Hi-

I am trying to connect to an ip in virtualbox.
I used host only adapter.

I got the ip to use off of ifconfig. My message in the error log run using this command:

journalctl -u sshd |tail -100 read as follows:

Apr 09 13:38:24 localhost.localdomain sshd[2477]: refused connect from 192.168.42.1 (192.168.42.1)

the ifconfig reads like:

192.168.42.101

it is truncating the 01 at then end of the ip address.

my /etc/hosts.allow says:

sshd: 192.168.0.0/255.255.255.0

any idea why the log gives a different ip in the refused connect msg?

I didn't really make any changes to sshd_config yet. i start server with systemctl start sshd.service

thx. - mtdew3q

Incorrect netmask. You are allowing from 192.168.0.XXX.

1 members found this post helpful.

hi-

i got a different message now:

$ ssh -p 22 smasher@192.168.32.1
ssh: connect to host 192.168.32.1 port 22: Connection refused

in hosts.allow file

sshd: 192.168.0.0/255.255.255.0

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80...
IPv4 Address. . . . . . . . . . . : 192.168.32.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :

thx. - mtdew3q

hi okay emerson.

sorry. didn't know you posted.

i will check the mask.

thx.

Which distro, including version, are you using and which version of openssh-server are you running?

hosts.allow is tcpd which is from before even ipchains existed. From OpenSSH 6.7 onwards, tcpd (tcpwrappers) support in sshd has been disabled and you'll have to progress to using iptables for filtering.

1 members found this post helpful.

In addition please explain what you are trying to accomplish.

Are you trying to connect to the host or other virtual machine?

The default settings for host only adapter network is 192.168.56.0/24 and the DHCP is enabled by default. How are you configuring your the network for each machine?

1 members found this post helpful.

fedora 25 xfce and openssh 7.4.

many of the tutorials on the web still reference hosts.allow and hosts.deny.

I will have to read up on your tech tip.

I managed to get leafpad to appear on my windows desktop with ssh/x11-forwarding.

thx.- mtdew3q

I ended up using a bridge adapter which is the easiest way. I connected to the virtual machine. I'd like to know if it is possible to do with a host-only or NAT setup for the adapter.

I will have to keep reading.

thx - mtdew3q

Between host and guest?

1 members found this post helpful.

Hi Michaelk-

I just read about turbocapitalist's statement that the hosts.allow and hosts.deny are deprecated. I saw the same statements elsewhere.

I was able to get a host-only adapter working too. That is maybe what you meant when you said, "between host and guest?".

I will stick with the host-only adapter way of connecting to an ssh-server on the guest for now.

Thx-
mtdew3q

Check with an authoritative source at least:

• "Support for tcpwrappers/libwrap has been removed."
  https://www.openssh.com/txt/release-6.7
  
• "remove libwrap support"
  https://cvsweb.openbsd.org/cgi-bin/c...-cvsweb-markup

So many guides and tutorials are either out of date or cargo-cult incorrect or out of date material that good ones are hard to find that it's very important to chase down authoritative sources while they are available. Using them puts a stop to guessing.

Were you able to figure out the corresponding iptables rules?

1 members found this post helpful.

Hi Turbocapitalist-

I have a second network adapter set up as NAT for internet surfing. I thought when I read this article and one or two others with this setup I may not need iptable rules. I don't know very much about networking though.

http://christophermaier.name/2010/09...th-virtualbox/

thx. - mtdew3q

I meant iptables in the context of replacing what you were trying to do with tcpwrappers earlier. If you do not need that, then don't worry about iptables at the moment.

How many network adapters does the VirtualBox guest containing the SSH server (sshd) have?

1 members found this post helpful.

It has 2. One is an adapter that uses NAT and the other is the host-only network adapter.

Thx. for writing -

mtdew3q

Your iptables rules will mostly have to be done double, once for each interface. It may be worth a new thread over in Networking when you get that far. But that's for later.

Right now a small but useful step would be to make the SSH server listen only to the guest's host-only network adapter, if that is what you want. For that, lookup the ip address for that adapter and then apply that address to the ListenAddress directive in the guest's sshd_config file. For details, see your version's manual page:

If you stop being able to log in, then you have either the wrong address or something wrong with the host-guest routing.

1 members found this post helpful.