LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Accessing SSH thru the net. (https://www.linuxquestions.org/questions/linux-security-4/accessing-ssh-thru-the-net-162723/)

TRi-x2 03-26-2004 02:44 PM

Accessing SSH thru the net.
 
Hey, I'm in the process of installing gentoo linux, and I've been installing it thru ssh the entire time. Now, I want to continue the installation thru ssh, but I can't seem to be able to log into it from outside.

Putting in my internal LAN ip is useless, and using the routers regular ip that shows to the internet doesn't work either. I set port forwarding on the router, but that didn't help either.

Anyone have any idea what to do?

Hangdog42 03-26-2004 05:14 PM

Is your firewall blocking ssh from the internet? Can you still use ssh from inside your LAN? If you are pointing at the router's IP address and have port 22 forwarded to the right LAN IP address, that is good, but there are other places to trip up.

TRi-x2 03-26-2004 10:15 PM

My router's firewall is off. I can access ssh from within the network, and I have port 22 forwarding on the proper machine. I don't know about the internal gentoo firewall, though I saw no documentation on it.

What are the other things I should check for this?

Hangdog42 03-27-2004 06:53 AM

The command iptables -L should show you the local firewall (you may have to be su to use this command). If you don't understand the output, post it and we can take a look. The other place to look would be in your /etc/hosts.deny file. It could be that entries there are causing trouble.

The fact that you can use ssh within your lan really points to either the local firewall or the router as the source of the problem.

TRi-x2 03-27-2004 05:45 PM

I tried the iptables command, and it seems there's no firewall installed on it since it didn't work.

As for hosts.deny, there was no such file even. There was a hosts file and here's what it said :

Code:

127.0.0.1      localhost
# IPV6 versions of localhost and co
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
"/etc/hosts" 8L, 197C


Hangdog42 03-28-2004 07:48 AM

Quote:

I tried the iptables command, and it seems there's no firewall installed on it since it didn't work.
OK, it must have done something, if even an error message saying the command couldn't be found. Iptables is the default firewall for pretty much every linux distribution, so it is highly likely to be installed. Were you su or root when you tried the command? By default, iptables is usually installed in a directory only root has access to.

If you don't have a hosts.deny, that is OK. However, you might want to run find / -name hosts.deny just to be sure. Again, run this after becoming su so it can scan all the directories. The hosts file you posted is a different beast entirely and it probably won't concern us for this problem.

The other thing to do is to try to log in both from within and from outside your LAN and see if any information from ssh shows up in either /var/log/syslog or /var/log/messages


All times are GMT -5. The time now is 03:04 PM.