Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
01-29-2007, 04:45 PM
|
#1
|
Member
Registered: Nov 2005
Posts: 144
Rep:
|
ssh: Connection reset by peer
Hello,
I have a strange problem logging into my machine via ssh. Some time ago it worked perfectly, but now it doesn't.
I'm connected to thze Internet with a router, so I use NAT.
When I login via ssh using my local IP 192.168.2.100, it works. But when I try to login using the public IP 84.123.3.12 or so, I get the following error:
Code:
me@mymachine:~/.ssh$ ssh -p 1007 84.125.31.36 -vvvv
OpenSSH_4.2p1 Debian-7ubuntu3.1, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 84.125.31.36 [84.125.31.36] port 1007.
debug1: Connection established.
debug1: identity file /home/lo/.ssh/identity type -1
debug1: identity file /home/lo/.ssh/id_rsa type -1
debug1: identity file /home/lo/.ssh/id_dsa type -1
ssh_exchange_identification: read: Connection reset by peer
(I use 1007 as my public port; the problem persists if i switch to port 22)
I appreciate any advice,
Lotharster
|
|
|
01-29-2007, 04:57 PM
|
#2
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
well more than likely you're getting notihng more than a rst packet back from the server... i guess your sshd is configured to only lsten on one interface? or you have a firewall rejecting connections to that port on the internet side?
|
|
|
01-29-2007, 05:05 PM
|
#3
|
Member
Registered: Nov 2005
Posts: 144
Original Poster
Rep:
|
Quote:
Originally Posted by acid_kewpie
well more than likely you're getting notihng more than a rst packet back from the server...
|
But why would it say "Connection established" then?
Quote:
i guess your sshd is configured to only lsten on one interface?
|
I only have one network card.
Quote:
Or you have a firewall rejecting connections to that port on the internet side?
|
How can I detect if the connection "got through" to my machine?
|
|
|
01-29-2007, 05:27 PM
|
#4
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
if you sit on the server and run "tcpdump -vn port 22" you'll see all the ins and outs as far as the server is concerned.
|
|
|
01-29-2007, 05:36 PM
|
#5
|
Member
Registered: Nov 2005
Posts: 144
Original Poster
Rep:
|
With tcpdump, I see incoming packages for port 22. So the problem lies with my server. Any ideas?
|
|
|
01-29-2007, 05:39 PM
|
#6
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
list your firewall with "iptables -L" check /etc/ssh/sshd_config for listnening addresses, check /etc/hosts.allow and /etc/hosts.deny for tcpwrapper based restrcitions. also check /var/log/secure for logs if there are any.
|
|
|
01-29-2007, 05:54 PM
|
#7
|
Member
Registered: Nov 2005
Posts: 144
Original Poster
Rep:
|
Quote:
list your firewall with "iptables -L"
|
Seems I don't have iptablkes installed.
Quote:
check /etc/ssh/sshd_config for listnening addresses
|
that looks OK:
Code:
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
Quote:
check /etc/hosts.allow and /etc/hosts.deny for tcpwrapper based restrcitions.
|
I already did that...
Quote:
also check /var/log/secure for logs if there are any.
|
There's no /var/log/secure on my machine. syslog and auth.log doesn't show anything ssh-related.
Thanks acid_kewpie. I have to leave for now, I'm gonna check for suggestions tomorrow.
regards,
Lotharster
|
|
|
All times are GMT -5. The time now is 09:32 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|