SSH working locally but not remotely on Red Hat Enterprise Linux

macd909 · 01-06-2012, 03:46 AM

Hello Everyone,

I am new to linux and I am trying install red hat enterprise onto a spare dell power edge server that I have and enable a remote SSH connection to the box.

This is a fresh install of red hat enterprise and the SSH doesn't appear to be working remotely. I am attempting to connect directly from my laptop so the issue doesn't lay with port forwarding on my router.

I am using NMAP to port scan the box and it is showing that no ports are open at all, even after disabling iptables completely.

When I run service --status-all

I can see the Open SSH daemon is running and when I try SSH local to the machine 'ssh root@localhost' it lets me log in.

I have added to the host.allow file the text SSHD= ALL and checked that there is nothing in the host.deny.

The port scan shows port 22 is closed and thus when I try to SSH using putty from my laptop, the connection is refused.

Any help / suggestions would be greatly appreciated!

Thanks,

Greg.

allez · 01-06-2012, 03:53 AM

Well, it would be not bad to look at your /etc/ssh/sshd_config and output of the iptables -L command.

novice06 · 01-06-2012, 08:44 AM

Make sure below line is at /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 22 -j ACCEPT

macd909 · 01-06-2012, 09:53 AM

Hi,

Here are the outputs:

root@pdl release]#iptables-L
Chain INPUT (policy ACCEPT)
targer prot opt source destination

Chain FORWARD (policy ACCEPT)
targer prot opt source destination

Chain OUTPUT (policy ACCEPT)
targer prot opt source destination

I am also now running a web server with the same issue.. So it doesn't look like it affecting the SSH service only. I also opened NC to test only port 999 and wasn't able to view it as open with the remote port scanner.

-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 22 -j ACCEPT was already in /etc/sysconfig/iptables.

Thanks,

Greg.

kbscores · 01-06-2012, 10:24 AM

i dont know if this will make a different or not but in our /etc/hosts.allow we use format

sshd:ALL

Although if your /etc/hosts.deny file is empty it shouldn't matter.

Check /etc/services file and make sure ssh is listed in there like:

ssh 22/tcp
ssh 22/udp

Have you tried disabling iptables to see if it works that way?

saifelyzal · 01-06-2012, 12:08 PM

cat you telnet to the box with port 22 to make sure is your service runing and try it with both hostname and ip address. it sound like having problem reaching the box, and check your ip address config

novice06 · 01-07-2012, 12:50 AM

could it be there is firewall between your server and client? You may analysis with tcpdump util too
e.g
tcpdump -vv -i eth0 port 22

chrism01 · 01-08-2012, 08:00 PM

As mentioned in post #2, post /etc/ssh/sshd_config. Specifically check the ListenAddress entry, although others may be important also.