SSH: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.

Swakoo · 05-04-2007, 11:19 AM

Hi guys,

I have a server which has 2 IP addresses (2 NIC)
1 public
1 private

Anyway, I have always SSH in to this server, via the private ip from another server. In fact, I can ssh into this server via another server even if I use the public IP.

Problem is, now I can't access the server via the public ip directly (over internet etc)

in /var/logs/secure, I am getting...

Quote:

error: Bind to port 22 on 0.0.0.0 failed: Address already in use.

I've tried ssh localhost from the same machine and it works.
I even try uncommenting the line that specify it to search for IPv6 in sshd_config and still it doesn't work.

Have restarted service etc.. nope

Now left to reset the machine, which I will be doing tommorrow morning when lesser people are using it... but any idea?

thanks!

jharris · 05-04-2007, 11:30 AM

Post the output of

Code:

netstat -an

and

Code:

lsof -p `ps  -ef | grep [/]sshd | awk '{print $2}'`

and we'll be able to see what's going on!

cheers

Jamie

Swakoo · 05-04-2007, 03:54 PM

netstat output (removed public ips)
In between got a space because there's more similiar entrees but I thought I cut short. Also *** is to mask the ip address.

Quote:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 192.168.10.60:53 0.0.0.0:* LISTEN
tcp 0 0 ***.***.***.***:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
tcp 0 0 192.168.10.60:3306 192.168.10.206:54792 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.60:32797 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.60:32798 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54805 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.60:32790 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.60:32786 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35422 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35415 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35407 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54623 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54627 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:55677 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:55676 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54633 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54632 ESTABLISHED
tcp 0 0 192.168.10.60:32790 192.168.10.60:3306 ESTABLISHED
tcp 0 0 192.168.10.60:32786 192.168.10.60:3306 ESTABLISHED
tcp 0 0 192.168.10.60:32798 192.168.10.60:3306 ESTABLISHED
tcp 0 0 192.168.10.60:32797 192.168.10.60:3306 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54636 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54897 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54640 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54899 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54898 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35436 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54901 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54647 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35433 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54651 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54650 ESTABLISHED

tcp 0 0 192.168.10.60:3306 192.168.10.206:42947 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54725 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54729 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54732 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54735 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:42959 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54741 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54744 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54752 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54754 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54760 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:42998 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54776 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50688 ESTABLISHED
tcp 0 0 192.168.10.60:22 192.168.10.105:48497 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.205:41007 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50511 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50516 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50524 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50525 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50531 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50540 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50545 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50549 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.205:40925 ESTABLISHED
tcp 0 0 :::80 :::* LISTEN
tcp 0 0 ::1:953 :::* LISTEN
tcp 0 0 :::443 :::* LISTEN
udp 0 0 0.0.0.0:32768 0.0.0.0:*
udp 0 0 0.0.0.0:32770 0.0.0.0:*
udp 0 0 0.0.0.0:678 0.0.0.0:*
udp 0 0 192.168.10.60:53 0.0.0.0:*
udp 0 0 ***.***.***.***:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
udp 0 0 0.0.0.0:631 0.0.0.0:*
udp 0 0 :::32769 :::*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 6367 /tmp/.font-unix/fs7100
unix 2 [ ACC ] STREAM LISTENING 6174 /var/lib/mysql/mysql.sock
unix 2 [ ] DGRAM 6476 @/var/run/hal/hotplug_socket
unix 2 [ ACC ] STREAM LISTENING 6301 /dev/gpmctl
unix 13 [ ] DGRAM 5022 /dev/log
unix 2 [ ] DGRAM 3190 @udevd
unix 2 [ ACC ] STREAM LISTENING 5537 /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 6426 /var/run/dbus/system_bus_socket
unix 2 [ ] DGRAM 8211
unix 3 [ ] STREAM CONNECTED 8134
unix 3 [ ] STREAM CONNECTED 8133
unix 3 [ ] STREAM CONNECTED 6474 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 6473
unix 2 [ ] DGRAM 6444
unix 3 [ ] STREAM CONNECTED 6429
unix 3 [ ] STREAM CONNECTED 6428
unix 2 [ ] DGRAM 6383
unix 2 [ ] DGRAM 6369
unix 2 [ ] DGRAM 6325
unix 2 [ ] DGRAM 6295
unix 2 [ ] DGRAM 5940
unix 2 [ ] DGRAM 5913
unix 2 [ ] DGRAM 5836
unix 3 [ ] STREAM CONNECTED 5397
unix 3 [ ] STREAM CONNECTED 5396
unix 2 [ ] DGRAM 5288
unix 2 [ ] DGRAM 5138
unix 2 [ ] DGRAM 5116

lsof - what is this command for?

Quote:

COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
sshd 2370 root cwd DIR 8,9 4096 2 /
sshd 2370 root rtd DIR 8,9 4096 2 /
sshd 2370 root txt REG 8,9 340040 488677 /usr/sbin/sshd
sshd 2370 root mem REG 8,9 105120 507386 /lib64/ld-2.3.4.so
sshd 2370 root mem REG 8,9 35176 488770 /usr/lib64/libwrap.so.0.7.6
sshd 2370 root mem REG 8,9 35024 507604 /lib64/libpam.so.0.77
sshd 2370 root mem REG 8,9 17959 507596 /lib64/libdl-2.3.4.so
sshd 2370 root mem REG 8,9 1225336 507389 /lib64/libcrypto.so.0.9.7a
sshd 2370 root mem REG 8,9 17375 507324 /lib64/libutil-2.3.4.so
sshd 2370 root mem REG 8,9 79336 484026 /usr/lib64/libz.so.1.2.1.2
sshd 2370 root mem REG 8,9 107367 507600 /lib64/libnsl-2.3.4.so
sshd 2370 root mem REG 8,9 30078 507606 /lib64/libcrypt-2.3.4.so
sshd 2370 root mem REG 8,9 91436 507327 /lib64/libresolv-2.3.4.so
sshd 2370 root mem REG 8,9 62504 507603 /lib64/libselinux.so.1
sshd 2370 root mem REG 8,9 93832 488123 /usr/lib64/libgssapi_krb5.so.2.2
sshd 2370 root mem REG 8,9 464040 487083 /usr/lib64/libkrb5.so.3.2
sshd 2370 root mem REG 8,9 145424 486809 /usr/lib64/libk5crypto.so.3.0
sshd 2370 root mem REG 8,9 10384 511243 /lib64/libcom_err.so.2.1
sshd 2370 root mem REG 8,9 1490956 507593 /lib64/tls/libc-2.3.4.so
sshd 2370 root mem REG 8,9 56807 507365 /lib64/libnss_files-2.3.4.so
sshd 2370 root 0u CHR 1,3 1650 /dev/null
sshd 2370 root 1u CHR 1,3 1650 /dev/null
sshd 2370 root 2u CHR 1,3 1650 /dev/null
sshd 2370 root 3u IPv4 5811 TCP *:ssh (LISTEN)

btw, i am having problem ftp-ing in too

Swakoo · 05-06-2007, 03:32 AM

hi guys anyone?

jharris · 05-06-2007, 03:44 AM

Quote:

Originally Posted by Swakoo

lsof - what is this command for?

lsof lists open files, including network sockets that are in use. It was really just so I could see what port sshd was listenening on.

Quote:

Originally Posted by Swakoo

btw, i am having problem ftp-ing in too

Uhm... I can't see anything wrong in these. You got a firewall setup with iptables? If so are you sure that's not the cause of your problems?

HTH

Jamie

Swakoo · 05-06-2007, 10:06 PM

I'll be damm... I'm sure even with iptables OFF it wasn't working before... (SSH and FTP).. but i did a reset a couple of days back, but didn't thought of trying to turn off the iptables... now it works...

I'll be damm.
Nonetheless, thanks for your help!

since we are on the topic, can I ask 2 things?

1) lsof list open files you were saying. we use that to check for connections becase sockets are basically file descriptors?

2) i always find iptables configuration a big mystery, you reckon any good tutorials i can base on to configure my own?
Is it ok i configure iptables config file directly?

nitinatindore · 05-08-2007, 05:24 AM

Quote:

Originally Posted by Swakoo

2) i always find iptables configuration a big mystery, you reckon any good tutorials i can base on to configure my own?
Is it ok i configure iptables config file directly?

This one's really good. From the makers of iptables...fresh and crispy.........
http://www.netfilter.org/documentati...entation-howto

If you find the above also difficult, try using some gui frontends such as firestarter,etc. Or may be other commnad line utilities(firewalls) to configure a proper firewall may be something like shorewall??