LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-02-2002, 09:49 PM   #1
kayhan
Member
 
Registered: Oct 2002
Location: US
Distribution: Red Hat 7.3->9 -> Fedora Core 1
Posts: 33

Rep: Reputation: 15
Cannot ssh into my laptop


I cannot ssh into my laptop running Red Hat 7.3.

I am sure that sshd is indeed installed and running. I can do ssh localhost and get in fine, but if I do ssh to my IP address it just hangs and times out. I do have the correct IP address, and it pings. My friend suggested that it was a firewall issue, and lo-and-behold, I had forgotted to open up port 22. And lo-and-behold, after I fixed my ipchains, the same thing happened. I used lokkit, and I did restart ipchains and even rebooted, but it didn't work. I couldn't find anything in a search on the internet that worked.

Does anyone have any ideas?

Some possible helpful stuff:

Output from ssh -vvv to my IP address:

OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 0 anon 1
debug1: Connecting to my.domain.com [my.dot.ted.quad] port 22.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/500 (e=0)




My /etc/sysconfig/ipchains

# Firewall configuration written by lokkit
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through the
# firewall; such entries will *not* be listed here.
:input ACCEPT
:forward ACCEPT
:output ACCEPT
-A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT
-A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth0 -j ACCEPT
-A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth1 -j ACCEPT
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT
-A input -p tcp -s 0/0 -d 0/0 0:1023 -y -j REJECT
-A input -p tcp -s 0/0 -d 0/0 2049 -y -j REJECT
-A input -p udp -s 0/0 -d 0/0 0:1023 -j REJECT
-A input -p udp -s 0/0 -d 0/0 2049 -j REJECT
-A input -p tcp -s 0/0 -d 0/0 6000:6009 -y -j REJECT
-A input -p tcp -s 0/0 -d 0/0 7100 -y -j REJECT

Last edited by kayhan; 10-03-2002 at 11:32 PM.
 
Old 10-03-2002, 08:13 AM   #2
J_Szucs
Senior Member
 
Registered: Nov 2001
Location: Budapest, Hungary
Distribution: SuSE 6.4-11.3, Dsl linux, FreeBSD 4.3-6.2, Mandrake 8.2, Redhat, UHU, Debian Etch
Posts: 1,126

Rep: Reputation: 58
I suppose you use RSA authentication method (since the rhosts authentication is disabled).

If so, then your public RSA key should be in the authorized_keys file in your laptop. Is it there?

Last edited by J_Szucs; 10-03-2002 at 08:15 AM.
 
Old 10-03-2002, 09:58 PM   #3
kayhan
Member
 
Registered: Oct 2002
Location: US
Distribution: Red Hat 7.3->9 -> Fedora Core 1
Posts: 33

Original Poster
Rep: Reputation: 15
Yeah, my /etc/ssh/ssh_host_rsa_key file exists if that's what you mean.

Sorry it took so long to reply, but the guy down the hall just encrypted his wireless!
 
Old 10-04-2002, 01:30 AM   #4
J_Szucs
Senior Member
 
Registered: Nov 2001
Location: Budapest, Hungary
Distribution: SuSE 6.4-11.3, Dsl linux, FreeBSD 4.3-6.2, Mandrake 8.2, Redhat, UHU, Debian Etch
Posts: 1,126

Rep: Reputation: 58
Not exactly.
That file possibly contains the secret rsa key of your laptop.
You will rather need the public RSA key of the user in question on the other computer. If he does not have such there, you have to create it at first (steps 1-3 below).
1. Decide what user should be allowed to connect to the laptop.
2. Login on that username on the other computer.
3. Run ssh-keygen, which will generate the public and secret RSA keys of that user on that computer in files /path/to/home/of/that/user/.ssh/identity.pub and /path/to/home/of/that/user/.ssh/identity, respectively (these are hidden directories and files, and the default path, as you can change the path when generating the keys).
4. Copy the identity.pub file to your laptop and add its contents to the /path/to/home/of/that/user/.ssh/authorized_keys file. (A simplified example on how to do that: cat identity.pub >> authorized_keys)
Now your laptop knows about the public RSA key of that user on the other computer, so he can authenticate himself to your laptop, and login there on the same username.

Please let me know if you succeed.
 
Old 10-06-2002, 09:40 PM   #5
kayhan
Member
 
Registered: Oct 2002
Location: US
Distribution: Red Hat 7.3->9 -> Fedora Core 1
Posts: 33

Original Poster
Rep: Reputation: 15
Hi J_Szucs,

That didn't work. I'm not sure how doing that would change things, or maybe I don't understand how ssh works. I thought that ssh-keygen just made it so I didn't have to type my password every time I wanted to ssh into another computer.

Just to make sure: the file I copied was .ssh/id_rsa.pub and I put its contents into .ssh/known_hosts (there was no .ssh/authorized_keys file).

I ran ssh-keygen on my laptop as well. It didn't help, but the debug output from ssh -vvv is different. I'm not sure if it makes a difference:

[code]
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to my.domain.com [my.dot.ted.quad] port 22.
[\code]

(I hope used the vB code correctly! :-)

Thanks for your help so far. Do you have anymore ideas?


[code]

Last edited by kayhan; 10-06-2002 at 09:41 PM.
 
Old 10-15-2002, 01:38 PM   #6
kayhan
Member
 
Registered: Oct 2002
Location: US
Distribution: Red Hat 7.3->9 -> Fedora Core 1
Posts: 33

Original Poster
Rep: Reputation: 15
Well, I figured out the problem. I never mentioned that I was connected to the internet via wireless. I didn't understand how they worked until a friend explained to me. Trying to ssh into the IP of the wireless router isn't enough. I'm going to try my hand at port forwarding to see if I can get that to work. If not, I'll start a new thread with some questions!
 
Old 10-15-2002, 02:59 PM   #7
d3funct
Member
 
Registered: Jun 2001
Location: Centralia, WA
Posts: 274

Rep: Reputation: 31
Can you ssh OUT from your laptop?
 
Old 10-15-2002, 09:24 PM   #8
kayhan
Member
 
Registered: Oct 2002
Location: US
Distribution: Red Hat 7.3->9 -> Fedora Core 1
Posts: 33

Original Poster
Rep: Reputation: 15
Yes I can ssh out. I can ssh into my laptop if I have my ethernet cable plugged into my laptop but not if I'm hooked up with wireless. What happens then is that the IP address that I am trying to ssh into is actually the wireless router which will not allow port 22 in, by default. I need to set up the router so that it will forward port 22 requests to my laptop.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh-agent, ssh-add and ssh-keygen AND CVS raylpc Linux - General 2 11-19-2008 03:50 AM
[SSH] Issue logging in [SSH & Permissions] MD3 Linux - Networking 11 12-10-2006 10:25 AM
Mac OS X ssh client / linux sshd : ssh hangs/disconnects Apollo77 Linux - Networking 1 05-24-2006 12:53 PM
Automatic SSH tunnel for laptop ming0 Linux - Networking 1 02-26-2005 01:00 AM
Apache, SSh, Webmin, stops when laptop standby carlosruiz Linux - Laptop and Netbook 1 03-13-2004 07:33 AM


All times are GMT -5. The time now is 10:15 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration