LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-18-2004, 02:14 AM   #1
ayie
LQ Newbie
 
Registered: Oct 2003
Posts: 24

Rep: Reputation: 15
Cannot SSH OUT FROM MY OFFICE SERVERS.


i cannot ssh out to my linux machine,
i scan my office servers then ;

Commencing Port Scan:

Port 21: Closed
Port 22: Open
Port 23: Closed
Port 25: Open
Port 53: Open
Port 79: Closed
Port 80: Open
Port 110: Open
Port 111: Closed
Port 139: Closed
Port 443: Open
Port 1080: Closed
Port 8181: Closed

you can see the Port 22 is open, but Port 21 is closed, but why i still cannot shh out to my servers ??

anyone can help me, pleaseeeee !!!!!!
 
Old 10-18-2004, 03:16 AM   #2
musicman_ace
Senior Member
 
Registered: May 2001
Location: Indiana
Distribution: Gentoo, Debian, RHEL, Slack
Posts: 1,555

Rep: Reputation: 46
Does your ISP block it? I doubt they'd block a companys access, but verify it.

-- Assuming you have a server doing NAT and not a router ---
If your going through a router, which NIC did you scan. The internal network card might allow SSH to the server, but the NIC to the Internet might block it.

Posting the IPTABLES -L on the server doing to internet sharing would probably give up a better chance of helping.

If you have a router handling the Internet sharing, the commands would depend on the brand of router.
 
Old 10-18-2004, 08:22 AM   #3
Bikerpete
Member
 
Registered: Jun 2003
Location: Germany
Distribution: OpenSuSE, SLES, Debian, Ubuntu, Eisfair
Posts: 79

Rep: Reputation: 15
Maybe your ssh is only possible from internal network.
Have a look in /etc/hosts.allow ... hosts.deny ...etc.

Can you ssh from your internal network?

Maybe, itīs a routing problem. Often the routers donīt froward the ssh to the server.
In that case, you have to try a simple portforward on your router.

Or itīs a local firewall on your server, that block external ssh requests.

You see - itīs not quite trivial to find a solution, but you have a lot of options to try.

You should try ssh from internal network first. Then we will know more ...
 
Old 10-18-2004, 09:36 PM   #4
ayie
LQ Newbie
 
Registered: Oct 2003
Posts: 24

Original Poster
Rep: Reputation: 15
i can ssh to my servers .....
how to check that router forward or not ??
 
Old 10-19-2004, 02:48 AM   #5
Bikerpete
Member
 
Registered: Jun 2003
Location: Germany
Distribution: OpenSuSE, SLES, Debian, Ubuntu, Eisfair
Posts: 79

Rep: Reputation: 15
Does your router write LOG-Files?
Then, have a look, what it says about the Port 22

Maybe you can try to set a portforwarding to port 22 like
all incoming to 22 --> ip.of.your.server:22
Just to try it out.

When you forward 22 to the server, it should be reachable.
Itīs possible, that your router has an built in packetfilter, which blocks 22.

What router do you use?
Does the server have a firewall activated?
Are external PCs allowed to connect to your server?

Greetz
Pete

-- time for a cup of coffee
 
Old 10-19-2004, 09:31 PM   #6
ayie
LQ Newbie
 
Registered: Oct 2003
Posts: 24

Original Poster
Rep: Reputation: 15
i not a root, and also don't have access to go see what my admin have in server room.

as i know last time they said that they want to install firewall for protection, and i assumed they already installed it.

how to check the server use router/firewall ??

Quote:
Maybe you can try to set a portforwarding to port 22 like all incoming to 22 --> ip.of.your.server:22 Just to try it out.
how to do that ?? what command should i type ??

Quote:
Are external PCs allowed to connect to your server?
what type of connect you means ?? i can access my mail from outside, just webmail.

sorry , i'm NEWBIE and also to learn to be better.
 
Old 10-19-2004, 10:50 PM   #7
twilli227
Member
 
Registered: May 2003
Location: S.W. Ohio
Distribution: Ubuntu, OS X
Posts: 760

Rep: Reputation: 30
Quote:
i not a root, and also don't have access to go see what my admin have in server room.
Then your best bet is to ask the admin. if you are allowed to do what you want to do. Trying to by-pass your admin. is not a very good idea.
 
Old 10-19-2004, 11:47 PM   #8
ayie
LQ Newbie
 
Registered: Oct 2003
Posts: 24

Original Poster
Rep: Reputation: 15
yeah i know, but i just want to learn something.

also i want learn how to be a root, like block this that and that .......

this is also can be knowledge to me.
 
Old 10-20-2004, 02:17 AM   #9
Bikerpete
Member
 
Registered: Jun 2003
Location: Germany
Distribution: OpenSuSE, SLES, Debian, Ubuntu, Eisfair
Posts: 79

Rep: Reputation: 15
Re-Hi

I agree with twilli227 - newer try to "tunnel" your admin.


If ssh isnīt possible, there will be a reason, why it isnīt.
Ask your admin, if you are allowed to shh - and he will tell you, what to do.
If you want to learn about ssh, portforwarding, protocol-reading, portscanning and all the other funny things in a roots life, take two - more or less - old PCs, install a linux and try to get the stuff runninī.
Set up a router with an old PC for DSL or ISDN
(f.e. www.fli4l.de or smoothwall/IPCop or take a look at
www.freshmeat.net for a "one-disc-router").
Or try to route with an "normal" Linux-Distribution.
If you have one or two PCs connected to a self-built and configured router, you left the first steps behind you.

Canīt gve you more help at this point for two reasons:

a) Iīm root in our company (so, Iīm one of those "bad guys")
b) You need the root account to get on with those things, I could tell you from this point on.

Just try it at home - lots of people throw away old computers!
 
Old 10-20-2004, 10:33 PM   #10
ayie
LQ Newbie
 
Registered: Oct 2003
Posts: 24

Original Poster
Rep: Reputation: 15
Quote:
If ssh isnīt possible, there will be a reason, why it isnīt.
Ask your admin, if you are allowed to shh - and he will tell you, what to do.
i don't have time to meet my root/admin, because i not everytime at office also my admin not at office every time. and my admin always said find it yourself if i ask something ...... so that's why i ask here coz i not very very ggod like you all in linux ......

Quote:
If you want to learn about ssh, portforwarding, protocol-reading, portscanning and all the other funny things in a roots life, take two - more or less - old PCs, install a linux and try to get the stuff runninī.
Set up a router with an old PC for DSL or ISDN
(f.e. www.fli4l.de or smoothwall/IPCop or take a look at
www.freshmeat.net for a "one-disc-router").
Or try to route with an "normal" Linux-Distribution.
If you have one or two PCs connected to a self-built and configured router, you left the first steps behind you.
i want to learn but don't have money to buy any old pc, also to buy other stuff like router or firewall..... at my country, ppl like to throw the old to dustbin but never like give to needed one like me..........


if you all can't help me, it's ok ...... i know, there is not a free to get a little knowledge ....
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem setup SSH tunnel over multiple servers dussel Linux - Networking 5 07-29-2005 09:51 AM
two public ips on one nic for home office dns servers rioguia Linux - Networking 12 08-19-2004 04:59 PM
Linking to multiple linux servers with SSH rwalkerphl Linux - Newbie 2 07-05-2004 01:37 PM
Use SSH to connect MS SQL Servers jweag Linux - Networking 2 11-12-2003 10:13 PM
SSH Tunneling and Comcast Mail Servers littis Linux - Networking 7 10-17-2003 11:21 PM


All times are GMT -5. The time now is 07:02 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration