Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
But if i use putty from any machine the connection times out and if i do chris@192.168.62.54 in cygwin i get timed out too
All the other machines i tested it from are in the same LAN but if thats the problem i need to find a way around that because im going to use startx from cygwin to get a interface.
Using tcpdump could help you understand if there is a problem on your system, or a problem on your network. Just write down "tcpdump src (machine address)" to see if you`re getting any packets. Now if you do, there's probably a firewall problem. Just pulish iptables -L and we'll probably be able to help you. If it's not, then it seems more like a network problem. G'luck!
This sounds a bit like a firewall problem. Post the output of iptables -L -n or your firewall script and we can have a look. Also have a look in /etc/hosts.allow and /etc/hosts.deny as they could also be causing something like this.
Finally, make sure that sshd is listening on port 22. You should see it if you run netstat -pantu | grep sshd as root in a console.
OK, one down, two to go. That iptables output means that you don't have a firewall in place. You'll want to learn how to address that in the near future, but for now it means that it isn't part of the problem.
Now if you could check on the hosts.allow/deny files and the netstat output.
Thank you very much it was the hosts.allow/.deny files i had
ALL:EXCEPT 127.0.0.1ENY
Now i have sorted that and can connect i have another issue when i connect it works fine but sometimes say every 2hour or so the hosts.deny file updates and the line
ALL:EXCEPT 127.0.0.1ENY
appears from no where
The hosts.allow file is unaltered what could be causing this?
I ssh my box @ home every day from a windows box @ work... ... just make sure the daemon is running.
When the daemon is not running, most of the time you get a "time out" error
when the firewall is kicking you out, you get a "connection refused" error
I'm not sure what distro you're using, but on My vector Linux, this is how I start it
Code:
service sshd start
or
Code:
/etc/rc.d/init.d/sshd start
I think you should try that before you start messing with iptables...
Sometimes when I can't login to my machine with SSH when I have been able to before, I will usually just go to the machine itself, login, and then delete everything out of my ~/.ssh file, or its something like that, i havent checked for while, but its got the key id's in there. Not that this is a good way, it just seems to work when I need it too .
Thank you very much it was the hosts.allow/.deny files i had
ALL:EXCEPT 127.0.0.1ENY
Now i have sorted that and can connect i have another issue when i connect it works fine but sometimes say every 2hour or so the hosts.deny file updates and the line
ALL:EXCEPT 127.0.0.1ENY
appears from no where
The hosts.allow file is unaltered what could be causing this?
You never say what distro you're using, but it looks as if it is trying to forcibly keep the hosts.deny file intact as a means of securing the box. That's OK, because the hosts.allow file gives you a way to let stuff in. The basic idea is that hosts.deny keeps everything out EXCEPT for the rules in hosts.allow, so if you add a rule to hosts.allow that lets in an SSH connection, you should be good to go.
There is a nice example here on how to do this, but basically you need to add a line to hosts.allow like this:
sshd : ALL : ALLOW
That should allow all ssh connections to come through. Now, if you are going to be connecting from a limited number of IP addresses, rather than allowing ALL IP addresses, you could restrict it:
sshd : XXX.XXX.XXX.XXX : ALLOW
and just replace the XXX bit with the IP address you want to allow in. Allowing ALL in is certainly easier, but it does expose you to a greater security risk. Of course if you will always be accessing SSH from machines you own, you could do away with username/password authentication and go with key based authentication. There is a nice tutorial on how to do that here.
Is 192.168.1.2 your router? By including that IP in your hosts.allow file after an EXCEPT, you're preventing any connections from there, so if that is a critical part of your network, it might be the problem.
192.168.1.2
Thats only there because i forgot to remove it when i looked at the examples it is nothing on my network. (bit of a stupid mistake its gone now)
OK, If it is still not working I would do two things:
1) check that sshd is actually running
2) Look in your log files (/var/log/syslog and /var/log/messges) and the dmesg output and see if sshd is complaining or leaving any clues.
3) (OK, I lied about 2 thiings) Check your router and make sure that port 22 is being forwarded to the correct IP address. If you use DHCP to get an IP address, the server's IP may have changed and caused this problem.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.