LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-04-2007, 10:19 AM   #1
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Rep: Reputation: 30
SSH: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.


Hi guys,

I have a server which has 2 IP addresses (2 NIC)
1 public
1 private

Anyway, I have always SSH in to this server, via the private ip from another server. In fact, I can ssh into this server via another server even if I use the public IP.

Problem is, now I can't access the server via the public ip directly (over internet etc)

in /var/logs/secure, I am getting...

Quote:
error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
I've tried ssh localhost from the same machine and it works.
I even try uncommenting the line that specify it to search for IPv6 in sshd_config and still it doesn't work.

Have restarted service etc.. nope

Now left to reset the machine, which I will be doing tommorrow morning when lesser people are using it... but any idea?

thanks!
 
Old 05-04-2007, 10:30 AM   #2
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 47
Post the output of
Code:
netstat -an
and
Code:
lsof -p `ps  -ef | grep [/]sshd | awk '{print $2}'`
and we'll be able to see what's going on!

cheers

Jamie
 
Old 05-04-2007, 02:54 PM   #3
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
netstat output (removed public ips)
In between got a space because there's more similiar entrees but I thought I cut short. Also *** is to mask the ip address.
Quote:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 192.168.10.60:53 0.0.0.0:* LISTEN
tcp 0 0 ***.***.***.***:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
tcp 0 0 192.168.10.60:3306 192.168.10.206:54792 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.60:32797 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.60:32798 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54805 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.60:32790 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.60:32786 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35422 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35415 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35407 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54623 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54627 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:55677 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:55676 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54633 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54632 ESTABLISHED
tcp 0 0 192.168.10.60:32790 192.168.10.60:3306 ESTABLISHED
tcp 0 0 192.168.10.60:32786 192.168.10.60:3306 ESTABLISHED
tcp 0 0 192.168.10.60:32798 192.168.10.60:3306 ESTABLISHED
tcp 0 0 192.168.10.60:32797 192.168.10.60:3306 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54636 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54897 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54640 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54899 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54898 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35436 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54901 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54647 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.208:35433 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54651 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54650 ESTABLISHED

tcp 0 0 192.168.10.60:3306 192.168.10.206:42947 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54725 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54729 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54732 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54735 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:42959 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54741 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54744 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54752 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54754 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54760 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:42998 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.206:54776 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50688 ESTABLISHED
tcp 0 0 192.168.10.60:22 192.168.10.105:48497 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.205:41007 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50511 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50516 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50524 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50525 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50531 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50540 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50545 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.207:50549 ESTABLISHED
tcp 0 0 192.168.10.60:3306 192.168.10.205:40925 ESTABLISHED
tcp 0 0 :::80 :::* LISTEN
tcp 0 0 ::1:953 :::* LISTEN
tcp 0 0 :::443 :::* LISTEN
udp 0 0 0.0.0.0:32768 0.0.0.0:*
udp 0 0 0.0.0.0:32770 0.0.0.0:*
udp 0 0 0.0.0.0:678 0.0.0.0:*
udp 0 0 192.168.10.60:53 0.0.0.0:*
udp 0 0 ***.***.***.***:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
udp 0 0 0.0.0.0:631 0.0.0.0:*
udp 0 0 :::32769 :::*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 6367 /tmp/.font-unix/fs7100
unix 2 [ ACC ] STREAM LISTENING 6174 /var/lib/mysql/mysql.sock
unix 2 [ ] DGRAM 6476 @/var/run/hal/hotplug_socket
unix 2 [ ACC ] STREAM LISTENING 6301 /dev/gpmctl
unix 13 [ ] DGRAM 5022 /dev/log
unix 2 [ ] DGRAM 3190 @udevd
unix 2 [ ACC ] STREAM LISTENING 5537 /var/run/acpid.socket
unix 2 [ ACC ] STREAM LISTENING 6426 /var/run/dbus/system_bus_socket
unix 2 [ ] DGRAM 8211
unix 3 [ ] STREAM CONNECTED 8134
unix 3 [ ] STREAM CONNECTED 8133
unix 3 [ ] STREAM CONNECTED 6474 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 6473
unix 2 [ ] DGRAM 6444
unix 3 [ ] STREAM CONNECTED 6429
unix 3 [ ] STREAM CONNECTED 6428
unix 2 [ ] DGRAM 6383
unix 2 [ ] DGRAM 6369
unix 2 [ ] DGRAM 6325
unix 2 [ ] DGRAM 6295
unix 2 [ ] DGRAM 5940
unix 2 [ ] DGRAM 5913
unix 2 [ ] DGRAM 5836
unix 3 [ ] STREAM CONNECTED 5397
unix 3 [ ] STREAM CONNECTED 5396
unix 2 [ ] DGRAM 5288
unix 2 [ ] DGRAM 5138
unix 2 [ ] DGRAM 5116

lsof - what is this command for?
Quote:
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
sshd 2370 root cwd DIR 8,9 4096 2 /
sshd 2370 root rtd DIR 8,9 4096 2 /
sshd 2370 root txt REG 8,9 340040 488677 /usr/sbin/sshd
sshd 2370 root mem REG 8,9 105120 507386 /lib64/ld-2.3.4.so
sshd 2370 root mem REG 8,9 35176 488770 /usr/lib64/libwrap.so.0.7.6
sshd 2370 root mem REG 8,9 35024 507604 /lib64/libpam.so.0.77
sshd 2370 root mem REG 8,9 17959 507596 /lib64/libdl-2.3.4.so
sshd 2370 root mem REG 8,9 1225336 507389 /lib64/libcrypto.so.0.9.7a
sshd 2370 root mem REG 8,9 17375 507324 /lib64/libutil-2.3.4.so
sshd 2370 root mem REG 8,9 79336 484026 /usr/lib64/libz.so.1.2.1.2
sshd 2370 root mem REG 8,9 107367 507600 /lib64/libnsl-2.3.4.so
sshd 2370 root mem REG 8,9 30078 507606 /lib64/libcrypt-2.3.4.so
sshd 2370 root mem REG 8,9 91436 507327 /lib64/libresolv-2.3.4.so
sshd 2370 root mem REG 8,9 62504 507603 /lib64/libselinux.so.1
sshd 2370 root mem REG 8,9 93832 488123 /usr/lib64/libgssapi_krb5.so.2.2
sshd 2370 root mem REG 8,9 464040 487083 /usr/lib64/libkrb5.so.3.2
sshd 2370 root mem REG 8,9 145424 486809 /usr/lib64/libk5crypto.so.3.0
sshd 2370 root mem REG 8,9 10384 511243 /lib64/libcom_err.so.2.1
sshd 2370 root mem REG 8,9 1490956 507593 /lib64/tls/libc-2.3.4.so
sshd 2370 root mem REG 8,9 56807 507365 /lib64/libnss_files-2.3.4.so
sshd 2370 root 0u CHR 1,3 1650 /dev/null
sshd 2370 root 1u CHR 1,3 1650 /dev/null
sshd 2370 root 2u CHR 1,3 1650 /dev/null
sshd 2370 root 3u IPv4 5811 TCP *:ssh (LISTEN)

btw, i am having problem ftp-ing in too
 
Old 05-06-2007, 02:32 AM   #4
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
hi guys anyone?
 
Old 05-06-2007, 02:44 AM   #5
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 47
Quote:
Originally Posted by Swakoo
lsof - what is this command for?
lsof lists open files, including network sockets that are in use. It was really just so I could see what port sshd was listenening on.
Quote:
Originally Posted by Swakoo
btw, i am having problem ftp-ing in too
Uhm... I can't see anything wrong in these. You got a firewall setup with iptables? If so are you sure that's not the cause of your problems?

HTH

Jamie
 
Old 05-06-2007, 09:06 PM   #6
Swakoo
Member
 
Registered: Apr 2005
Distribution: Red Hat / Fedora / CentOS
Posts: 508

Original Poster
Rep: Reputation: 30
I'll be damm... I'm sure even with iptables OFF it wasn't working before... (SSH and FTP).. but i did a reset a couple of days back, but didn't thought of trying to turn off the iptables... now it works...

I'll be damm.
Nonetheless, thanks for your help!

since we are on the topic, can I ask 2 things?

1) lsof list open files you were saying. we use that to check for connections becase sockets are basically file descriptors?

2) i always find iptables configuration a big mystery, you reckon any good tutorials i can base on to configure my own?
Is it ok i configure iptables config file directly?
 
Old 05-08-2007, 04:24 AM   #7
nitinatindore
Member
 
Registered: Dec 2004
Location: India
Distribution: Mandrake, Mandriva, PclinuxOS
Posts: 114

Rep: Reputation: 15
Lightbulb

Quote:
Originally Posted by Swakoo
2) i always find iptables configuration a big mystery, you reckon any good tutorials i can base on to configure my own?
Is it ok i configure iptables config file directly?
This one's really good. From the makers of iptables...fresh and crispy.........
http://www.netfilter.org/documentati...entation-howto

If you find the above also difficult, try using some gui frontends such as firestarter,etc. Or may be other commnad line utilities(firewalls) to configure a proper firewall may be something like shorewall??
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[crit] (98) Address already in use: make_sock could not bind to port 3339. ForumKid Linux - Networking 4 06-10-2008 02:38 AM
SSH tricks -- any way to block failed attempts by IP address tensigh Linux - Security 10 06-06-2008 03:46 PM
Trouble with ssh port forward (bind address) Ratclaws Linux - Security 3 04-24-2007 05:26 PM
Setting up SSH to bind to one and only one IP address Harlin Linux - Networking 5 06-07-2006 07:16 AM
Logwatch reports SSHD Killed: / Failed to bind: 0.0.0.0 port 22 rioguia Linux - Security 1 08-13-2005 12:24 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration