator box under my username setup. Then I got him to open port 22 on his router to his desktop i.p.
It's not connecting thought..
I use ssh myself on my web server and I'm trying to conect the same way..
ssh -p 22 user@DSL i.p.
(my defaut port is different on my desktop set up, hence the -p 22...)

The ssh_config file will be default in it's set-up because he hasn't done anything to it of course. Will I be able to connect or does he need to enter the server i.p. and/or a port. The default file is like: host *
Everything else is # hashed out..

Any sugestions?
 
Old 08-29-2009, 10:36 AM   #2
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,017

Rep: Reputation: 369Reputation: 369Reputation: 369Reputation: 369
The -vvv option for ssh will give you verbose information about what is going wrong.
Please try it.
 
Old 08-29-2009, 06:58 PM   #3
VipX1
Member
 
Registered: Jun 2009
Location: Dublin, IRL
Distribution: Arch
Posts: 35
Blog Entries: 1

Original Poster
Rep: Reputation: 15
ssh follow up..

-vv says connection timed out.
I took that a step further and on the router at the host ens I set a firewall rule up and it logs all actions. I can see my DSL connecting to the router and the firewall lets it threw to the Host i.p. on port 22, TCP RST(TCP Request). The connection is permitted by the firewall. The connection times out so I guess it's the host, the Ubuntu desktop that isn't answering the request.
The ssh_config file is in it's default state. That's the only thing I can think of to try but I'll have to go down there to do it..
 
Old 08-30-2009, 12:44 AM   #4
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,017

Rep: Reputation: 369Reputation: 369Reputation: 369Reputation: 369
Quote:
The connection is permitted by the firewall. The connection times out so I guess it's the host, the Ubuntu desktop that isn't answering the request.
Not the firewall then, and the connection "Times out" (which is very different from "Refused" or "Not permitted")
It's not the "desktop" that answers ssh requests, but the ssh daemon. Is it running on the remote machine?
Code:
tred@vaio:~$ ps -A | grep ssh
 6008 ?        00:00:00 sshd
 6191 ?        00:00:00 ssh-agent
tred@vaio:~$
^ Mine is.
He can start it with sudo /etc/init.d/ssh start

Last edited by tredegar; 08-30-2009 at 04:37 AM. Reason: HE can start it....
 
Old 08-30-2009, 06:45 AM   #5
VipX1
Member
 
Registered: Jun 2009
Location: Dublin, IRL
Distribution: Arch
Posts: 35
Blog Entries: 1

Original Poster
Rep: Reputation: 15
Code:
 sudo /etc/init.d/ssh start
* Starting OpenBSD Secure Shell server sshd  
[OK ] 
kev@kev-Ubuntu:~$ sudo update-rc.d ssh defaults
 System startup links for /etc/init.d/ssh already exist.
I really thought you had it there tredegar. He's rebooting now so we will see. It was damm hard to get him to write that. At one stage he posted the output "bash:...command not found" because he had included the DOTS from the Skype post in the command.. It's all good.
Code:
ssh -vv me@*.*.*.*.
OpenSSH_5.1p1 Debian-5ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *.*.*.*
debug2: ssh_connect: needpriv 0
debug1: Connecting to *.*.*.* [*.*.*.*] port 22.
debug1: connect to address 93.107.73.117 port 22: Connection timed out
ssh: connect to host *.*.*.* port 22: Connection timed out
That's from after the reboot.
Code:
 
ps -A | grep ssh
4785 ?        00:00:00 sshd
 
Old 08-30-2009, 07:20 AM   #6
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,017

Rep: Reputation: 369Reputation: 369Reputation: 369Reputation: 369
Let me get a few things straight -

Quote:
on the router at the host ens I set a firewall rule up and it logs all actions. I can see my DSL connecting to the router and the firewall lets it threw to the Host i.p. on port 22, TCP RST(TCP Request).
You can access his modem / router remotely?
From the Big Bad Internet? How so?

When you are posting code, please indicate which machine the code refers to. Is kev-Ubuntu the remote machine?

Quote:
The ssh_config file is in it's default state.
Unfortunately mine are NOT, so I can't see what is set by default, but I would expect it to work.

The file you should be interested in is not his ssh_config but /etc/ssh/sshd_config because that is what determines what sort of incoming connections are allowed and how they may be authenticated.
Maybe you can ask him to email it to you as an attachment, then take a look at it.

Are you sure you have his IP correct? If he has not paid for a static IP, it can change.

Meanwhile can he ssh to himself?

Code:
user@remote:~$ ssh user@localhost
user@localhost's password:
user@remote:~$ exit
logout
Connection to localhost closed.
user@remote:~$
 
Old 08-30-2009, 07:26 AM   #7
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
Firewall was already mentioned for the router. Does your friend run a (additional firewall) on the desktop machine?
 
Old 08-30-2009, 07:27 AM   #8
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,511

Rep: Reputation: 884Reputation: 884Reputation: 884Reputation: 884Reputation: 884Reputation: 884Reputation: 884
Does the provider allows ssh connections on port 22 ?
What is the output from
Code:
nmap ip -p22
You could try to setup ssh to listen on port 2222, and change the firewall and router settings.

Last edited by repo; 08-30-2009 at 10:09 AM.
 
Old 08-30-2009, 08:37 AM   #9
VipX1
Member
 
Registered: Jun 2009
Location: Dublin, IRL
Distribution: Arch
Posts: 35
Blog Entries: 1

Original Poster
Rep: Reputation: 15
I can get into his router on the WAN alright. He switched off the firewall on the router and switched on remote access at my request. I can now access the router on a paticular port. I have open port 22 on his router to his Ubuntu desktop i.p. NAT Rule. I have also set up a WAN to LAN Rule in his router firewall allow my fixed DSL i.p. to access any UDP and TCP to any i.p. address on his LAN. I have complete access to his LAN.
I can see in the router firewall LOGS that my i.p. connects to the router on port 22 (ISP port 22 OK) The log says Access Permitted for the Rule match..( the firewall rule I already mentioned) But then the next LOG entry is Connection timed out, I also get connection timed out at my end on my Terminal.

Kev-Ubutnu is the remote machine, The Host.

I have been getting him to look at the Client config file. I should be looking at the sshd_config, OK.
The sshd_config file is in it's default state and I don't know if works like that. We are in the middle of change it now. Binding it to the eth0 i.p.
Thanks Guys.

nmap comes back with port 22 filtered ..

Last edited by VipX1; 08-30-2009 at 08:39 AM. Reason: Nmap
 
Old 08-30-2009, 08:47 AM   #10
VipX1
Member
 
Registered: Jun 2009
Location: Dublin, IRL
Distribution: Arch
Posts: 35
Blog Entries: 1

Original Poster
Rep: Reputation: 15
How do I reboot the server application of ssh is it:
Code:
sudo /etc/init.d/ssh restart
or
Code:
sudo /etc/init.d/sshd restart
I can not check on my remote connection or I will kill it..
 
Old 08-30-2009, 08:56 AM   #11
VipX1
Member
 
Registered: Jun 2009
Location: Dublin, IRL
Distribution: Arch
Posts: 35
Blog Entries: 1

Original Poster
Rep: Reputation: 15
That's it. I changed to a port around 47500 and it worked...
Thanks Guys..
 
Old 08-30-2009, 10:10 AM   #12
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,511

Rep: Reputation: 884Reputation: 884Reputation: 884Reputation: 884Reputation: 884Reputation: 884Reputation: 884
Glad to see it works.
If you want you can mark the thread solved.
 
Old 08-30-2009, 10:29 AM   #13
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,017

Rep: Reputation: 369Reputation: 369Reputation: 369Reputation: 369
Quote:
and it worked...
Yaaaay!

Now, immediately, please login to his router, turn the firewall back on, drop connections to port22 and turn OFF "Allow logins from the WAN". Allow only logins from his LAN (which you can now access with ssh).

Next step (if I may suggest) is to enable key-based authentication and logins, and disable username / password logins for ssh. Lots of HOWTOs on the www. [ssh is secure, but brute-force attacks still work, eventually]

To restart the ssh server you need sudo /etc/init.d/ssh restart. I just tried this, and I did not lose the ssh connection.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] How can i go back to default iptables settings in Ubuntu? judoka Linux - Newbie 7 08-18-2009 05:11 AM
Slow ssh connection over lan with Ubuntu Desktop and Ubuntu Server Recursion Linux - Networking 1 05-23-2009 02:17 AM
Problems with desktop settings in ubuntu 8.04 pr5439 Linux - Hardware 11 10-31-2008 11:40 AM
[SOLVED] Ubuntu Hardy - need help returning to default desktop loren41 Linux - Newbie 1 10-26-2008 12:16 PM
Ubuntu desktop-DNS settings disappear after I type them jonette20 Linux - Desktop 2 08-14-2007 03:32 PM


All times are GMT -5. The time now is 07:21 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration