LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-12-2012, 08:19 AM   #1
cardiner
LQ Newbie
 
Registered: Mar 2012
Posts: 10

Rep: Reputation: Disabled
ssh connection timed out...


Hello, i stumbled on a little problem today...

in few words I have 2 RH5 machines, i need to connect from one machine to another using ssh..everything is fine until i try to do it

When i am tryting to ssh user@host, i get after about minute connection timed out. The RSA key auterized keys are configured. entried in host file are added.

When i try to ping the host to which i am trying to connect everything seems to be fine. so i am trying to telnet ip port, says trying ip, then times out. OK i tracetour -n ip, and that is the place where i stack.

the out put is

traceroute -n 10.254.50.10
traceroute to 10.254.50.10 (10.254.50.10), 30 hops max, 40 byte packets
1 10.254.49.65 1.080 ms 0.999 ms 0.998 ms
2 10.255.145.122 1.279 ms 1.271 ms 1.248 ms
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

i actually dont know how it should look like, maybe some one could help. but still i cant connect.
 
Old 03-12-2012, 08:24 AM   #2
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Rep: Reputation: 7
Hello,

is sshd running on the destination machine?
is it listening on the port where you try to connect? (default 22)
is firewall enabled? if yes is it allows connection?
 
Old 03-12-2012, 08:33 AM   #3
cardiner
LQ Newbie
 
Registered: Mar 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
Okey, i checked and sshd is running, but how can i see if it listening, and if he is listening then what ports??

and i know that firewall is not enabled, because there is no need of it, its internal servers

thx in advance!

Last edited by cardiner; 03-12-2012 at 08:35 AM.
 
Old 03-12-2012, 08:37 AM   #4
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Rep: Reputation: 7
to see on which interface(s) and on port the sshd listening
netstat -tpln | grep ssh

Last edited by hurryi; 03-12-2012 at 08:39 AM. Reason: ^^
 
Old 03-12-2012, 08:38 AM   #5
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390
Hi,
Quote:
Originally Posted by cardiner View Post
how can i see if sshd running
Here are 2 ways:
Code:
service sshd status
ps -ef | grep sshd
Quote:
how can i see if it listening, and if he is listening then what ports??
Sshd listens, by default, on port 22. Here's one way using netstat:
Code:
netstat -plan | grep sshd
Quote:
and i know that firewall is not enabled, because there is no need of it, its internal servers thx in advance!
Did you actually turn the firewall off?

Hope this helps.
 
Old 03-12-2012, 08:42 AM   #6
cardiner
LQ Newbie
 
Registered: Mar 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
Okey its runing and listneing the posrt 22, but i may have spoken to realy about firewall, because i did not turn it off and i just assumed why would it be set up if its iternal server, but i probably should check if firewall is up, right? so question is how? and how can i check if firewall is blocking incoming connection?
 
Old 03-12-2012, 08:44 AM   #7
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Rep: Reputation: 7
/etc/init.d/iptables status

will show you if it is running or not
 
Old 03-12-2012, 08:46 AM   #8
cardiner
LQ Newbie
 
Registered: Mar 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
the outpoot is like

Quote:
Chain INPUT (policy ACCEPT)
num target prot opt source destination

Chain FORWARD (policy ACCEPT)
num target prot opt source destination

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
and i checked it with
Quote:
netstat -nat | grep :22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
so i guess its fine...so where to next?

Last edited by cardiner; 03-12-2012 at 08:48 AM.
 
Old 03-12-2012, 08:57 AM   #9
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390
Hi,

what is the output of the following commands (as root user):
Code:
# ssh with verbose output:
$ ssh -v user@host

# is host present in /etc/hosts file:
$ grep host /etc/hosts

# iptables seems not to be running, just in case:
$ service iptables status
Substitute user and host with proper values (don't use root as user....).
 
Old 03-12-2012, 09:02 AM   #10
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Rep: Reputation: 7
is there any network device between the 2 systems which could block access? (router, etc)

also you mentioned you can ping the system
is there any other service(open port), where you are able to connect? for eg httpd(tcp 80)

if it is allowed you can use port scanner tool like "nmap" to check it
 
Old 03-12-2012, 09:03 AM   #11
cardiner
LQ Newbie
 
Registered: Mar 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
so the out poot of first command is
Quote:
[root@tlnpatl07 etc]# ssh -v cacti@tlnpamt01.gi.telenor.com
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to tlnpamt01.gi.telenor.com [10.254.50.10] port 22.
debug1: connect to address 10.254.50.10 port 22: Connection timed out
ssh: connect to host tlnpamt01.gi.telenor.com port 22: Connection timed out
and yeah host is added in host file, and out put of third script

Quote:
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination

Chain FORWARD (policy ACCEPT)
num target prot opt source destination

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination

Last edited by cardiner; 03-12-2012 at 09:10 AM.
 
Old 03-12-2012, 09:08 AM   #12
cardiner
LQ Newbie
 
Registered: Mar 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by hurryi View Post
is there any network device between the 2 systems which could block access? (router, etc)

also you mentioned you can ping the system
is there any other service(open port), where you are able to connect? for eg httpd(tcp 80)

if it is allowed you can use port scanner tool like "nmap" to check it
how can i check if there are devices between thous 2 machines?
did not quite understood that about other services, sorry!
 
Old 03-12-2012, 09:17 AM   #13
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390Reputation: 2390
Hi,

Which host did you run the service iptables status command? On both servers I hope.....

What is the output of the following command (as root, from the server you ssh from):
Code:
nmap tlnpamt01.gi.telenor.com
 
Old 03-12-2012, 09:24 AM   #14
cardiner
LQ Newbie
 
Registered: Mar 2012
Posts: 10

Original Poster
Rep: Reputation: Disabled
yeah on both servers

and output of that command is

Quote:
All 1680 scanned ports on tlnpamt01.gi.telenor.com (10.254.50.10) are filtered

Nmap finished: 1 IP address (1 host up) scanned in 35.391 seconds
hmm, does that mean there is not an open port on server i am trying to connect?

because i tried to another servers and it showed me There is interesting ports 22/tcp open ssh!

Last edited by cardiner; 03-12-2012 at 09:25 AM.
 
Old 03-12-2012, 09:31 AM   #15
hurryi
Member
 
Registered: Apr 2010
Distribution: RHEL
Posts: 77

Rep: Reputation: 7
Quote:
Originally Posted by cardiner View Post
how can i check if there are devices between thous 2 machines?
did not quite understood that about other services, sorry!
well if you are asking this thats probably means you are not the network administrator there
you should contact them

about other services, i just wanted to see if other ports can be seen open or all of them filtered
most likely it is firewall issue somewhere as ping(icmp) worked for you, that means network connection is possible (of course if you pinged the right ip ^^)

how many interfaces the systems has?
ifconfig - will show you the active interfaces

route -n - will show you the routing table used by the system
you should then know which interface and then which gateway is used
who is responsible/can access that gateway?

so if you are only responsible for the 2 hosts you will need network admin assistance i believe
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh port 22 connection timed out dev21082 Linux - Newbie 18 07-17-2013 08:37 AM
ssh: connection to host port: 22: Connection timed out lost connection cucolin@ Linux - Server 4 11-22-2011 07:15 AM
ssh connection timed out johnquatrehuit Linux - Networking 2 08-20-2010 06:36 PM
[SOLVED] SSH connection timed out dgomez Linux - Networking 3 12-27-2009 02:05 PM
SSH Connection timed out davhak Linux - Networking 13 03-18-2007 04:41 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 09:35 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration