Hey guys, Im currently at work and us IT guys are kinda stumped on this one...


Our Apache machine runs Redhat 2.4.8, go figure I use Gentoo..FreeBSD ect ect.. but never used RetHat.. Then again its linux soo....

Anyway I was setting up samba with our winblows domain, no biggie right? Well all of the sudden SSH stoped working. From the RedHat machine I can SSH localhost (to my self) and ssh to various other public servers. However when I try and ssh from the winblows machines useing PuTTy the connection times out! I've even tryed forwarding the port just for testing purposes with no luck. Its not working internaly or externaly. I've checked the SSHD logs, and everything was fine. From the RadHat machine I ran ssh in verbose mode when connecting to localhost and it worked fine also. The only thing I can't do is connect from another machine, and I can't figure out why. I have not reinstalled SSH becuase I don't know how to use RPM's (heh funny eh?) Any Ideas???

Did you make any changes to the firewall? Double-check and make sure it's not blocking the SSH port. Red Hat's lokkit utility annoys the ever-living crap out of me because it never remembers settings. Each time you run it, you must explicitly open every port you provide service on (rather than simply adding a new port to an existing config). So if you tried to poke a hole for samba, your access to SSH may have been overwritten.

lokit? I've not used it before. The only thing I did with anything public was log into our public router, which has nothing to do with the RadHat machine, can you be alittle more specific Also thanks for the quick reply

A Red Hat box typically comes with a firewall installed (through iptables). Red Hat provides two means of accessing the firewall:

1. GUI: Main menu -> System Settings -> Security Level
2. command line: lokkit

Both allow you to specify a vague security level (high, medium, or none), and the ability to poke a hole for a limited number of services (web, ssh, telnet, ftp, dhcp, and smtp). It also allows you to open other ports by explicitly listing them below the checkboxes for web, ssh, etc.

Neither utility will provide you with the current configuration. To check your firewall, you'll need to issue iptables --list. It will list the rules in place for dropping packets. If you don't feel like interpreting those (somewhat cryptic) rules, you can run nmap from another box. It will tell you what ports are actively open on the machine.

Thanks for the quick reply again

However after checking the iptables -list and the GUI there is no mention of port 22 being denied, or accpted for that matter, so I don't think the problem lies there


Brb - someone fooked over there windows.

My knowledge of iptables rule sets is somewhat limited, but I do know that a system has a default policy of accepting or rejecting a port. In other words either accept everything except ports A, B, C, and D, or reject everything except ports E, F, and G. For a secure system, it's the latter configuration. Would you mind posting the output of the iptables --list command?

Hi,

This is most likely a firewall issue.

QUICK CHECK:
1) Flush all iptables rule.
2) Nmap port 22. This should have the status OPEN and not FILTERED.
3) Try to SSH.

If you can connect to ssh, change your firewall rules. I hope this help!

_______________________________________________
man is our friend my friend!