Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a strange problem logging into my machine via ssh. Some time ago it worked perfectly, but now it doesn't.
I'm connected to thze Internet with a router, so I use NAT.
When I login via ssh using my local IP 192.168.2.100, it works. But when I try to login using the public IP 84.123.3.12 or so, I get the following error:
Code:
me@mymachine:~/.ssh$ ssh -p 1007 84.125.31.36 -vvvv
OpenSSH_4.2p1 Debian-7ubuntu3.1, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 84.125.31.36 [84.125.31.36] port 1007.
debug1: Connection established.
debug1: identity file /home/lo/.ssh/identity type -1
debug1: identity file /home/lo/.ssh/id_rsa type -1
debug1: identity file /home/lo/.ssh/id_dsa type -1
ssh_exchange_identification: read: Connection reset by peer
(I use 1007 as my public port; the problem persists if i switch to port 22)
well more than likely you're getting notihng more than a rst packet back from the server... i guess your sshd is configured to only lsten on one interface? or you have a firewall rejecting connections to that port on the internet side?
list your firewall with "iptables -L" check /etc/ssh/sshd_config for listnening addresses, check /etc/hosts.allow and /etc/hosts.deny for tcpwrapper based restrcitions. also check /var/log/secure for logs if there are any.
check /etc/ssh/sshd_config for listnening addresses
that looks OK:
Code:
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
Quote:
check /etc/hosts.allow and /etc/hosts.deny for tcpwrapper based restrcitions.
I already did that...
Quote:
also check /var/log/secure for logs if there are any.
There's no /var/log/secure on my machine. syslog and auth.log doesn't show anything ssh-related.
Thanks acid_kewpie. I have to leave for now, I'm gonna check for suggestions tomorrow.
regards,
Lotharster
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.