LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Help with SSH (http://www.linuxquestions.org/questions/linux-newbie-8/help-with-ssh-4175491720/)

Ryanms3030 01-18-2014 11:41 AM

Help with SSH
 
Hello all,

I am trying to set up my first home linux server. I installed CentOS 6.5 but can't connect SSH...should be the simplest thing right?

I have openssh installed. I configured iptables and ssh config file per various tutortials I've read. I am only connected wifi with server and clients if that matters.

Whenever I try to connect ssh hostname from client I get port number timed out.

Like I say, I'm kind of lost because I've been troubleshooting for a day and seems like it should be simple. I have checked firewalls and tried disabling them, checked router settings etc. Do I need to set a static IP?

lleb 01-18-2014 12:18 PM

did you set SELinux to permissive? DO NOT DISABLE SELinux, just set it to permissive, then reboot the server for the effect to take place.

also read the links in my sig.

btmiller 01-18-2014 12:20 PM

It seems simple, but did you check that sshd (the OpenSSH server) is running? Have you confirmed that the server and client machines otherwise have network connectivity? Can you ping from one to the other?

WarTurkey 01-18-2014 02:58 PM

Are you able to ssh <user>@127.0.0.1? (essentially confirms that the server is running, as btmiller suggested)

Ryanms3030 01-18-2014 07:55 PM

Thanks for all the suggestions. Here's where I'm at:

1. Yes, both machines have network connections. I can ping each machine from one another and get a reply
2. SSH is running and I have restarted SSH and iptables after each change
3. SELinux is enabled and running
4. ssh <user>@127.0.0.1 returns ssh: connect to host 127.0.0.1 port 22: Connection refused

Funny thing is that I did change the port number in the ssh config file and it was still saying port 22: Connection refused. I changed the port back to 22 in ssh config and iptables and restarted the services to see if that matters and I still get port 22 refused

Any other thoughts or more info I could provide? I thought getting ssh working was going to be the easiest task setting up the server haha

Ryanms3030 01-18-2014 08:03 PM

now for my really stupid noob question. In my config files I just modified what was already existing. All of the lines started with #. Is the # in the config file necessary or does that mean I'm commenting out the lines?

frankbell 01-18-2014 09:15 PM

Number sign (octothorp) comments out lines. It's for notes and unused entries.

I use it when I change a config file; rather than delete the old line, I comment it out. Then, if my change doesn't work right, I have an easy way to go back and try again.

Ryanms3030 01-18-2014 11:01 PM

OK. I uncommented all the lines in my configs that seemed imporant (per other tutorials). I didn't have a user config file in /.ssh so I created one based on this

http://wiki.linuxquestions.org/wiki/...SH_Config_file

On the system ssh_config I basically added my host name and port numbers and uncommented those lines. The files were auto created so I only changed the text for host and port and uncommented and didn't touch anything else

I can ping the server from my client

Do I need to have a static ip on the server? It's currently dhcp on the wifi. I tried ssh to the assigned ip of the server and it timed out:

$ ssh -p 2222 abc@196.100.2.2
ssh: connect to host 196.100.2.2 port 2222: Connection timed out

When I try to ssh the 127.0.0.1 port I get:

ssh: connect to host 127.0.0.1 port 22: Connection refused


Even though I changed all the ports to a different port not 22

I also keep reading about FQDN. Do I need that? My server hostname is just one word, no .whatever.com in it, does that matter?


Thanks for all the help. Also, can someone point me to a good guide on setting up a server with ssh and other basics from scratch? I feel like I need to get back to square one here

Ser Olmy 01-19-2014 12:16 AM

You should put IP addresses in sshd_config, not hostnames. And you did mean sshd_config, not ssh_config, right? I don't know if using hostnames in sshd_config is supported at all, but even if it is, it's not really a good idea to use them. The ssh daemon will have to resolve them into IP addresses (you cannot bind to a hostname), which means name resolution must be working by the time the ssh daemon is started, which is by no means a certainty.

In short: forget about hostnames in sshd_config, use IP addresses instead.

The defaults for the ssh daemon is to bind to port 22 on all local IP addresses, so you don't really need to tell it which IP address it should listen on, unless you want to exclude some IP addresses on a system that has more than one. In other words, it's probably best to leave the "Port" and "ListenAddress" parameters commented out with #-signs.

As for troubleshooting: on the server itself, at least one of ssh localhost or ssh <IP_address_of_server> should always work. If you get a connection error, the daemon just isn't running.

lleb 01-19-2014 05:06 PM

Quote:

Originally Posted by Ryanms3030 (Post 5100518)
Thanks for all the suggestions. Here's where I'm at:

3. SELinux is enabled and running

again is it set to permissive?

Ryanms3030 01-19-2014 05:50 PM

Quote:

Originally Posted by lleb (Post 5101072)
again is it set to permissive?

I thought I did but I guess I didn't because I just figured out how to do that. (sorry I am figuring a lot out as I'm going along)

In my wisdom I decided I should just re-install my server from scratch since I modified a bunch of configs before I even tested SSH. Long story but I am using an Intel NUC for this "server" and I had no luck installing Centos on it unless I did the net install (at work) because I don't have easy access to a lan port to connect to at home. I tried installing Debian as my second option but I can't get the wifi recognized during install and thus can't install it. So I decided to just install Fedora 20 for now. I know that's not the best server option but it's easy to install on this hardware and this is a learning experience so I don't mind re-installing in a few months.

So now I am running a fresh install of Fedora. I installed openssh-server. I have not changed any config files. I did set selinux to permissive on the server and client. And I'm still getting connection to port 22 timed out.

Could this be a network issue? I have a cable modem at home connected to a Netgear wifi router. And everything is dhcp.

andy78 01-19-2014 07:46 PM

"And I'm still getting connection to port 22 timed out."

When you receive this error, what command d you run from your client when connecting to your server?
Paste the full command with ip username everything.
I let us have look.

SAbhi 01-19-2014 08:04 PM

Well with the above saying it looks like you are struggling to much to setup things and didnt followed a good tutorial or followed a bunch of inappropriate one.

Server is not something you install every day for any small or big issue.

Here is what you can do to make ssh work:

1 remove and reinstall ssh
2 setup sshd_config to listen to teh default port
3 give your machine and network ip info in config file.
4 configure iptables to allow in and out connection to port 22
5 set selinux to permissive
6 start sshd service and if require reboot

tranphat 01-19-2014 08:40 PM

You should perform 2 things to check what ssh actually does:

1. ssh -v IP_Address_Of_Server --> -v parameter will print out the debugging log. You can pick up the problematic ones.
2. Can you telnet to server on port 22? Please check this carefully. Please try within local and from remote client.

Please post your result after doing.

Ryanms3030 01-19-2014 09:07 PM

Quote:

Originally Posted by tranphat (Post 5101177)
You should perform 2 things to check what ssh actually does:

1. ssh -v IP_Address_Of_Server --> -v parameter will print out the debugging log. You can pick up the problematic ones.
2. Can you telnet to server on port 22? Please check this carefully. Please try within local and from remote client.

Please post your result after doing.

I'm getting the following from client and host

$ ssh -v 198.100.252.23
OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 51: Applying options for *
debug1: Connecting to 198.100.252.23 [198.100.252.23] port 22.


All times are GMT -5. The time now is 09:13 PM.