Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
it resolved the name correctly (the XYZ.XYZ.XXYYZZ.edu) but connection timed out.
Also, I did stop the iptables with # service iptables stop
side note question why do people put # then a command is it just to signify that its a command? and why did you put a $ instead of # ? did you just use a different version of linux or unix? [sorry I know so little about linux]
Something is filtering traffic to your host. (And that is easily demonstrated with the nc commands I mentioned.) Bottom line: if you can't establish a tcp connection to the service port, you're not going to be able to use ssh, period.
here is the /var/log/secure
Oct 21 05:12:37 sysb sshd[20815]: User XXX not allowed because shell /bin/
shell does not exist
Oct 21 05:12:37 sysb sshd[20816]: input_userauth_request: invalid user XXX
Oct 21 05:12:37 sysb sshd[20815]: reverse mapping checking getaddrinfo for
10.155.xxx.xxxxxxxx.edu failed - POSSIBLE BREAK-IN ATTEMPT!
Earlier in this thread you were connecting to sshd just fine. So we're making backward progress.
Think hard about what you changed between then and now.
-------
edit: Upon closer inspection, I think those messages were from your internal network connections. If so, never mind.
The earlier SSH's with that user were from my internal connection. So, to you it seems like I need to speak to the Network people again? Maybe I spoke with someone that was misinformed? I don't think it matters but I can view the html files on the server from anywhere (which is a tcp connection over port 80 right?)
Last edited by linuxlychallenged; 10-23-2009 at 05:00 PM.
Sounds like the voice of someone who has had to read requests like this submitted to them daily
I really appreciate the help. I will try to remember to let everyone know what I find out when I hear from the Network staff again. I really appreciate everything.
If you can ssh access the server from your local network and you can not access from outside, there might be a possibility that the ssh traffic is getting blocked in local system firewall.
You can do a ping/traceroute test from outside (hope they are allowed by the network admins)to check the connectivity. However, I believe that that will go through as you are able to access the website hosted on the same server.
Do you have any rule in your /etc/hosts.deny file for sshd?
@avijitp
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!
Nope, above is the contents of hosts.deny. And its all commented out.
And yes I can ping from the outside, and I'm not sure about traceroute because the test box I'm logged into remotely needs su privileges and I don't have them for the remote machine I'm using to test my server with.
So I just wanted to let everyone know, that the problem is not fixed yet, but the Network people have said they are going to fix it. So, apparently I spoke with someone who was misinformed the first time. Thank you all for the help and hopefully this is resolved now.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.