SSH timing out

Blunda · 10-24-2012, 06:50 AM

Hello

I am attempting to make an ssh connection between 2 linux boxes. One is running sabayon 10 and the other is running crunchbang wich is a debian varient. Now I am able to SSH from the sabayon box to the crunchbang box but when I try to SSH from the crunchbang box it just times out.

I am fairly new to linux so Im not sure which logs to look at.

Any help would be much appreciated.

dushyantgohil · 10-24-2012, 07:16 AM

have you installed ssh server?
check SSH service is runnning
is port of ssh is opened

check with these things.

FrankP · 10-24-2012, 07:21 AM

Hi, if the connection is established but then times out, and especially since your problem occurs one way round and not the other, it might be down to the ISP providing one end of the connection. Is that so for your setup? For example, if the #! box is on cable or ADSL your ISP might have policies in place that terminate always-open connections.

In my case, with VirginMedia in the UK, I have found adding a ~/ssh/config file with following settings in has helped:

Code:

Host *
ServerAliveCountMax=20
ServerAliveInterval=45

Your mileage may vary, but experimenting with these settings or similar may be worthwhile.

To check logs (if necessary) then look at /var/log/auth.log on the destination host. It should record every attempt at authentication but may not provide much more help.
The global config for ssh is set by /etc/ssh/ssh_config (outgoing) and /etc/ssh/sshd_config (incoming).

Blunda · 10-24-2012, 07:51 AM

Hello

SSH is installed on both servers and it is running on both, this has been checked.

how do i check ssh port is open?

Connecting from #! to sabayon doesnt connect at all just times out attempting to connect. Although funnyly enough I am also on virgin media. but if it is down to ISP surely it shouldnt go either way? both these servers are on the same lan with the same subnet mask.

Habitual · 10-24-2012, 08:42 AM

Quote:

Originally Posted by Blunda

...how do i check ssh port is open?...

Code:

telnet sabayon 22

is the easy test

epislav · 10-24-2012, 08:47 AM

or run iptabes-save and post result

epislav · 10-24-2012, 08:51 AM

or try:
iptables -P INPUT ACCEPT
which will allow all incomming connections till reboot

Blunda · 10-24-2012, 10:17 AM

@epislav - iptables -P INPUT ACCEPT woked! Thanks

Im guessing that means the firewall is blocking port 22? How do I add it to exceptions?

Blunda · 10-24-2012, 11:48 AM

HELP! I have made the below script to allow the ssh port which works but now I am unable to connect to internet no matter what! I saved the iptables so restarting dosent help either! Any help would be much appreciated thanks!

#!/bin/sh
# My system IP/set ip address of server
SERVER_IP="65.55.12.13"
# Flushing all rules
iptables -F
iptables -X
# Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# Allow unlimited traffic on loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

# Allow incoming ssh only
iptables -A INPUT -p tcp -s 0/0 -d $SERVER_IP --sport 513:65535 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s $SERVER_IP -d 0/0 --sport 22 --dport 513:65535 -m state --state ESTABLISHED -j ACCEPT
# make sure nothing comes or goes out of this box
iptables -A INPUT -j DROP
iptables -A OUTPUT -j DROP

Blunda · 10-24-2012, 02:54 PM

Its OK! Ive worked it out. Helps to be able to read!