LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-15-2005, 09:51 PM   #1
shodekiagari
Member
 
Registered: Nov 2003
Posts: 47

Rep: Reputation: 15
problems with openssh server (ssh)


(running ubuntu breezy)

All right, due to previous troubles with ssh and sshd I thought myself decently versed in ssh problems. But something has me stumped.

Up until yesterday afternoon ssh was working perfectly. Then it mysteriously stopped and gives me "connection refused" errors whenver I try and log in from another computer or even the computer the server is running on (localhost works though).

I think the problem may have something to do with the fact I switched kernels. I removed iptables, "apt-get remove iptables" and haven't modified hosts.allow or hosts.deny.

Any idea if anything about a new kernel could change my network settings?

Here's the command on vvv verbosity level. Just trying to do it through my local network and I still get blocked

shodekiagari@raikunite:/etc/ssh$ ssh -vvv -p 443 192.168.0.5
OpenSSH_4.1p1 Debian-7ubuntu4, OpenSSL 0.9.7g 11 Apr 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.0.5 [192.168.0.5] port 443.
debug1: connect to address 192.168.0.5 port 443: Connection refused
ssh: connect to host 192.168.0.5 port 443: Connection refused

edit: thought it might be helpful to mention that ftp works while telnet doesn't seem to.

Last edited by shodekiagari; 10-15-2005 at 10:02 PM.
 
Old 10-16-2005, 01:01 AM   #2
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,291

Rep: Reputation: 62
Is there a reason you have set it on 443, that is used for secure web (https). Did you installed apache or start the apache daemon when you changed the kernel? if you have it may be listen on port 443. Having to daemons listening on the same port will cause issues.
 
Old 10-16-2005, 01:02 AM   #3
mysteriouslurker
LQ Newbie
 
Registered: Oct 2005
Posts: 5

Rep: Reputation: 0
apache isn't running, and I switched it over to port 22 and still no luck. Thanks for the suggestion though.

edit: yeah, I'm shodekiagari (forgot I had a second account on another computer...)

Last edited by mysteriouslurker; 10-16-2005 at 01:06 AM.
 
Old 10-16-2005, 01:21 AM   #4
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,291

Rep: Reputation: 62
Is there anything in the /etc/hosts.allow or /etc/hosts.deny file. maybe place your ipaddress or ipaddress range like this in the /etc/hosts.allow:

sshd: 192.168.0.50

or

sshd: 192.168.0.0/255.255.255.0
 
Old 10-16-2005, 01:35 AM   #5
mysteriouslurker
LQ Newbie
 
Registered: Oct 2005
Posts: 5

Rep: Reputation: 0
my hosts file

all right. hosts.allow looks like this without the comments in brackets

ALL:192.168.0.5 [server computer]
ALL:192.168.0.5 [comoputer trying to access]
ALL:myip [my static ip addres]
ALL:ALL [should let everything in]

My hosts.deny looks like this

[everything's commented out]


They haven't changed. Unless a kernel parameter messed with it? Cause I did change the kernerl...

Thanks so much fotoguy

shodekiagari/mysteriouslurker
 
Old 10-16-2005, 01:54 AM   #6
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,291

Rep: Reputation: 62
Re: my hosts file

Quote:
Originally posted by mysteriouslurker
all right. hosts.allow looks like this without the comments in brackets

ALL:192.168.0.5 [server computer]
ALL:192.168.0.5 [comoputer trying to access]
ALL:myip [my static ip addres]
ALL:ALL [should let everything in]

My hosts.deny looks like this

[everything's commented out]


They haven't changed. Unless a kernel parameter messed with it? Cause I did change the kernerl...

Thanks so much fotoguy

shodekiagari/mysteriouslurker
Does that mean your now ok?

For security never put ALL:ALL in the hosts.allow file, this is the first file that it reads for a connection, if everythings is allowed in it will never get to read the hosts.deny file to deny it. Always place the ALL: ALL in the hosts.deny file, that way anyything not in the hosts.allow will automatically be denied.
 
Old 10-16-2005, 01:57 AM   #7
mysteriouslurker
LQ Newbie
 
Registered: Oct 2005
Posts: 5

Rep: Reputation: 0
no, everything's not okay. it's all still down. down. down. And yeah, I know it's a major security risk, but I'm willing to take that risk cause I tend to ssh from odd places. plus I use weird passwords :-D
 
Old 10-16-2005, 02:07 AM   #8
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,291

Rep: Reputation: 62
Maybe remove and then reinstalling ssh and see if that fixes the problem.
 
Old 10-16-2005, 02:09 AM   #9
mysteriouslurker
LQ Newbie
 
Registered: Oct 2005
Posts: 5

Rep: Reputation: 0
That was my first idea. I purged the config files and everything. no luck. So funny enough that you should mention it, I'm compiling from source...
 
Old 10-16-2005, 02:29 AM   #10
shodekiagari
Member
 
Registered: Nov 2003
Posts: 47

Original Poster
Rep: Reputation: 15
okay. it's definitely not a problem with ssh. it's something else blocking access to that port. (maybe I should start a new topic?)

I compiled from source, it works beautifully... as long as I connect from the localhost. This means I am where I was before. "ssh: connect to host 192.168.0.5 port 22: Connection refused"

What could be blocking access to this port if ipchains has been apt-removed? Any ideas?

Thanks

shodekiagari
 
Old 10-16-2005, 05:37 AM   #11
fotoguy
Senior Member
 
Registered: Mar 2003
Location: Brisbane Queensland Australia
Distribution: Custom Debian Live ISO's
Posts: 1,291

Rep: Reputation: 62
Maybe removing iptables created a problem somewhere, try reinstalling iptables and see if it could be that causing the problem. That's about all I can think of, might be good idea to start a new thread.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenSSH ssh-agent problems. Bug? darklogik_org Slackware 2 02-10-2004 05:25 PM
What's the difference between openssh and ssh israel Linux - Software 2 09-18-2003 08:04 PM
ssh, openssh... telnet desjazz Linux - Newbie 2 03-10-2003 02:23 PM
Difference b/w OpenSSH and SSH? Rampage2884 Linux - Newbie 2 09-13-2002 02:26 PM
SSH/OpenSSH mikesvx1 Linux - Security 2 12-21-2001 05:18 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration