A question about listening interfaces on ssh...
In my sshd_config file I have the following
Code:
ListenAddress 0.0.0.0 Also, this computer(A) is on a LAN at my house. It has two network interfaces(eth0 & eth1), both on different subnets. I can connect from another computer(B) on my LAN to this one on one interface(eth0) via SSH just fine. The other interface(eth1) on this computer is hooked up to it's own gateway to the internet using DSL. I'm using this interface(eth1) for running bind. Anyhow, here's my issue. When using a computer(C), which is a hosted VM , from outside my LAN, to connect to computer(A) via SSH, I get connection refused. So I checked my hosts.deny & hosts.allow files, both empty. I run nmap from computer C and SSH comes up as closed. So I'm thinking it's a firewall issue. Here's what my iptables -L looks like: Code:
Chain INPUT (policy ACCEPT) Unless my AT&T DSL is blocking those ports. But if that were the case would the error 'Connection refused' come up when I try to connect via SSH? What other tests can I run to troubleshoot? |
Can you try opening the SSH port in the iptables?
http://www.cyberciti.biz/faq/linux-o...ll-port-22-23/ |
Don't I already have it under Chain RH-Firewall-1-INPUT second from the last entry? Isn't that it? Anyhow, I added that line before commit as shown in that link you sent me and I still get the same iptables -L output. Same issue.
|
Cab you paste the list of firewall rules, you are having in /etc/sysconfig/iptables?
|
Sure here it is.
Code:
# Generated by iptables-save v1.3.5 on Wed Jun 23 15:55:03 2010 |
Oh man, figured it out. I guess my power went out at my apartment and my DSL modem turned off and then back on and then got assigned a new public IP. I was testing it from outside the LAN to an IP that wasn't my computer. When it doubt, the obvious is usually the cause.
I have question though about iptables. In this case, what's the difference between RH-Firewall-1-INPUT and CHAIN RH-Firewall-1-INPUT. Just like if in iptables I insert a rule such as this one Code:
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT However if I insert a rule such as this one Code:
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT |
All times are GMT -5. The time now is 06:12 AM. |