LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   SSH wont connet (https://www.linuxquestions.org/questions/linux-security-4/ssh-wont-connet-336975/)

bingo11 06-25-2005 12:30 AM
SSH wont connet
 
Hey all, I am having a hard time figuring out why i cannot connect to my box from outside through SSH when logging through local host works perfectly.

When i check my iptables through iptables -L i have nothing at all however when i nmap my port 22 i get :

22/tcp filtered ssh

This apparently means that this port is under some kind of firewall control...

Any help about what i should do to be able to connect from outside would be greatly appreciated.

Madi

PS: Even after temporarily disabling iptables "chkconfig iptables off" i cannot connect and nmap still give the same output

trickykid 06-25-2005 10:03 AM
Is this host behind some kind of router/firewall? If so, do you have port forwarding for port 22 to the correct host your trying to connect to?

bingo11 06-25-2005 03:47 PM
Quote:
Originally posted by trickykid
Is this host behind some kind of router/firewall? If so, do you have port forwarding for port 22 to the correct host your trying to connect to?
Thnaks trickykid for your interest,
No unfortunately i am not behind any firewall or router. That's what is making me go crazy...
Any other suggestions ??

Thx,

Madi

Capt_Caveman 06-25-2005 06:09 PM
Using chkconfig is only going keep services from starting after a reboot, so try using 'service iptables stop' or '/etc/init.d/iptables stop' instead

Also check that SSHd is running on the server

Finally try running tcpdump to make sure that the sshd server is seeing the packets (tcpdump port 22).

bingo11 06-26-2005 01:05 AM
Capt_Caveman, Thx for the suggestions.
I have indeed stopped the iptables and made sure that they wont restart after i rebooted. On the other hand, i assume sshd is running on my machine since i can connect from local host.
As for TCPDUMP, i am no expert in networking but i see a couple of messages coming fom the machine i tried to connect (xxx.xxx.xxx.xxx.ssh) from to my box and couple ou ack sent back.
when i stop the tcpdump i get the following message,

36 packets captured
36 packets received by filter
0 packets dropped by kernel

If i understand correctly, i am getting the ssh requests but they are still getting stopped by a firewall service ...is that correct ?

Madi

Capt_Caveman 06-26-2005 06:04 PM
On the other hand, i assume sshd is running on my machine since i can connect from local host.
Sounds like it's running then, however make sure that it's listening on the correct IP address. Run 'netstat -pant" and you should see an entry for port 22. Make sure that the ip address for that entry is not 127.0.0.1. It will likely be 0.0.0.0 or :::: or whatever the machines IP should be.

As for TCPDUMP, i am no expert in networking but i see a couple of messages coming fom the machine i tried to connect (xxx.xxx.xxx.xxx.ssh) from to my box and couple ou ack sent back.
Could you post part of the output (make sure to change any public IPs).

If i understand correctly, i am getting the ssh requests but they are still getting stopped by a firewall service ...is that correct ?
Usually yes, however there are a number of things such as networking problems that can result in a 'filtered' nmap status. Also some ISPs filter certain ports at upstream routers, so you may want to try using traceroute and see if your packets are dying somewhere upstream (try comparing normal traceroute to traceroute on port 22). It could also be a problem with the firewall of the remote machine you are sshing from.


All times are GMT -5. The time now is 02:38 AM.