LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-29-2007, 04:45 PM   #1
Lotharster
Member
 
Registered: Nov 2005
Posts: 144

Rep: Reputation: 15
ssh: Connection reset by peer


Hello,

I have a strange problem logging into my machine via ssh. Some time ago it worked perfectly, but now it doesn't.

I'm connected to thze Internet with a router, so I use NAT.
When I login via ssh using my local IP 192.168.2.100, it works. But when I try to login using the public IP 84.123.3.12 or so, I get the following error:
Code:
me@mymachine:~/.ssh$ ssh -p 1007 84.125.31.36 -vvvv
OpenSSH_4.2p1 Debian-7ubuntu3.1, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 84.125.31.36 [84.125.31.36] port 1007.
debug1: Connection established.
debug1: identity file /home/lo/.ssh/identity type -1
debug1: identity file /home/lo/.ssh/id_rsa type -1
debug1: identity file /home/lo/.ssh/id_dsa type -1
ssh_exchange_identification: read: Connection reset by peer
(I use 1007 as my public port; the problem persists if i switch to port 22)

I appreciate any advice,
Lotharster
 
Old 01-29-2007, 04:57 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967
well more than likely you're getting notihng more than a rst packet back from the server... i guess your sshd is configured to only lsten on one interface? or you have a firewall rejecting connections to that port on the internet side?
 
Old 01-29-2007, 05:05 PM   #3
Lotharster
Member
 
Registered: Nov 2005
Posts: 144

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by acid_kewpie
well more than likely you're getting notihng more than a rst packet back from the server...
But why would it say "Connection established" then?
Quote:
i guess your sshd is configured to only lsten on one interface?
I only have one network card.
Quote:
Or you have a firewall rejecting connections to that port on the internet side?
How can I detect if the connection "got through" to my machine?
 
Old 01-29-2007, 05:27 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967
if you sit on the server and run "tcpdump -vn port 22" you'll see all the ins and outs as far as the server is concerned.
 
Old 01-29-2007, 05:36 PM   #5
Lotharster
Member
 
Registered: Nov 2005
Posts: 144

Original Poster
Rep: Reputation: 15
With tcpdump, I see incoming packages for port 22. So the problem lies with my server. Any ideas?
 
Old 01-29-2007, 05:39 PM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967
list your firewall with "iptables -L" check /etc/ssh/sshd_config for listnening addresses, check /etc/hosts.allow and /etc/hosts.deny for tcpwrapper based restrcitions. also check /var/log/secure for logs if there are any.
 
Old 01-29-2007, 05:54 PM   #7
Lotharster
Member
 
Registered: Nov 2005
Posts: 144

Original Poster
Rep: Reputation: 15
Quote:
list your firewall with "iptables -L"
Seems I don't have iptablkes installed.
Quote:
check /etc/ssh/sshd_config for listnening addresses
that looks OK:
Code:
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
Quote:
check /etc/hosts.allow and /etc/hosts.deny for tcpwrapper based restrcitions.
I already did that...
Quote:
also check /var/log/secure for logs if there are any.
There's no /var/log/secure on my machine. syslog and auth.log doesn't show anything ssh-related.

Thanks acid_kewpie. I have to leave for now, I'm gonna check for suggestions tomorrow.
regards,
Lotharster
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH fatal: Read from socket failed: Connection reset by peer humbletech99 Linux - Networking 3 01-03-2007 07:41 PM
SSH/rsync "Connection reset by peer" hamish Linux - Networking 6 12-10-2005 07:09 AM
ssh connection reset by peer Brain Drop Linux - Software 4 07-30-2004 10:18 PM
ssh connection reset by peer bubsgt95 Linux - General 6 06-27-2003 11:24 PM
"Connection Reset By Peer" with SSH YMJ Linux - Networking 10 03-24-2003 07:19 AM


All times are GMT -5. The time now is 04:51 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration