LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 08-17-2009, 02:14 PM   #31
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,516

Rep: Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896

OP is the original poster, so it's you :-)

You need to login as user, not root, and you need to login as the user who will use ssh to connect.
Then
Code:
rm $HOME/.ssh/known_hosts
Then try again to login
Code:
ssh 127.0.0.1
 
Old 08-17-2009, 02:16 PM   #32
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,516

Rep: Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896
You first need to install ssh as root
login as root
then
Code:
apt-get install ssh
Then logout as root, login as user and do what is mentioned in the previous post
 
Old 08-18-2009, 01:30 PM   #33
ludo33
Member
 
Registered: Feb 2009
Posts: 119

Original Poster
Rep: Reputation: 16
OK

Followed the instructions explicitly! ( that should of been implicity! sorry )

ludo1979@debian:~$ rm $HOME/.ssh/known_hosts
ludo1979@debian:~$ ssh 127.0.0.1
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
RSA key fingerprint is 1b:cc:d0:4e:53:9b:3b:9b:03:22:3c:20:38:9d:7e:b7.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '127.0.0.1' (RSA) to the list of known hosts.
ludo1979@127.0.0.1's password:
Linux debian 2.6.26-2-486 #1 Sun Jul 26 20:43:17 UTC 2009 i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Aug 18 18:20:28 2009 from localhost
ludo1979@debian:~$

Is this correct? How to reach the server from my windows machine I've got Putty and WinSCP

Last edited by ludo33; 08-18-2009 at 03:47 PM.
 
Old 08-18-2009, 09:19 PM   #34
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.6, Centos 5.10
Posts: 16,324

Rep: Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041
Well, you've connected via the loopback interface, now you need to fire up putty and see if you can connect from MSWin.
Check your firewall (iptables -nvL) to ensure you're not blocking port 22.
 
Old 08-19-2009, 01:51 AM   #35
ludo33
Member
 
Registered: Feb 2009
Posts: 119

Original Poster
Rep: Reputation: 16
Alas..

...Tried to connect with Putty from MSWin, "Connection Timed Out" The firewall isn't blocking port 22. Hmmm what next?

Thanks for helping an old timer out.
 
Old 08-19-2009, 02:08 AM   #36
EricTRA
Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291
Hello Ludo,

Check in file /etc/ssh/sshd_config if you haven't got any weird values. Should be like this (basic config file when installed out of the box). With the apt-get install ssh normally ssh will listen on all interfaces on port 22.
Code:
# Package generated configuration file
# See the sshd(8) manpage for details

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     %h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM yes
This is my sshd_config file and the only thing I changed is the
Code:
PermitRootLogin yes
tag. Default this is set to no to prohibit root to login using ssh.

Also if your using a user without password (blank password), which is not a good idea, you should change
Code:
PermitEmptyPasswords no
to
Code:
PermitEmptyPasswords yes
.

Kind regards,

Eric
 
Old 08-19-2009, 11:46 AM   #37
ludo33
Member
 
Registered: Feb 2009
Posts: 119

Original Poster
Rep: Reputation: 16
Hello

Thanks everyone for the help. I haven't touched the config file:


# Package generated configuration file
# See the sshd(8) manpage for details

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM yes

Last edited by ludo33; 08-19-2009 at 11:59 AM.
 
Old 08-19-2009, 04:58 PM   #38
ludo33
Member
 
Registered: Feb 2009
Posts: 119

Original Poster
Rep: Reputation: 16
Is this...

.. the next step http://www.howtoforge.com/how-to-con...-5-quick-steps ?
 
Old 08-19-2009, 08:15 PM   #39
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.6, Centos 5.10
Posts: 16,324

Rep: Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041
Can you ping and nslookup the server, by name as well as ip address?
Did you ensure putty is using ssh? It defaults to the telnet protocol.
Check the firewall on your putty system.
 
Old 08-20-2009, 01:58 PM   #40
ludo33
Member
 
Registered: Feb 2009
Posts: 119

Original Poster
Rep: Reputation: 16
Thanks again..

..I think I am trying to do the impossible.

I am using a dynamic dns from dydns.com

When I do nslookup from the server:

debian:/home/ludo1960# nslookup xxxx.dnsalias.org
Server: 192.168.1.1
Address: 192.168.1.1#53

Non-authoritative answer:
Name: xxxx.dnsalias.org
Address: 217.39.42.xxxx

debian:/home/ludo1960#

When I try from my My Windows machine i get Request timed out, yet I can still browse the internet site I have on the server, any ideas?
 
Old 08-20-2009, 02:18 PM   #41
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,516

Rep: Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896
try to use the ip from the debian server (192.168.1.x) when you use putty on the windows machine
Code:
ssh 192.168.1.x
If you use
Code:
ssh xxxx.dnsalias.org
it will resolve as 217.39.42.xxxx
So the connection will go out true the router and has to come back in.
Not all routers allow this.
Does the router has a firewall?
Did you forwarded port 22 on the router to the linux server?
 
Old 08-20-2009, 02:46 PM   #42
ludo33
Member
 
Registered: Feb 2009
Posts: 119

Original Poster
Rep: Reputation: 16
OK

Hi again repo, your persistence is admirable -

Yes the router has a firewall, but I added port forwarding for port 22

When you say "Not all routers allow this." How do I find out if I am lucky enough to not have one of those ones? It's a BT Voyager 210 if that means anything to you and the windows machine is connected on a seperate network ie I am trying to connect to SSH over the net.

Sorry for being a pest.

Thanks again..beginning to wish my son never gave me this linux box..only joking I love it!
 
Old 08-20-2009, 02:52 PM   #43
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,516

Rep: Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896
Try to connect from an other computer outside your network.
You can use a online port scanners to see if the sshd is listening.

http://www.derkeiler.com/Service/PortScan/
 
Old 08-20-2009, 02:59 PM   #44
ludo33
Member
 
Registered: Feb 2009
Posts: 119

Original Poster
Rep: Reputation: 16
What an excellent ..

..tool http://www.derkeiler.com/Service/PortScan/ is!

Port 22 is not open, do I have to re-start the server to update any changes I made in the router?
 
Old 08-20-2009, 03:02 PM   #45
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,516

Rep: Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896Reputation: 896
normally not
It is possible however you need to restart the router.
make sure you forwarded the port to the right ip, and that the firewall at the server allows ssh.
You can disable the firewall to test.
 
  


Reply

Tags
installation, openssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenSSH dream.impres Linux - Newbie 5 08-05-2008 02:31 AM
I installed openssh for redhat 7.3 but no /etc/ssh/ssh_config file was made akay Linux - Networking 1 11-15-2004 06:19 PM
OpenSSH gregoryfrancis Linux - General 4 03-02-2003 02:09 PM
openSSH Niphargus Linux - Security 4 08-06-2002 09:46 PM
OpenSSH Tarantismic Yak Linux - Security 2 07-14-2001 05:26 AM


All times are GMT -5. The time now is 08:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration