LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-12-2006, 03:14 PM   #1
X_user
Member
 
Registered: Jan 2006
Location: New Mexico
Distribution: Gentoo, Debian, DSL, Ubuntu
Posts: 34

Rep: Reputation: 15
Setting up dyn. IP DSL connection for SSHD


I finally decided to combat the problem with dhcpcd and SSH on my machine. For ease of use I created an account with NO-IP and installed noip2. noip is working perfectly. However when I try to ssh into my computer i get a

Code:
hostname.no-ip.org port 22: Connection refused
I have been reading around and saw that you can fix this somehow with port forwarding, however Im not using a router, if this matters?

I am running Gentoo kernel 2.6, once again the connection is a single IP dynamic DSL connection.

Anyone have any ideas on how I could fix this?
 
Old 08-12-2006, 03:23 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,396

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
what is actaully connecting this computer to the internet? if there really is no other machine, i.e. your machine is what holds the public ip address, then you will have either a firewall on the machine (run iptables -L to list active rules) or ssh is not running.
 
Old 08-12-2006, 03:52 PM   #3
X_user
Member
 
Registered: Jan 2006
Location: New Mexico
Distribution: Gentoo, Debian, DSL, Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
A DSL modem is actually connecting me to the internet. I installed IP tables and I get some module error which Im in the process of fixing. I restarted ssh just to be sure it was running. Tried shell in and got

Code:
Connection timed out
on one try and

Code:
Port 22: Connection refused
on another try.
 
Old 08-12-2006, 04:07 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,396

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
you installed iptables? iptables will be a default install on virtually every distro. so does this machine have the internet ip address? does ifconfig prove it?
 
Old 08-12-2006, 04:21 PM   #5
X_user
Member
 
Registered: Jan 2006
Location: New Mexico
Distribution: Gentoo, Debian, DSL, Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
Yes, I installed IPTABLES. I did a live net gentoo install, maybe this is the reason?

Regarding the IP address ifconfig says the address is :
192.168.0.3 ( I think this is the DSL modems address)

www.canyouseeme.org says my IP is:
71.32.96.xxx

canyouseeme.org also checks ports, my ssh port 22, according to canyouseeme.org:

Code:
Error: I could not see your service on 71.32.96.xxx on port (22)
Reason: Connection timed out
 
Old 08-13-2006, 02:36 PM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,396

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
is it worth me asking again to see the iptables output or will you ignore it again?
 
Old 08-14-2006, 12:42 AM   #7
X_user
Member
 
Registered: Jan 2006
Location: New Mexico
Distribution: Gentoo, Debian, DSL, Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
Sorry, I hadnt checked out the post, I have been trying to get iptables to work as I am know convinced that something is blocking port22 on my machine.

At this moment doing a "iptables --list" outputs

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
 
Old 08-14-2006, 02:37 AM   #8
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,396

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
oj, so there i no firewall. can you ssh to yourself locally? does your /etc/sshd_config permit connection from your source? is there any thing matching in /var/log/secure? can you show your ifconfig output to prove your machine has your internet ip address?
 
Old 08-14-2006, 11:51 PM   #9
X_user
Member
 
Registered: Jan 2006
Location: New Mexico
Distribution: Gentoo, Debian, DSL, Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
Yes, I can ssh through localhost but not ssh through my dns name. As I mentioned before something is blocking my port 22.
ifconfig output:

eth0 Link encap:Ethernet HWaddr 00:01:02:8B:66:79
inet addr:192.168.0.3 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4911615 errors:0 dropped:0 overruns:0 frame:0
TX packets:4658720 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2900423546 (2766.0 Mb) TX bytes:1157099332 (1103.4 Mb)
Interrupt:10 Base address:0xa000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:3009 errors:0 dropped:0 overruns:0 frame:0
TX packets:3009 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:59480 (58.0 Kb) TX bytes:59480 (58.0 Kb)


as you can confirm my ifconfig does not have my internet address but my DSL modems address. If you say iptables shows no firewall then I am sure that my DSL modem is automatically blocking it. As for sshd_config i have not messed with anything. I do not even have a /var/log/secure file.
 
Old 08-14-2006, 11:53 PM   #10
X_user
Member
 
Registered: Jan 2006
Location: New Mexico
Distribution: Gentoo, Debian, DSL, Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
Here's My sshd_config file

# $OpenBSD: sshd_config,v 1.72 2005/07/25 11:59:40 markus Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

#Port 22
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication=no
UsePAM yes

#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp /usr/lib/misc/sftp-server
 
Old 08-15-2006, 02:58 AM   #11
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,396

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
ok, so your machine has an ip address of 192.168.0.3, as such you DO have a router.... how are we supposed to help you if you don't even know what your network is?
 
Old 08-15-2006, 06:01 AM   #12
X_user
Member
 
Registered: Jan 2006
Location: New Mexico
Distribution: Gentoo, Debian, DSL, Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
Sorry, but now your just being offensive. As I have mentioned alot now, I have a DSL MODEM that connects me to the internet. This IS NOT a router. If we get into the technical aspects of a router then perhaps the DSL MODEM falls into the router category. However, I may be incredibly wrong...? Now if you mean that my internet connection might be coming from a router at the ISP then you are completely correct!

So now that I made this fact strictly KNOWN. I am pretty convinced that the DSL modem is blocking my port22. I mentioned earlier that I could log in to my modem through the address 192.168.0.3, and saw that there were some settings for port blocking. However I did not mess with anything since the modem firewall was disabled and wanted to make sure all of my OS setting were correct before messing with it.
 
Old 09-17-2006, 03:24 PM   #13
X_user
Member
 
Registered: Jan 2006
Location: New Mexico
Distribution: Gentoo, Debian, DSL, Ubuntu
Posts: 34

Original Poster
Rep: Reputation: 15
Apparantly my DSL modem IS A Router, sorry acid_kewpie for the smart ass remark,

The problem was fixed with the following:
1. log into modem via 198.168.0.1
2. go to advanced configuration options
3. advanced port forwarding
4. type in port and IP for incoming traffic
5. type in port and IP for the modem to route to (e.g. my computer 192.168.0.3)
6. click apply, (this allows that IP to connect to your box, by forwarding the port to your local address).

Problem solved.
 
Old 09-17-2006, 03:39 PM   #14
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,396

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
Hate to say i told you so... keep on trucking.
 
Old 01-07-2007, 09:36 PM   #15
t.j.sorrow
LQ Newbie
 
Registered: Sep 2005
Location: Mississauga, Canada
Distribution: SuSe10.2, Mandrake 10.1, RH
Posts: 18

Rep: Reputation: 0
I'm having similar problems: no-ip + DSL modem ( which I would describe as a bridge rather then router, for one port in one port out) anyhow I'm not so lucky as X-user my modem doesn't give me such options to redirect / forward ports. I cannot to make work web server using port # 80 nor # 8001 which is reported as open.

ifconfig:
dsl1 Link encap:Point-to-Point Protocol
inet addr:69.156.15.241 P-t-P:64.230.197.210 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:679819 errors:0 dropped:0 overruns:0 frame:0
TX packets:394161 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:902858823 (861.0 Mb) TX bytes:52896262 (50.4 Mb)

eth0 Link encap:Ethernet HWaddr 00:11:95:F5:35:7C
inet addr:192.168.2.10 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::211:95ff:fef5:357c/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:686148 errors:0 dropped:0 overruns:0 frame:0
TX packets:397602 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:919327528 (876.7 Mb) TX bytes:61901113 (59.0 Mb)
Interrupt:9 Base address:0xb000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:714 errors:0 dropped:0 overruns:0 frame:0
TX packets:714 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:87756 (85.6 Kb) TX bytes:87756 (85.6 Kb)

listing iptables would a bit too long :-(
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting up a DSL connection using a usb modem RhysBJ Linux - Networking 8 06-11-2006 08:00 AM
Problems setting up my internet connection, DSL with two network cards ALInux Linux - Networking 8 08-23-2004 02:48 PM
Setting up sshd floyd Linux - Networking 1 05-17-2004 07:48 AM
help setting up dsl connection using dwl-520+ snakeo2 Linux - Wireless Networking 1 03-23-2004 03:10 AM
Setting up a DSL connection in Mandrake 9.0 Joekool Linux - Newbie 1 11-04-2002 05:21 PM


All times are GMT -5. The time now is 04:44 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration