LinuxQuestions.org - Cannot ssh into my laptop

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - Cannot ssh into my laptop (https://www.linuxquestions.org/questions/linux-newbie-8/cannot-ssh-into-my-laptop-31756/)

Cannot ssh into my laptop

I cannot ssh into my laptop running Red Hat 7.3.

I am sure that sshd is indeed installed and running. I can do ssh localhost and get in fine, but if I do ssh to my IP address it just hangs and times out. I do have the correct IP address, and it pings. My friend suggested that it was a firewall issue, and lo-and-behold, I had forgotted to open up port 22. And lo-and-behold, after I fixed my ipchains, the same thing happened. I used lokkit, and I did restart ipchains and even rebooted, but it didn't work. I couldn't find anything in a search on the internet that worked.

Does anyone have any ideas?

Some possible helpful stuff:

Output from ssh -vvv to my IP address:

OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 0 anon 1
debug1: Connecting to my.domain.com [my.dot.ted.quad] port 22.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/500 (e=0)

My /etc/sysconfig/ipchains

# Firewall configuration written by lokkit
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through the
# firewall; such entries will *not* be listed here.
:input ACCEPT
:forward ACCEPT
:output ACCEPT
-A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT
-A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth0 -j ACCEPT
-A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth1 -j ACCEPT
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT
-A input -p tcp -s 0/0 -d 0/0 0:1023 -y -j REJECT
-A input -p tcp -s 0/0 -d 0/0 2049 -y -j REJECT
-A input -p udp -s 0/0 -d 0/0 0:1023 -j REJECT
-A input -p udp -s 0/0 -d 0/0 2049 -j REJECT
-A input -p tcp -s 0/0 -d 0/0 6000:6009 -y -j REJECT
-A input -p tcp -s 0/0 -d 0/0 7100 -y -j REJECT

I suppose you use RSA authentication method (since the rhosts authentication is disabled).

If so, then your public RSA key should be in the authorized_keys file in your laptop. Is it there?

Yeah, my /etc/ssh/ssh_host_rsa_key file exists if that's what you mean.

Sorry it took so long to reply, but the guy down the hall just encrypted his wireless!

Not exactly.
That file possibly contains the secret rsa key of your laptop.
You will rather need the public RSA key of the user in question on the other computer. If he does not have such there, you have to create it at first (steps 1-3 below).
1. Decide what user should be allowed to connect to the laptop.
2. Login on that username on the other computer.
3. Run ssh-keygen, which will generate the public and secret RSA keys of that user on that computer in files /path/to/home/of/that/user/.ssh/identity.pub and /path/to/home/of/that/user/.ssh/identity, respectively (these are hidden directories and files, and the default path, as you can change the path when generating the keys).
4. Copy the identity.pub file to your laptop and add its contents to the /path/to/home/of/that/user/.ssh/authorized_keys file. (A simplified example on how to do that: cat identity.pub >> authorized_keys)
Now your laptop knows about the public RSA key of that user on the other computer, so he can authenticate himself to your laptop, and login there on the same username.

Please let me know if you succeed.

Hi J_Szucs,

That didn't work. I'm not sure how doing that would change things, or maybe I don't understand how ssh works. I thought that ssh-keygen just made it so I didn't have to type my password every time I wanted to ssh into another computer.

Just to make sure: the file I copied was .ssh/id_rsa.pub and I put its contents into .ssh/known_hosts (there was no .ssh/authorized_keys file).

I ran ssh-keygen on my laptop as well. It didn't help, but the debug output from ssh -vvv is different. I'm not sure if it makes a difference:

[code]
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to my.domain.com [my.dot.ted.quad] port 22.
[\code]

(I hope used the vB code correctly! :-)

Thanks for your help so far. Do you have anymore ideas?

[code]

Well, I figured out the problem. I never mentioned that I was connected to the internet via wireless. I didn't understand how they worked until a friend explained to me. Trying to ssh into the IP of the wireless router isn't enough. I'm going to try my hand at port forwarding to see if I can get that to work. If not, I'll start a new thread with some questions!

Can you ssh OUT from your laptop?

Yes I can ssh out. I can ssh into my laptop if I have my ethernet cable plugged into my laptop but not if I'm hooked up with wireless. What happens then is that the IP address that I am trying to ssh into is actually the wireless router which will not allow port 22 in, by default. I need to set up the router so that it will forward port 22 requests to my laptop.