LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-01-2010, 07:05 AM   #1
bweaver
Member
 
Registered: Nov 2010
Posts: 44

Rep: Reputation: 0
SSH time out on login attempt from remote box: command needed to check port 22


I have set up a user to login remotely to our Red Hat 5 server via SSH. A rule in our department firewall enables this user to login from a single static ip address. The ssh port on our server is 22. I am able to login to port 22 from locations within our department firewall. Our administrator says the firewall configuration is unchanged.

The remote user had been successful logging in. But now the remote user gets a Connection Timed Out message, before being asked to authenticate by the server.

I regenerated security keys, but the remote user still gets the connection timed out message. (I can login locally with the new keys).

I suspect either a firewall or an authentication problem--inclining a firewall problem. Am I correct?


Is there a Linux command to check whether port 22 is available or blocked, prior even to authentication, for login from the user's remote location?
 
Old 12-01-2010, 07:12 AM   #2
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,528

Rep: Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899
You can use nmap to see if the port is open
Code:
nmap -p 22 IP
Kind regards
 
Old 12-01-2010, 08:55 AM   #3
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 782
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
Telnet to port 22:

Code:
telnet myhomenetwork.org 22
You should get an SSH banner if the port is open. This will work even without having to authenticate.
 
Old 12-01-2010, 03:57 PM   #4
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
And, to round out your list of possible options, you can also scan with netcat:

Code:
$ nc -zvw 1 host_here 22
See the nc(1) manpages for details.

---

I'd add that in OP's case it would be useful to watch packets with tcpdump(8). Although each of the scanning tools mentioned technically demonstrates the same thing about tcp handshaking, it's a good idea to see what is happening on a lower level. (i.e. SYN sent but no SYN-ACK received?)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] notify the administrator for every remote login attempt kabazzi Linux - General 11 02-09-2013 09:15 AM
SSH : Takes a long time to login to a remote server TomCruise2002 Linux - Networking 8 12-04-2011 01:01 PM
Command line on Windows Box (ndiswrapper install attempt) endle Linux - Newbie 1 08-27-2008 12:56 AM
illegal ssh login attempt killing me ridwan77 Linux - Security 9 05-30-2006 03:27 AM
SSH : Takes a long time to login to a remote server TomCruise2002 Linux - Enterprise 1 12-16-2005 06:58 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:36 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration