SuSE 8.2 sshd/networking issue..
Ok, not sure this if this is an issue with sshd or with networking as a rule on the box.
I'm trying to connect to a remote host.
I can connect to another machine on the same network with no problems. But when I try to connect to one specific machine, connections just time out. However, when I connect to the machine that I can connect to, and then ssh to the uncooperative machine from that that machine, it coonnects right away, no issues.
(yes, sshd is set to listen on port 28)
ssh -v is ..... rather uninformative (i get the same output with -vvv, by the way):
[root@microprecision] # ssh somehost.somenet.com -p 28 -v
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to somehost.somenet.com [xxx.xxx.xxx.xxx] port 28.
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
ssh: connect to address xxx.xxx.xxx.xxx port 28: Connection timed out
debug1: restore_uid
[root@microprecision] #
Nothing in /var/log/messages (where I assume sshd logs under suse) on the uncooperative machine when I try to connect from the remote host. When I connect from the local network (which, as I said, works), I get notification from sshd:
Mar 31 07:24:27 gdl-fileserver sshd[1573]: Accepted password for root from ::ffff:192.168.0.250 port 1117 ssh2
I'm guessing this is a network configuration issue, but .... default route is properly defined on bad machine, /etc/resolv.conf is ok, /etc/hosts.allow has sshd set to ANY:ALLOW and nothing relevant in /etc/hosts.deny.
Suse's firewall is currently turned off.
This is trying to connect through a router with port forwarding enabled, port 22 to the machine that works, port 28 to the uncooperative machine. I doubt that is the issue, though, because I've reversed the configuration, and been able to connect to the good box (when moved to 28) and not to the uncooperative box (on 22 for the test).
|