[SOLVED] ssh, Trying to call a friends Ubuntu desktop, Default settings?
Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
ssh, Trying to call a friends Ubuntu desktop, Default settings?
My friend is having trouble with vsftpd. I told him to install Openssh-Server. Set me up as a user on the desktop anding me to admin group and ssh group. He also ticked the Administrator box under my username setup. Then I got him to open port 22 on his router to his desktop i.p.
It's not connecting thought..
I use ssh myself on my web server and I'm trying to conect the same way..
ssh -p 22 user@DSL i.p.
(my defaut port is different on my desktop set up, hence the -p 22...)
The ssh_config file will be default in it's set-up because he hasn't done anything to it of course. Will I be able to connect or does he need to enter the server i.p. and/or a port. The default file is like: host *
Everything else is # hashed out..
-vv says connection timed out.
I took that a step further and on the router at the host ens I set a firewall rule up and it logs all actions. I can see my DSL connecting to the router and the firewall lets it threw to the Host i.p. on port 22, TCP RST(TCP Request). The connection is permitted by the firewall. The connection times out so I guess it's the host, the Ubuntu desktop that isn't answering the request.
The ssh_config file is in it's default state. That's the only thing I can think of to try but I'll have to go down there to do it..
The connection is permitted by the firewall. The connection times out so I guess it's the host, the Ubuntu desktop that isn't answering the request.
Not the firewall then, and the connection "Times out" (which is very different from "Refused" or "Not permitted")
It's not the "desktop" that answers ssh requests, but the ssh daemon. Is it running on the remote machine?
sudo /etc/init.d/ssh start
* Starting OpenBSD Secure Shell server sshd
kev@kev-Ubuntu:~$ sudo update-rc.d ssh defaults
System startup links for /etc/init.d/ssh already exist.
I really thought you had it there tredegar. He's rebooting now so we will see. It was damm hard to get him to write that. At one stage he posted the output "bash:...command not found" because he had included the DOTS from the Skype post in the command.. It's all good.
ssh -vv me@*.*.*.*.
OpenSSH_5.1p1 Debian-5ubuntu1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *.*.*.*
debug2: ssh_connect: needpriv 0
debug1: Connecting to *.*.*.* [*.*.*.*] port 22.
debug1: connect to address 220.127.116.11 port 22: Connection timed out
ssh: connect to host *.*.*.* port 22: Connection timed out
on the router at the host ens I set a firewall rule up and it logs all actions. I can see my DSL connecting to the router and the firewall lets it threw to the Host i.p. on port 22, TCP RST(TCP Request).
You can access his modem / router remotely?
From the Big Bad Internet? How so?
When you are posting code, please indicate which machine the code refers to. Is kev-Ubuntu the remote machine?
The ssh_config file is in it's default state.
Unfortunately mine are NOT, so I can't see what is set by default, but I would expect it to work.
The file you should be interested in is not his ssh_config but /etc/ssh/sshd_config because that is what determines what sort of incoming connections are allowed and how they may be authenticated.
Maybe you can ask him to email it to you as an attachment, then take a look at it.
Are you sure you have his IP correct? If he has not paid for a static IP, it can change.
I can get into his router on the WAN alright. He switched off the firewall on the router and switched on remote access at my request. I can now access the router on a paticular port. I have open port 22 on his router to his Ubuntu desktop i.p. NAT Rule. I have also set up a WAN to LAN Rule in his router firewall allow my fixed DSL i.p. to access any UDP and TCP to any i.p. address on his LAN. I have complete access to his LAN.
I can see in the router firewall LOGS that my i.p. connects to the router on port 22 (ISP port 22 OK) The log says Access Permitted for the Rule match..( the firewall rule I already mentioned) But then the next LOG entry is Connection timed out, I also get connection timed out at my end on my Terminal.
Kev-Ubutnu is the remote machine, The Host.
I have been getting him to look at the Client config file. I should be looking at the sshd_config, OK.
The sshd_config file is in it's default state and I don't know if works like that. We are in the middle of change it now. Binding it to the eth0 i.p.
nmap comes back with port 22 filtered ..
Last edited by VipX1; 08-30-2009 at 09:39 AM.
Now, immediately, please login to his router, turn the firewall back on, drop connections to port22 and turn OFF "Allow logins from the WAN". Allow only logins from his LAN (which you can now access with ssh).
Next step (if I may suggest) is to enable key-based authentication and logins, and disable username / password logins for ssh. Lots of HOWTOs on the www. [ssh is secure, but brute-force attacks still work, eventually]
To restart the ssh server you need sudo /etc/init.d/ssh restart. I just tried this, and I did not lose the ssh connection.