LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-19-2015, 02:54 PM   #1
Rotwang2
Member
 
Registered: Aug 2014
Distribution: Ubuntu, Centos, Fedora
Posts: 210

Rep: Reputation: Disabled
Unhappy External ssh access to home pc


I have a linux box, working totally fine, can ssh to it locally no problem. I'm trying to set it up so that I can ssh to it from the outside. This is just a home pc.

I set up my router's firewall correctly (I've done this 1000 times before, I'm not new to port forwarding).

What happens when I try to ssh from the outside is that it just hangs and times out.

It's very important to mention that this also happens when I switch the port forward to my (cough) mac and try to ssh to that instead. So this is likely not a linux issue but rather a general networking problem.

I've called time warner and confirmed that they're not blocking SSH somehow.

Can't think of what could be wrong.

thanks
 
Old 01-19-2015, 03:56 PM   #2
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,827

Rep: Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964
Are you testing ssh from within your network by just using your WAN IP or actually trying to connect from an external client?. Could be your router is not configured to loop back. What is the make/model of your router?
 
Old 01-19-2015, 06:48 PM   #3
Rotwang2
Member
 
Registered: Aug 2014
Distribution: Ubuntu, Centos, Fedora
Posts: 210

Original Poster
Rep: Reputation: Disabled
yes, outside

Cisco E1200

Yes, I've tried from the outside. (That's a good theory tho, thanks). I logged into my web hosting box, which is on the outside, in Bethesda, and tried SSHing back. same timeout

thanks
 
Old 01-20-2015, 03:29 AM   #4
veerain
Senior Member
 
Registered: Mar 2005
Location: Earth bound to Helios
Distribution: Custom
Posts: 2,524

Rep: Reputation: 319Reputation: 319Reputation: 319Reputation: 319
Are you using adsl? Some adsl modems don't support router abilities. Can you access http port 80? Please install a web server and check.
 
Old 01-20-2015, 05:14 AM   #5
zafar_dandoti
Member
 
Registered: Dec 2005
Location: India
Distribution: centos
Posts: 178

Rep: Reputation: 13
Try resetting the router to factory settings and reconfiguring. Some routers firewall needs to he disabled to get it working.
 
Old 01-20-2015, 07:10 AM   #6
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,827

Rep: Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964
What happens when you try a port scan from your web host:

nmap -PN -p ssh_port your_home_WAN_IP or host_name (replace with real numbers,names)
 
Old 01-21-2015, 11:44 AM   #7
Rotwang2
Member
 
Registered: Aug 2014
Distribution: Ubuntu, Centos, Fedora
Posts: 210

Original Poster
Rep: Reputation: Disabled
@veerain Yea I'm running apache- wget said:

--2015-01-21 12:46:02-- http://MYIP/
Connecting to MYIP:80...

times out

@zafar_dandoti It's a brand new router, this is the first thing I did after setting my wifi password.

@michaelk 22/tcp filtered ssh

thanks so far all

Last edited by Rotwang2; 01-21-2015 at 11:47 AM.
 
Old 01-21-2015, 06:31 PM   #8
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,827

Rep: Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964
Assuming ssh isn't blocked by TWC your firewall on the computer could be messing with the port scan or your router is still not configured correctly.
 
Old 01-21-2015, 07:30 PM   #9
Rotwang2
Member
 
Registered: Aug 2014
Distribution: Ubuntu, Centos, Fedora
Posts: 210

Original Poster
Rep: Reputation: Disabled
see screenshot,

192.168.1.120 is how I log into it locally on the lan, no prbolem. I've also tried it the the mac's ip address instead.
Attached Thumbnails
Click image for larger version

Name:	Screen Shot 2015-01-21 at 8.27.35 PM.png
Views:	30
Size:	69.3 KB
ID:	17393  

Last edited by Rotwang2; 01-21-2015 at 07:34 PM. Reason: screenshot didn't attach
 
Old 01-21-2015, 08:20 PM   #10
michaelk
Moderator
 
Registered: Aug 2002
Posts: 25,827

Rep: Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964Reputation: 5964
Looks ok...
Maybe try a different port > 1024?
 
Old 01-21-2015, 08:41 PM   #11
Miati
Member
 
Registered: Dec 2014
Distribution: Linux Mint 17.*
Posts: 326

Rep: Reputation: 106Reputation: 106
Try telnet to the ip?

Should output something like this if it's working correctly

Code:
telnet 6435.43.457 22
Trying 6435.43.457...
Connected to 6435.43.457.
Escape character is '^]'.
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
 
Old 01-28-2015, 09:08 AM   #12
zafar_dandoti
Member
 
Registered: Dec 2005
Location: India
Distribution: centos
Posts: 178

Rep: Reputation: 13
U did not mention which distro u r using. If its RHEL or its rebuild selinux might be preventing access or tcpwrappers configured to allow local ip's. Also i would like to check with iptables .rules

Last edited by zafar_dandoti; 01-28-2015 at 09:11 AM.
 
Old 01-28-2015, 01:23 PM   #13
Rotwang2
Member
 
Registered: Aug 2014
Distribution: Ubuntu, Centos, Fedora
Posts: 210

Original Poster
Rep: Reputation: Disabled
@michaelk

Tried 1024 and 2222 (and yes, I opened them up on the router obviously!) same timeout.

@Miati

Tried telnetting, no go. but doesn't telnet require me to open a port for it? I can't remember what port telnet is? 21?

@zafar_dandoti

CentOS, but I've had this same setup since 2007 and I was able to ssh to it years ago, and I haven't changed anything or even upgraded the distro. If you still want me to, remind me how to check the iptables rules, I've done that before but it's been a while, thanks,

rw
 
Old 01-28-2015, 01:50 PM   #14
Miati
Member
 
Registered: Dec 2014
Distribution: Linux Mint 17.*
Posts: 326

Rep: Reputation: 106Reputation: 106
Quote:
Originally Posted by Rotwang2 View Post
@Miati

Tried telnetting, no go. but doesn't telnet require me to open a port for it? I can't remember what port telnet is? 21?
In this context, telnet is being used to debug. If you look at my previous post, a successful connection will identify it as a ssh server - what you want. Then telnet will fail.
If it's a connection refused, then there's no ssh-server available. There might be one listening - but it's being blocked.

As for seeing current iptable rules:

Code:
iptables -L
 
Old 01-28-2015, 02:51 PM   #15
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142
Quote:
Originally Posted by Rotwang2 View Post
CentOS, but I've had this same setup since 2007 and I was able to ssh to it years ago, and I haven't changed anything or even upgraded the distro. If you still want me to, remind me how to check the iptables rules, I've done that before but it's been a while, thanks
Maybe you should try temporarily disabling SELinux and/or iptables, just to see if it's causing the problem? Once you know what's blocking the connection you can work through the problem. Until then you're just shooting blind.

Last edited by suicidaleggroll; 01-28-2015 at 02:53 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to give access to user only home directory through ssh? jeevar Linux - Newbie 1 08-06-2012 08:51 AM
Unable to access home directory of AD user after logging in via SSH with Samba transient Linux - Software 1 08-24-2011 12:01 PM
Accessing external SSH from a PC with only port 80 access wanted.alive Linux - Networking 11 12-27-2010 02:26 PM
Folder Max Size and Limiting SSH access to home folder. Mefistofeles Linux - General 4 11-26-2005 02:09 PM
SuseFirewall2 and external SSH access connection timed out usmanaziz Linux - Distributions 1 09-03-2004 03:15 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:55 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration