Sarge to Etch on ssh fails
Okay, I'm trying for a while, but nothing works...
I have a desktop and laptop and until recently both had Sarge installed. I could ssh from one to the other without any problem. Two weeks ago I decided to upgrade the laptop to Etch but that left me with some problems (like non-working menu entries) so I'd had to bite the bullet and re-install from scratch with an Etch net-install CD. All works well, except logging in remotely via ssh. I can ssh into the desktop from the laptop, but the other way round it fails with a 'Permission Denied' error. I've created a 1024 bit RSA key-pair and copied it from the laptop to the desktop (with scp, also works in only 1 direction), but to no avail. I'm doing something wrong, but I'm out of ideas... |
Check out this link and check everything out step by step to see if all is configured. One thing to check is if there is a firewall active to make sure tcp port 22 is open.
http://www.suso.org/docs/shell/ssh.sdf Brian |
Just trying to find out more information.
Is this as a normal user? Does your firewall allow port 22? What do you see in your logs? |
Brian, thanks for the link, I'll investigate.
Fordeck: this is indeed as a normal user, but that worked before as well. As root it also fails with the same error. Firewall? Not that I'm aware of. Port 22 should be open, as it's on my local LAN. However, I installed Guarddog as it appears iptables is present (and apparently active) on the laptop. It doesn't make a difference though.... |
The user root by default should not be able to ssh. However iptables could be blocking port 22. Some distro's ask during instalation what services you want to allow, and if you did not explicitly allow port 22, then it will be blocked. One way to test would be to disable iptables on the laptop and try again.
|
I tried, even removed iptables all together, later disabled the firewall with Guarddog, but still that d*mned "Permission denied" error...
|
To clear iptables use the command as root ' iptables -F ' to flush the rules. See if you can connect as a regular user account. Only last thought to make sure port is open and there is to use a portscanning app from other local lan machine to scan that machine.
Brian |
Thanks for the hint Brian, I scanned from the desktop and only ports 80, 111, 113, 538 and 5900 are reported open. (don't worry, I have a hardware firewall in my router ;)) I'll be looking back tomorrow to see if I overlooked something with that tutorial in hand. Thanks and good night! (it's 3 a.m. local time... zzzzzzzzzzzzzz ;))
|
If the firewall is down and the port is not open ssh is either not installed or it's not running.. try to restart the daemon and see what happens..
Code:
debian:~# /etc/init.d/ssh stop I then restarted the ssh daemon used netstat to check for it and the response indicates ssh is indeed running on my machine now.. |
D*MN...
I tried the netstat command Farslayer gave and it turned out... Nothing! For some reason SSH wasn't installed, so I did a Code:
apt-get install ssh Stupid, stupid, stupid banging head against wall Okay, now I can proceed configuring my laptop :) Thanks guys! |
Ah yes the 'BASE' install of Debian leaves out everything that isn't necessary.. including ssh :)
it does make for a clean system though ehh ? |
A little too clean if you ask me ;)
|
Glad to see you have it going. I guess you get what you ask for during and install. SSH should be a default all the way to Base install.
Brian |
Dutch Master,
Dist-upgrade doesn't work great in the stage of development Etch is in now, so I think it was justified to do a clean install. I have faced the same problems doing dist-upgrade. And a clean install of Etch is working just fine. Indeed, Debian doesn't install SSH by default, and some more very basic packages it doesn't install. Next time, do Code:
dpkg --get-selections > my-installation.txt Edit the list if you like, but to get all packages back do: Code:
dpkg --set-selections < my-installation.txt jlinkels PS. This is one of the reasons to get basic skills in vi. Even Debian doesn't leave out that one. |
All times are GMT -5. The time now is 06:49 PM. |