tracert for ssh?
As of yesterday all ssh activity to the data center where I host my servers stopped. All attempted ssh connections return "Connection failed". Unfortunately I do not have any other ssh servers elsewhere to test to verify that the problem is not on the ISP side. Since the ISP is not open until Monday @ 9AM I was hoping to have more detail prior to calling because they are usually a little resistant to any technical input without ample evidence.
Is there a cygwin/linux utility for performing a tracert over 22? I need to determine whether my ISP (a small WISP) or the data center is blocking the port. I have done a -v on ssh but it does not provide enough detail where the problem is occurring and the connection has been attempted by name and directly to each server via their IPs. Code:
$ telnet "my server ip" 22 Code:
$ ssh -v user@"my server name" Thank you in advance for your assistance. |
Use tcpdump:
tcpdump -nn -v port 22 and do telnet to your shell. It will show you who is answering to your telnet. |
nimnull22, thanks for the response.
If I'm reading the output of the tcpdump correctly the destination IP is getting the request and never responding. I was able to connect from another computer today (via VPN) however my home network is still not working. Code:
uzer@uzer-laptop:~$ sudo tcpdump -nn -v port 22 |
Since I am 3 days behind on some website updated I added an alternate port to my sshd_config and it is working fine however it would be helpful as well as educational to isolate why it will not accept connections from my IP on port 22.
|
Any other recommendations?
Yes, you have to contact your ISP and ask for the explanations. Also try to connect something else to port 22 from your home network. For example you can "telnet IP 22" to any your friend's computer, just to check. You have to make sure that packets leave your home network router. You have to receive "connection refused" from remote IP, you will be able to see it in tcpdump output. If nothing will come back, that could mean your packets are dropped somewhere. |
Quote:
Do a traceroute to get a list of IP address between these hosts. Then watching with tcpdump, try to telnet to port 22 on each one, one at a time, and see where you get "connection refused" and where you don't. Where you get connection refused, port 22 is getting to there. But seriously, just leave port 22 disabled and use another port or two ... ports not typically used for anything. Leave tcpdump running for a while with typical traffic your your server not dumped, and see what ports the script kiddies are poking at these days. Don't use any of those for SSH, either. Some day, they pay start port scanning to find hidden SSH ports. Then we'll need something more advanced like a "knock knock" protocol to open ports. |
nc (netcat) might have some value.
|
All times are GMT -5. The time now is 04:28 PM. |