Hello,

So I've been looking all over for help on this, but I can't figure it out. If anyone can provide any help that'd be great.

I've got two computers with RedHat on them. One computer (C1) is connected directly to the internet via ethernet. C1 is also connect via wireless to a LAN (192.168.1.10). Computer 2 (C2) is only connected via ethernet to the LAN (192.168.1.11). Both computers can ping each other.

My goal is to ssh from C2 to C1, but I am unable to and I get:

[root@localhost ~]# ssh 192.168.1.10 -v
OpenSSH_4.3p2, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.10 [192.168.1.10] port 22.
debug1: connect to address 192.168.1.10 port 22: Connection refused
ssh: connect to host 192.168.1.10 port 22: Connection refused

Telnet does not work either.

HOWEVER:
-I can ssh into C1 through the internet via Putty on a windows box. And I'm currently remotely doing this, but I can get access to the actual box if needed.

-I can ssh from C1 into C2 normally. (just not the other way which is the problem)

-Also, within the LAN the computer C2 can ssh to other computers that have been set up and vice versa. And these other computers can ssh into C2 but just not C1.

-I have also set the iptables to accept all incoming and outgoing
"/sbin/iptables -P INPUT ACCEPT"

It is just this one computer C1 that is causing problems and I need to fix it.

Any help would be appreciated! Thanks a lot!

why does C1 have 2 active connections? I would bet your problem lies in that. Which nic is active? Which nic are you trying to connect to? which NIC is ssh allowing connections from? You should have only one NIC working at one time unless you have some fancy bonding happening, otherwise, it's incorrect.

The idea is to have users connect to C1 via internet, then through C1 access the computers on the LAN. Some of the computers within the LAN will be copying things back and forth via ssh, which is why I need ssh to work for C1 too.

But hrm, that's a pretty good point with the two active connections. I guess I'm trying to connect to ssh on C1 through both NICs from different places. That's not impossible is it? I was not the original person who set this up, so I'm trying to figure it out as well.

I'll go in later today and try disconnecting the ethernet on C1 and see what happens.

Thanks for your input.

While logged into c1 can you ssh to c1 or is that connection refused also?

Are you using hosts.allow / hosts.deny at all?

If possible I would turn off IPtables while figureing this out.
service iptables stop should do it.

I checked the hosts.allow/deny and they're all empty.

When i'm already logged into C1, I can ssh into itself. So that seems to work okay.

Does SSH only accept connections from one device?

Good tip on the stopping the iptable service all together.
It works now. I can connect from the internet to C1 to C2 back to C1 all with ssh.
I guess there were still things in the iptables that were messing things up even though i did an iptables -P INPUT ACCEPT

I guess that leads me to another question
there's still a lot of junk in the iptables, how can i just get rid of some of those entries? the man page is still confusing.

Thanks!