ssh not working on external IP

TurboChicken · 08-05-2004, 04:38 PM

I am new to this... just setup a RedHat box... ssh don't seem to be working... ssh is installed... as i can ssh in via the local network but no the web... i have made sure that the firewall is disabled... but it wtill don't work.... please someone help i'm getting desperate!!!!!

i am getting connection refused constantly

david_ross · 08-05-2004, 04:43 PM

Does your server have the external IP address it'self or are you using NAT?

Are you trying to access the external IP from within your network?

It would also be worth checking with your ISP to make sure that they don't blocak any ports.

TurboChicken · 08-05-2004, 04:56 PM

yes it has an external ip set by the isp (as in it connects directly in) ... no they aren't filtering any ports (or so they have told us) and i am trying to connect to it over the net fomr a completely different location

Tinkster · 08-05-2004, 05:02 PM

If you can reach it from the inisde, and it connects directly
to the internet, which interface is which?

eth0 = ?
eth1 = ?

Also, what do /etc/hosts.allow and /etc/hosts.deny look
like? Is ssh configured to listen on both interfaces?

Cheers,
Tink

Charalambos · 08-05-2004, 05:04 PM

How are you connected to the internet? Directly plugged to a modem or via router / gateway?

david_ross · 08-05-2004, 05:04 PM

You may want to check that the ssh server is bound to all ip addresses on the system:
netstat -nlp | grep sshd

You should get something like:

Code:

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1175/sshd

The 0.0.0.0 stands for all local IP addresses.

TurboChicken · 08-05-2004, 05:25 PM

ok did that command and it all looks the same as what david_ross stated.

eth0 is the local NIC and eth1 is the modem for the internet.

hosts.deny and hosts.allow have nothing in them... as in the whole thing is commented out

#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#

Tinkster · 08-05-2004, 05:27 PM

iptables -L

TurboChicken · 08-05-2004, 05:34 PM

tinkster... what am i looking for?

Tinkster · 08-05-2004, 05:36 PM

Firewall rules that may prohibit incoming connections
on port 22 ...

Cheers,
Tink

TurboChicken · 08-05-2004, 05:37 PM

firewall has been disabled

Tinkster · 08-05-2004, 05:38 PM

So the output of
iptables -L
was empty?

Cheers,
Tink

TurboChicken · 08-05-2004, 05:40 PM

no but we disabled the firewall in the gui

Tinkster · 08-05-2004, 05:43 PM

Ummm .... whatever you did in the GUI obviously
didn't work :}

If iptables -L comes back with something other than

Code:

[root@diggn:/etc]$ iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

your firewall is active.

Cheers,
Tink

TurboChicken · 08-05-2004, 05:47 PM

okay so how do i either

alter it to allow ssh

or

disable it entirely (prefered)