can ping but not ssh
HI, I have two computers in the same internal network,
say A and B. I can ssh from A to B, but B can not ssh to A. Ping command works very well. openssh was installed on both computers. what are the other possible reasons? another hint is A can ssh to itself which means its ssh server is open as i think. thanks |
Have you got a firewall running? Are you using port 22 for sshd on the failing machine?
Could you post the error messages you get? |
there is a firewall, but both of these two computers
are on the same side of the firewall. It is a good proof that A can SSH to B because A and B are two computers in the totally equal status. There should not be any reasons why A to B can and B to A cannot. I use the default port but there is no error message for example, I execute command: ssh computer-A, there is no response at all, it did not say the port is not open or the IP is not reachable. Quote:
|
Probably the port 22 on A is not open and if it is then there should be an error message or there is an internal problem with your addresses. what distro are you running?
|
ok, I will check the port.
A is Suse10, B is FC5. Quote:
|
If you type telnet <ip addr> 22 on both the machines, you should clearly see the header of the running SSHd, example:
shawr:/home/dave# telnet localhost 22 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. SSH-2.0-OpenSSH_4.3p2 Debian-5.1 Sounds like the SSH daemon is not running on machine A. You can also check this by typing ps aux | grep sshd. You should get something like: root 2174 0.0 0.9 4928 1112 ? Ss Nov17 0:03 /usr/sbin/sshd If you don't see a line similiar to this then I suggest you reinstall SSHd. Remember that your system can quite happily have ssh on it allowing you to open SSH connections and not have SSHd running. Also if by some crazyness you have configured the sshd_config to run SSHd on a different port, you can use the lovely nmap tool to find out what port it is on. nmap -T5 -sV localhost should do if you have nmap installed. OR you can even type cat /etc/ssh/sshd_config | grep Port to find out what port your sshd is running on! Hope that helps lol :) |
I run the command
a-pc$ telnet localhost 22 it shows something like to SSH-2.0-OpenSSH_4.3p2 Debian-5.1, but if I run the command on B b-pc$ telnet a-pc-IP 22, the response is Trying 138.37.90.53... and wait... On computer, A can ssh to itself. Does this mean the port is not a problem? Quote:
|
is it possible that pc-a has a local firewall setting?
pc-a is installed all by default (because we are newbie). as I said in the last post, pc-b can ping to pc-a. and pc-a can ssh to pc-a itself. we have another computer pc-c in the same local network. pc-c and pc-b can communicate to each other by ssh, but pc-a is not accessible by ssh to both pc-b and pc-c. so I guess the problem is still the setting of pc-a, not the department firewall. Quote:
|
To clear up the questions about firewalls, or port 22 not open, run nmap from either the B machine or the C machine. I have used this technique to verify open ports. Here is a sample on my network. i use SSH on port 22.
Code:
nmap -T5 -sV presto |
Spot on, thank you Cliff, couldn't have put it better myself! ;)
Does that answer your question yumener? |
I run these command on B and the resuts are shown here.
$nmap -T5 -sV pc-a Starting Nmap 4.20RC1 ( http://insecure.org ) at 2006-11-23 19:04 GMT Note: Host seems down. If it is really up, but blocking our ping probes, try -P0Nmap finished: 1 IP address (0 hosts up) scanned in 0.760 seconds $nmap -T5 -sV -P0 pc-a Starting Nmap 4.20RC1 ( http://insecure.org ) at 2006-11-23 19:06 GMT Interesting ports on a-pc : Not shown: 1689 filtered ports PORT STATE SERVICE VERSION 113/tcp closed auth Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ . Nmap finished: 1 IP address (1 host up) scanned in 23.719 seconds so seems that ssh port is not open? but how can I solve it? Quote:
|
All times are GMT -5. The time now is 10:17 AM. |