-   Linux - Security (
-   -   SSH time out on login attempt from remote box: command needed to check port 22 (

bweaver 12-01-2010 07:05 AM

SSH time out on login attempt from remote box: command needed to check port 22
I have set up a user to login remotely to our Red Hat 5 server via SSH. A rule in our department firewall enables this user to login from a single static ip address. The ssh port on our server is 22. I am able to login to port 22 from locations within our department firewall. Our administrator says the firewall configuration is unchanged.

The remote user had been successful logging in. But now the remote user gets a Connection Timed Out message, before being asked to authenticate by the server.

I regenerated security keys, but the remote user still gets the connection timed out message. (I can login locally with the new keys).

I suspect either a firewall or an authentication problem--inclining a firewall problem. Am I correct?

Is there a Linux command to check whether port 22 is available or blocked, prior even to authentication, for login from the user's remote location?

repo 12-01-2010 07:12 AM

You can use nmap to see if the port is open

nmap -p 22 IP
Kind regards

unixfool 12-01-2010 08:55 AM

Telnet to port 22:


telnet 22
You should get an SSH banner if the port is open. This will work even without having to authenticate.

anomie 12-01-2010 03:57 PM

And, to round out your list of possible options, you can also scan with netcat:


$ nc -zvw 1 host_here 22
See the nc(1) manpages for details.


I'd add that in OP's case it would be useful to watch packets with tcpdump(8). Although each of the scanning tools mentioned technically demonstrates the same thing about tcp handshaking, it's a good idea to see what is happening on a lower level. (i.e. SYN sent but no SYN-ACK received?)

All times are GMT -5. The time now is 07:57 PM.