LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-15-2007, 12:15 PM   #1
TheBrick
Member
 
Registered: Mar 2006
Location: London
Distribution: SUSE 10.0 Home soon to go (no internet conection), gentoo laptop, slack on development box
Posts: 81

Rep: Reputation: 15
ssh setting up port 22 conection refused


Hello, I have been searching and tweaking for an hour with not much luck. Sorry I don't know enough about neworking to make progress.

I am on a gentoo laptop 2.6.16, OpenSSH_4.2p1, OpenSSL 0.9.7j 04 May 2006.
I am trying to allow ssh from the local netwok onto my computer, this is my network settings (as I understand it), with xs in place of number clearly.

Code:
$ more /etc/conf.d/net
# This blank configuration will automatically use DHCP for any net.*
# scripts in /etc/init.d.  To create a more complete configuration,
# please review /etc/conf.d/net.example and save your configuration
# in /etc/conf.d/net (this file :]!).
#config_eth1=("dhcp")
#dhcp_eth1="nodns nontp nonis"
#config_eth0=("dhcp")
#dhcp_eth0="nodns nontp nonis"
modules=( "ifconfig")
config_eth0=( "192.xxx.x.xx broadcast 192.168.1.255 netmask 255.255.255.0")
routes_eth0=( "default gw 192.xxx.x.x")
I can ssh from my computer to others on the network but not from other computers to my computer. When I try and ssh into my machine I get

Code:
ssh: connect to host 192.xxx.x.x port 22: Connection refused
I can ping the machine ok.

I have allowed rsa authetification as I understand. I have tried uncomenting the line Port 22 but it made no difference. Do I have to restart something? This is my sshd config file.

Code:
#       $OpenBSD: sshd_config,v 1.72 2005/07/25 11:59:40 markus Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication=no
UsePAM yes

#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem       sftp    /usr/lib/misc/sftp-server
I am sure this is something very easy but I don't understand it. Could you please help me out I have tried to include the info that I think you may need. Thanks for any help.
 
Old 02-15-2007, 01:23 PM   #2
jxi
Member
 
Registered: Feb 2003
Location: Richmond VA
Distribution: Slackware 11 -- CentOS 4.4
Posts: 115

Rep: Reputation: 15
2 things - daemon & firewall
post the output of
`iptables -L -v -n`

is the sshd daemon running on the laptop?
at the very least check this with

`nmap -sS -O -p- -PI -PT localhost`

(substitute the laptop ip for localhost if done from another box)
(ok so this is scanning every port not just 22 but what the heck)

HTH
 
Old 02-22-2007, 04:43 AM   #3
TheBrick
Member
 
Registered: Mar 2006
Location: London
Distribution: SUSE 10.0 Home soon to go (no internet conection), gentoo laptop, slack on development box
Posts: 81

Original Poster
Rep: Reputation: 15
Sorry for the late reply was away from internet conection for a while and then very bussy.

O.K lets begin.

2 things - daemon & firewall
post the output of
`iptables -L -v -n`

# iptables -L -v -n
bash: iptables: command not found

So i clearly do not have the firewall installed (I only conect to the inernet from this nework which is behind it's own firewall).

is the sshd daemon running on the laptop?
at the very least check this with

`nmap -sS -O -p- -PI -PT localhost`

nmap isnot installed either so I emerged nmap. After emerging nmap I get

# nmap -sS -O -p- -PI -PT localhost

Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2007-02-22 10:42 GMT
Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
All 65535 scanned ports on localhost (127.0.0.1) are: closed
Too many fingerprints match this host to give specific OS details

Nmap finished: 1 IP address (1 host up) scanned in 6.926 seconds


So I guess that means I need to open port 22. So I guess my next question would be how do I open this port?

Many Thanks

Tommy
 
Old 02-22-2007, 08:57 AM   #4
jxi
Member
 
Registered: Feb 2003
Location: Richmond VA
Distribution: Slackware 11 -- CentOS 4.4
Posts: 115

Rep: Reputation: 15
"opening the port" is essentially starting the program/daemon associated with that port. I don't know the init style in gentoo so here are the two styles
slackware (bsd-like)

Code:
/etc/rc.d/sshd start
(make sure the execute bit(s) are set on first)

centos (redhat = sys5)

Code:
/etc/init.d/sshd start
(although this is usually accessed from a symlink like /etc/rc5.d/S55sshd, and long term - to work on reboots for example - you would control it from there.)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Howto do Secured ssh from port https or port80(standard) to ssh d listening port 22 ? Xeratul Linux - General 4 11-23-2006 06:09 AM
Problems setting up an ADSL conection Junfan Linux - Hardware 2 02-13-2005 02:45 PM
Port fowarding through ssh without setting up the router, possible? Baix Linux - Newbie 7 02-11-2005 09:51 PM
Ftp conection refused error NewtonIX Linux - General 4 11-02-2003 02:08 PM
SSH port...Connection....refused?? Miyamoto Mandriva 6 08-26-2003 04:03 PM


All times are GMT -5. The time now is 12:14 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration