LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-18-2008, 04:36 AM   #1
satimis
Senior Member
 
Registered: Apr 2003
Posts: 3,424

Rep: Reputation: 53
ssh unable to connect remote pc


Hi folks,


Just played around ssh with following network setup.


Archlinux workstation
hostname - arch.satimis.com
LAN IP - 192.168.0.2

Ubuntu 7.04 server
hostname - mail.satimis.com
LAN IP - 192.168.0.10

Router
port 22-25 forwarded to 192.168.0.10


On Arch workstation
$ ssh mail.satimis.com (OR www.satimis.com)
after login Arch can ssh-connect Ubuntu

exited


But now;
$ ssh 192.168.0.10
can't connect Ubuntu. No response, just hanging on the screen.


$ ls /var/log/
Code:
Xorg.0.log      crond         everything.log    lastlog         syslog.log.2
Xorg.0.log.old  crond.1       everything.log.1  mail.log        user.log
acpid.log       crond.2       everything.log.2  messages.log    user.log.1
acpid.log.1     daemon.log    faillog           messages.log.1  user.log.2
acpid.log.2     daemon.log.1  gdm               messages.log.2  wtmp
auth.log        daemon.log.2  httpd             old
auth.log.1      errors.log    kernel.log        pacman.log
auth.log.2      errors.log.1  kernel.log.1      syslog.log
btmp            errors.log.2  kernel.log.2      syslog.log.1
Please advise which log file shall I check? How to fix the problem? TIA

Remark: port 22 forwarding removed


B.R.
satimis
 
Old 02-18-2008, 04:48 AM   #2
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
Try

find /var/log -type f | xargs grep ssh | less

to see where it's logging
 
Old 02-18-2008, 05:57 AM   #3
satimis
Senior Member
 
Registered: Apr 2003
Posts: 3,424

Original Poster
Rep: Reputation: 53
Quote:
Originally Posted by billymayday View Post
Try

find /var/log -type f | xargs grep ssh | less

to see where it's logging
On Arch


# find /var/log -type f | xargs grep ssh | less
Code:
/var/log/auth.log.1:Feb 16 04:50:39 arch sshd[7516]: pam_unix_session(sshd:session): session closed for user satimis
/var/log/auth.log.1:Feb 16 04:51:41 arch sshd[7533]: Accepted password for satimis from 192.168.0.10 port 57194 ssh2
/var/log/auth.log.1:Feb 16 04:51:41 arch sshd[7535]: pam_unix_session(sshd:session): session opened for user satimis by (uid=0)
/var/log/auth.log.1:Feb 16 04:51:41 arch sshd[7535]: pam_unix_session(sshd:session): session closed for user satimis
/var/log/auth.log.1:Feb 16 04:52:06 arch sshd[6843]: pam_unix_session(sshd:session): session closed for user satimis
/var/log/auth.log.1:Feb 16 04:52:20 arch sshd[7551]: Accepted password for satimis from 192.168.0.10 port 57195 ssh2
/var/log/auth.log.1:Feb 16 04:52:20 arch sshd[7553]: pam_unix_session(sshd:session): session opened for user satimis by (uid=0)
/var/log/auth.log.1:Feb 16 04:52:20 arch sshd[7553]: pam_unix_session(sshd:session): session closed for user satimis
/var/log/auth.log.1:Feb 16 04:54:42 arch sshd[7570]: Accepted password for satimis from 192.168.0.10 port 57196 ssh2
/var/log/auth.log.1:Feb 16 04:54:42 arch sshd[7572]: pam_unix_session(sshd:session): session opened for user satimis by (uid=0)
/var/log/auth.log.1:Feb 16 04:54:42 arch sshd[7572]: pam_unix_session(sshd:session): session closed for user satimis
/var/log/auth.log.1:Feb 16 04:55:11 arch sshd[7588]: Accepted password for satimis from 192.168.0.10 port 52805 ssh2
/var/log/auth.log.1:Feb 16 04:55:11 arch sshd[7590]: pam_unix_session(sshd:session): session opened for user satimis by (uid=0)
/var/log/auth.log.1:Feb 16 06:29:19 arch sshd[6800]: Received signal 15; terminating.
/var/log/auth.log.1:Feb 16 06:30:16 arch sshd[6806]: Server listening on 0.0.0.0 port 22.
/var/log/auth.log.1:Feb 16 06:32:18 arch sshd[6806]: Received signal 15; terminating.
/var/log/auth.log.1:Feb 17 05:46:01 arch sshd[6746]: Server listening on 0.0.0.0 port 22.
/var/log/auth.log.1:Feb 17 07:32:56 arch sshd[6746]: Received signal 15; terminating.
/var/log/auth.log.1:Feb 17 07:33:55 arch sshd[6776]: Server listening on 0.0.0.0 port 22.
/var/log/auth.log.1:Feb 17 07:35:28 arch sshd[6776]: Received signal 15; terminating.
/var/log/auth.log.1:Feb 17 07:36:23 arch sshd[6742]: Server listening on 0.0.0.0 port 22.
/var/log/auth.log.1:Feb 17 07:39:29 arch sshd[6742]: Received signal 15; terminating.
/var/log/auth.log.1:Feb 17 07:40:25 arch sshd[6735]: Server listening on 0.0.0.0 port 22.
/var/log/auth.log.1:Feb 17 07:43:58 arch sshd[6735]: Received signal 15; terminating.
/var/log/auth.log.1:Feb 17 07:44:53 arch sshd[6788]: Server listening on 0.0.0.0 port 22.
/var/log/auth.log.1:Feb 17 07:58:54 arch sshd[6788]: Received signal 15; terminating.
/var/log/auth.log.1:Feb 18 23:15:33 arch sshd[6776]: Server listening on 0.0.0.0 port 22.
 
Old 02-18-2008, 06:08 AM   #4
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Did you do something on Feb 17th? Signal 15 is SIGTERM, telling the sshd daemon to terminate.

A quick way to test if a remote computer is listening on port 22 is to run:
Code:
telnet hpmedia 22
Trying 192.168.1.105...
Connected to hpmedia.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.6
This can quickly tell you if the port is closed or the service isn't running.

Last edited by jschiwal; 02-18-2008 at 06:10 AM.
 
Old 02-18-2008, 06:15 AM   #5
satimis
Senior Member
 
Registered: Apr 2003
Posts: 3,424

Original Poster
Rep: Reputation: 53
Quote:
Originally Posted by jschiwal View Post
Did you do something on Feb 17th? Signal 15 is SIGTERM, telling the sshd daemon to terminate.

A quick way to test if a remote computer is listening on port 22 is to run:
Code:
telnet hpmedia 22
Trying 192.168.1.105...
Connected to hpmedia.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.6
This can quickly tell you if the port is closed or the service isn't running.
The problem is on Archlinux.


This box has another HD running Ubuntu 7.10 workstation. Just tested it.

$ ssh 192.168.0.10
after login, ssh-connect the server w/o problem.


I'll test your advice later after reconnecting Arch HD.


B.R.
satimis
 
Old 02-18-2008, 07:03 AM   #6
satimis
Senior Member
 
Registered: Apr 2003
Posts: 3,424

Original Poster
Rep: Reputation: 53
Quote:
Originally Posted by jschiwal View Post
Did you do something on Feb 17th? Signal 15 is SIGTERM, telling the sshd daemon to terminate.
Sorry I can't recall. This Arch box is newly installed and the setup/config is not yet completed.


Quote:
A quick way to test if a remote computer is listening on port 22 is to run:
Code:
telnet hpmedia 22
Trying 192.168.1.105...
Connected to hpmedia.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.6
This can quickly tell you if the port is closed or the service isn't running.
$ telnet hpmedia 22
hpmedia: Unknown host


Edit:

Just discovered.

Archlinux can't ping 192.168.0.10 (server), 192.168.0.1 (router IP)

It can ping itself 192.168.0.2


B.R.
satimis

Last edited by satimis; 02-18-2008 at 07:24 AM.
 
Old 02-18-2008, 07:51 AM   #7
lsteacke
Member
 
Registered: Jul 2007
Distribution: Ubuntu
Posts: 99

Rep: Reputation: 16
It now appears that the problem is no longer ssh, and really we need to establish connectivity throughout your network first. You can no longer ping the router or the Ubuntu server. Could you post the output of /sbin/ifconfig

Also please post the output from the failed ping. Does it timeout? Or destination unreachable.

Just to make sure, you did try to telnet your own server on port 22?
 
Old 02-18-2008, 08:38 AM   #8
satimis
Senior Member
 
Registered: Apr 2003
Posts: 3,424

Original Poster
Rep: Reputation: 53
Quote:
Originally Posted by lsteacke View Post
It now appears that the problem is no longer ssh, and really we need to establish connectivity throughout your network first. You can no longer ping the router or the Ubuntu server. Could you post the output of /sbin/ifconfig
$ ifconfig
Code:
eth0      Link encap:Ethernet  HWaddr 00:13:D4:FE:DA:87  
          inet addr:192.168.0.2  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::213:d4ff:fefe:da87/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:914 errors:0 dropped:0 overruns:0 frame:0
          TX packets:678 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:509474 (497.5 Kb)  TX bytes:137800 (134.5 Kb)
          Interrupt:20 Base address:0xc000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:22 errors:0 dropped:0 overruns:0 frame:0
          TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1792 (1.7 Kb)  TX bytes:1792 (1.7 Kb)

Quote:
Also please post the output from the failed ping. Does it timeout? Or destination unreachable.
router ip

$ ping -c3 192.168.0.1 (router ip)
Code:
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.

--- 192.168.0.1 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2007ms

$ ping -c3 192.168.0.10 (server)
Code:
PING 192.168.0.10 (192.168.0.10) 56(84) bytes of data.

--- 192.168.0.10 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2006ms

Quote:
Just to make sure, you did try to telnet your own server on port 22?
On Arch

$ telnet hpmedia 22
hpmedia: Unknown host

$ telnet localhost 22
Code:
Trying 127.0.0.1...Connect server
Connected to arch.satimis.com.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.7
quit
Protocol mismatch.
Connection closed by foreign host.
Thanks


B.R.
satimis
 
Old 02-18-2008, 09:26 AM   #9
satimis
Senior Member
 
Registered: Apr 2003
Posts: 3,424

Original Poster
Rep: Reputation: 53
Solved

Hi folks,


Problem solved. It was iptables which rules I setup several hours ago blocking the traffic. I did not realize it.

After running;
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT


Archlinux can ping router_ip and server_ip. Server can ping Archlinux_ip.


To run "ssh mail.satimis.com" port 22 forwarding is still needed.


Thanks for your assistance.


B.R.
satimis

Last edited by satimis; 02-18-2008 at 09:27 AM.
 
Old 02-18-2008, 11:15 PM   #10
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
FYI, The telnet example I gave used a computer on my LAN. I assumed you would know to use the name of the server you were trying to connect to.
 
Old 02-19-2008, 01:45 AM   #11
satimis
Senior Member
 
Registered: Apr 2003
Posts: 3,424

Original Poster
Rep: Reputation: 53
Quote:
Originally Posted by jschiwal View Post
FYI, The telnet example I gave used a computer on my LAN. I assumed you would know to use the name of the server you were trying to connect to.
Noted with thanks


satimis
 
Old 07-29-2009, 08:46 PM   #12
chrelad
LQ Newbie
 
Registered: May 2009
Posts: 1

Rep: Reputation: 0
Thumbs up Another possible cause

Hi Everyone,

I found this post while looking for the same problem (feature). I had resolved this before on a previous installation of Arch Linux, but had to find it again. Although this post didn't answer the question for me, it got me looking in the right direction.

Like you, my auth log was getting spammed with signal 15's and verbose ssh attempts yielded nothing but "unable to connect." After following this thread, I had made sure that my network configuration was correct and that I could access my router and all other nodes on the network from my arch box.

However, the problem ended up being that the default hosts.deny has the following line in it:

Code:
ALL: ALL: DENY
That cleared it up for me. To get more information on the hosts.(allow|deny) files, man hosts.deny, man hosts.allow.

The quick fix to open everything up is to put the following into your hosts.allow (although I would recommend reading up on the man pages to tailer your hosts.* files appropriately):

Code:
ALL: ALL: ALLOW
Hope this helps others with the same problem

Chrelad
 
  


Reply

Tags
arch, auth, networking, security, signal, ssh, sshd


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to connect via ssh BlackBone Linux - Newbie 11 08-25-2007 09:03 AM
Remote server, unable to SSH anymore Keiser Linux - Newbie 1 05-06-2005 10:13 PM
Unable to connect to remote server Suresh Chowta Linux - Networking 1 02-13-2005 06:29 AM
how 2 connect 2 remote host using SSH fhameed Linux - Networking 2 09-08-2004 08:42 PM
redhat 9, can't connect to ssh from remote box nathan plemons Linux - Networking 2 01-09-2004 06:21 PM


All times are GMT -5. The time now is 12:48 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration