LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Virtualization and Cloud (http://www.linuxquestions.org/questions/linux-virtualization-and-cloud-90/)
-   -   Doing ssh to Virtual machine (uses RHEL 4 thru VMWARE in Windows XP) (http://www.linuxquestions.org/questions/linux-virtualization-and-cloud-90/doing-ssh-to-virtual-machine-uses-rhel-4-thru-vmware-in-windows-xp-785485/)

pratap.iisc 01-28-2010 08:14 PM

Doing ssh to Virtual machine (uses RHEL 4 thru VMWARE in Windows XP)
 
Hi,
I am struggling to connect my Virtual machine in VMWare (RHEL) from another machine or even from my host machine (XP) using Cygwin. I want to do ssh/scp to the virtual machine using the Virtual machines ip address. I have tried various setting for VMWARE connection(Network Adapter setting) like Bridged/NAT/Custom. But am not able to connect to guest OS from outside. But I can connect from inside Virtual machine to other Linux machines thru ssh. Please help me out in that.
Thanks in advance!
-pratap

kbp 01-28-2010 08:53 PM

Is iptables on in the virtual machine ?

'service iptables status'

pratap.iisc 01-29-2010 04:07 PM

Yes...Iptables status is on. Also I can ping into the ip address which results from /sbin/afconfig. But I am not able to do ssh into the virtual machine.

kbp 01-29-2010 08:29 PM

Can you post your iptables rules from the virtual machine ?

Code:

iptables -L
thanks

pratap.iisc 01-29-2010 11:38 PM

Here is the output of the command...
Quote:

[root@localhost pratap]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Thanks,
-Pratap

kbp 01-30-2010 01:13 AM

Looks fairly open, is the sshd service running in the virtual machine ?

Code:

service sshd status
Code:

chkconfig --list sshd

pratap.iisc 01-30-2010 04:30 AM

I think sshd is running...
But I an not able to understand the output.


Code:

[root@localhost pratap]# /sbin/chkconfig --list sshd
sshd          0:off  1:off  2:on    3:on    4:on    5:on    6:off

I can do ssh from inside the Virtual machine to external linux machines. Doesn't it mean that sshd is running?

To clarify I would like to attach the following command outputs...
Quote:

[root@localhost pratap]# /sbin/ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:E3:66:7E
inet addr:192.168.24.128 Bcast:192.168.24.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee3:667e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:27709 errors:0 dropped:0 overruns:0 frame:0
TX packets:10673 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:14096513 (13.4 MiB) TX bytes:846447 (826.6 KiB)
Interrupt:5 Base address:0x2024

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4657 errors:0 dropped:0 overruns:0 frame:0
TX packets:4657 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3508594 (3.3 MiB) TX bytes:3508594 (3.3 MiB)


At the host(Windows XP) thru Cygwin Linux emulator I get the following command outputs.

Quote:

bash-3.2$ ipconfig
Windows IP Configuration

Ethernet adapter VMware Network Adapter VMnet8:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.24.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :

Ethernet adapter VMware Network Adapter VMnet1:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.139.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :

Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1

Quote:

bash-3.2$ ping 192.168.24.128
PING 192.168.24.128 (192.168.24.128): 56 data bytes
64 bytes from 192.168.24.128: icmp_seq=0 ttl=64 time=3 ms
64 bytes from 192.168.24.128: icmp_seq=1 ttl=64 time=0 ms
64 bytes from 192.168.24.128: icmp_seq=2 ttl=64 time=1 ms
64 bytes from 192.168.24.128: icmp_seq=3 ttl=64 time=2 ms

----192.168.24.128 PING Statistics----
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip (ms) min/avg/max/med = 0/2/3/2


It pings properly to the virtual machine from the host too.

But ssh to the Virtual machine is not working. :(

As shown in the command.

Code:

bash-3.2$ ssh pratap@192.168.24.128
ssh: connect to host 192.168.24.128 port 22: No route to host


Please suggest where is it going wrong...
Thanks,
Pratap

kbp 01-30-2010 06:45 AM

Vmnet8 is usually a NAT connection, this will prevent inbound connections to the vm from anything other than the host. If you want to connect to the vm from another machine on the network you will need to change the vm's network type to bridged.

Please switch the network type then restart the vm, the new ip address for the vm should be in the same network range as the host machines 'Local Area Connection 2'

<edit>In regard to your first question - no, when you connect via ssh from one machine to another, you are running the 'ssh' client on your machine to connect to the 'sshd' server on the other machine. Connecting from one to the other does not necessarily mean the reverse is possible</edit>

<edit2>To confrm sshd is running on the vm, run 'service sshd status'. There is also another possibility, please post the contents of /etc/hosts.allow and /etc/hosts.deny from the vm</edit2>

cheers

pratap.iisc 01-30-2010 01:19 PM

1 Attachment(s)
Thanks for the suggestion.
Yes...I changed it now to bridges connection and am getting ip address in the range of LAN2. Host has ip 192.168.1.5 where as now the VM has ip 192.168.1.11.
The content of the file "/etc/hosts.deny" is as follows.
Code:

#
# hosts.deny        This file describes the names of the hosts which are
#                *not* allowed to use the local INET services, as decided
#                by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!

The content of the file "/etc/hosts.allow" is as follows.
Code:

#
# hosts.allow        This file describes the names of the hosts which are
#                allowed to use the local INET services, as decided
#                by the '/usr/sbin/tcpd' server.
#

Attached is a snapshot of the services which tells that sshd services are running.
Do I need to do anything else to access my Virtual OS from host or any other system?
Thanks,
Pratap

kbp 01-30-2010 04:45 PM

No, that should be it, is it working ?

pratap.iisc 01-30-2010 09:23 PM

Nope.
It's still not working...:(
In the VM

Code:

[pratap@localhost ~]$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:E3:66:7E
          inet addr:192.168.1.11  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fee3:667e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14023 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1225 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1583026 (1.5 MiB)  TX bytes:146453 (143.0 KiB)
          Interrupt:5 Base address:0x2024

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3531 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3531 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2973370 (2.8 MiB)  TX bytes:2973370 (2.8 MiB)

.
.
At the host end...
Code:

bash-3.2$ ping 192.168.1.11
PING 192.168.1.11 (192.168.1.11): 56 data bytes
64 bytes from 192.168.1.11: icmp_seq=0 ttl=64 time=24 ms
----192.168.1.11 PING Statistics----
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip (ms)  min/avg/max/med = 24/24/24/24


Ping works...

Code:

bash-3.2$ ping 192.168.1.11
Code:

PING 192.168.1.11 (192.168.1.11): 56 data bytes
64 bytes from 192.168.1.11: icmp_seq=0 ttl=64 time=24 ms




But for ssh from host to VM it doesn't work...
Code:

bash-3.2$ ssh pratap@192.168.1.11[/COLOR]
ssh: connect to host 192.168.1.11 port 22: No route to host

:(

kbp 01-31-2010 03:35 PM

Two things to try:

- stop iptables then attempt connection ( just in case we missed something )
- sshd may be running on a non-standard port, please post the content of /etc/ssh/sshd_config

cheers

pratap.iisc 01-31-2010 05:31 PM

1 Attachment(s)
Ohh...Yes...
After stopping the service "iptables" it works.
Now please tell me how do I configure the "iptables" to have an access thru ssh even if that service is on.

Attached is the file "/etc/ssh/sshd_config"

Thanks a lot for the invaluable help! :hattip:

Cheers,
Pratap

kbp 01-31-2010 10:35 PM

Probably the easiest way would be to run 'system-config-firewall-tui' and allow ssh access

cheers

pratap.iisc 02-01-2010 02:20 PM

Thanks again for the hints. Actually in RHEL4 I couldn't find any thing like 'system-config-firewall-tui' but there was 'system-config-securitylevel-tui' and I made changes in that to access only ssh and it works fine. :)
Cheers,
Pratap


All times are GMT -5. The time now is 02:43 AM.