LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-29-2016, 10:13 PM   #1
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Rep: Reputation: 57
SSH connection timed out all of a sudden


Hi,

I tried booting my Centos 7 machine on virtualbox last night, and it booted without errors. However, upon trying to login using Putty on my Windows 8.1 host, I get connection timed out error. I don't remember anything I changed before I shut it down maybe a week ago.

* Can ping IP from host (can't try telnet ip port from host because I can't install telnet on my Win 8.1)
* sshd config makes use of protocol 2, port 6999
* systemctl status sshd shows sshd service open, listening on port 6999
* tcpdump shows packets received, but has the error "admin prohibited"
* putty set to port 2 only
* semanage port -l shows sshd_port_t
* firewall-cmd --list-port and --list-service show sshd and 6999 already

Any ideas?

Thanks!

Last edited by ilesterg; 03-01-2016 at 06:55 AM.
 
Old 03-01-2016, 06:55 AM   #2
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Original Poster
Rep: Reputation: 57
Bump :'(
 
Old 03-01-2016, 07:13 AM   #3
schneidz
LQ Guru
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 5,235

Rep: Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914
what does:
Code:
ssh -v -v -v # on the client
#and
/usr/sbin/sshd -d -d -d # on the server
print out when trying to connect ?
 
Old 03-01-2016, 09:01 AM   #4
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Original Poster
Rep: Reputation: 57
PF attached for the output of /sbin/sshd -ddd. If I may ask, should the terminal display anything when I try connecting from the client? cos it didn't move at all when I tried connection from the client.
Attached Thumbnails
Click image for larger version

Name:	ss1.jpg
Views:	454
Size:	178.9 KB
ID:	21000  
 
Old 03-01-2016, 09:02 AM   #5
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Original Poster
Rep: Reputation: 57
2nd ss contains output of tcpdump. 3rd is of semanage and firewall-cmd entries. Thanks!
Attached Thumbnails
Click image for larger version

Name:	ss2.jpg
Views:	83
Size:	170.6 KB
ID:	21001   Click image for larger version

Name:	ss3.jpg
Views:	74
Size:	60.2 KB
ID:	21002  

Last edited by ilesterg; 03-01-2016 at 09:56 AM.
 
Old 03-01-2016, 09:07 AM   #6
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Original Poster
Rep: Reputation: 57
My host is a windows 8.1, so i can't do ssh -vvv, however, i found putty's logging mechanism, and the best I got is this:

Code:
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2016.03.01 23:03:57 =~=~=~=~=~=~=~=~=~=~=~=
Event Log: Writing new session log (SSH raw data mode) to file: C:\Users\Paper\Desktop\tools\kiss\putty.log
Event Log: Looking up host "centos7db.net"
Event Log: Connecting to 192.168.84.101 port 6999
Event Log: We claim version: SSH-2.0-PuTTY_Release_0.66
Event Log: Failed to connect to 192.168.84.101: Network error: Connection timed out
Event Log: Network error: Connection timed out
 
Old 03-01-2016, 09:49 AM   #7
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Original Poster
Rep: Reputation: 57
Clinging to the small hope of getting anything from ssh -vvv, I installed a minimal centos VM, then tested ssh -vvv. Unfortunately, this is only what I got.
Code:
[root@centosmini ~]# ssh -vvv -oPort=6999 -oIdentityFile=dbadm_key1 dbadm@192.168.84.101
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.84.101 [192.168.84.101] port 6999.
debug1: connect to address 192.168.84.101 port 6999: Connection timed out
ssh: connect to host 192.168.84.101 port 6999: Connection timed out
[root@centosmini ~]# ping 192.168.84.101
PING 192.168.84.101 (192.168.84.101) 56(84) bytes of data.
64 bytes from 192.168.84.101: icmp_seq=1 ttl=63 time=0.909 ms
64 bytes from 192.168.84.101: icmp_seq=2 ttl=63 time=1.43 ms
64 bytes from 192.168.84.101: icmp_seq=3 ttl=63 time=1.39 ms
64 bytes from 192.168.84.101: icmp_seq=4 ttl=63 time=1.43 ms
^C
--- 192.168.84.101 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3582ms
rtt min/avg/max/mdev = 0.909/1.291/1.436/0.222 ms
[root@centosmini ~]#
 
Old 03-01-2016, 09:55 AM   #8
schneidz
LQ Guru
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 5,235

Rep: Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914
Quote:
Originally Posted by ilesterg View Post
My host is a windows 8.1, so i can't do ssh -vvv, ...
have you tried running that from the centos pc ?:
Code:
ssh -v -v -v localhost

Last edited by schneidz; 03-01-2016 at 09:58 AM.
 
Old 03-01-2016, 10:08 AM   #9
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Original Poster
Rep: Reputation: 57
Yup, unfortunately, localhost connections work just fine.
 
Old 03-01-2016, 10:09 AM   #10
schneidz
LQ Guru
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 5,235

Rep: Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914Reputation: 914
maybe firewalld/selinux is filtering connections somehow ?
 
Old 03-01-2016, 10:25 AM   #11
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,735

Rep: Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295
It may be a routing problem...

I would have expected not a "timeout" but "connection refused" with a firewall block.

You can try something with netcat by trying to connect to the remote server (you won't get logged in, but you should get the public key sent back). If that times out (it should take a while), it could be a firewall using a "drop" rule, or a route established in error causing the packets to go off into the never-never.
 
Old 03-01-2016, 10:28 AM   #12
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Original Poster
Rep: Reputation: 57
I have been trying to blame firewalld so I have enable debugging by updating the config file /etc/sysconfig/firewalld and updated the variable FIREWALLD_ARGS to FIREWALLD_ARGS=--debug=2, then restarting the service (service firewalld restart), however, /var/log/firewalld does not appear to contain logs on packet drops, etc. It appears that this is the case of firewalld. [blog, forum].

I'm currently looking at selinux, but it would be really strange because I never dared playing with SELinux.
 
Old 03-01-2016, 10:42 AM   #13
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,735

Rep: Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295Reputation: 1295
SELinux won't cause timeouts.

If a disabled firewalld on the server and you can't make connections it isn't a firewall problem.
 
Old 03-01-2016, 10:54 AM   #14
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Original Poster
Rep: Reputation: 57
Quote:
Originally Posted by jpollard View Post
SELinux won't cause timeouts.

If a disabled firewalld on the server and you can't make connections it isn't a firewall problem.
I'm quite frustrated that I haven't thought about disabling the firewall then try to login. Well when I did, I got in. It's now quite straightforward to assume that firewalld is causing the problem, right? I'll see what more I can find out and report back.
 
Old 03-01-2016, 11:01 AM   #15
ilesterg
Member
 
Registered: Jul 2012
Distribution: Arch, Debian, and CentOS/RHEL
Posts: 561

Original Poster
Rep: Reputation: 57
Well, I'll be damned.

Code:
[dbadm@centos7db ~]$ firewall-cmd --get-active-zones
public
  interfaces: enp0s3 enp0s8
[dbadm@centos7db ~]$ firewall-cmd --list-all
public (default, active)
  interfaces: enp0s3 enp0s8
  sources:
  services: dhcpv6-client http ssh
  ports: 6969/tcp
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:

[dbadm@centos7db ~]$ sudo firewall-cmd --delete-port 6969
usage: see firewall-cmd man page
firewall-cmd: error: unrecognized arguments: --delete-port 6969
[dbadm@centos7db ~]$ sudo firewall-cmd --remove-port 6969
bad port (most likely missing protocol), correct syntax is portid[-portid]/protocol
[dbadm@centos7db ~]$ sudo firewall-cmd --remove-port tcp/6969
Error: INVALID_PORT: tcp
[dbadm@centos7db ~]$ sudo firewall-cmd --remove-port 6969/tcp
success
[dbadm@centos7db ~]$ sudo firewall-cmd --add-port 6999/tcp
success
[dbadm@centos7db ~]$ sudo firewall-cmd --add-port 6999/tcp --permanent
success
[dbadm@centos7db ~]$ systemctl restart firewalld
 
  


Reply

Tags
connection timeout, sshd


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] ssh connection timed out... cardiner Linux - Newbie 20 03-12-2012 09:16 AM
ssh: connection to host port: 22: Connection timed out lost connection cucolin@ Linux - Server 4 11-22-2011 06:15 AM
ssh connection timed out johnquatrehuit Linux - Networking 2 08-20-2010 05:36 PM
[SOLVED] SSH connection timed out dgomez Linux - Networking 3 12-27-2009 01:05 PM
SSH Connection timed out davhak Linux - Networking 13 03-18-2007 03:41 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:35 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration