Hello,

I have recently installed Ubuntu Server 12.04 on my home server. There are 2 issues that I am trying to solve.

First of all, I am having trouble connecting using Putty on my Windows 7 machine on the local network. I can, however, connect locally using my laptop which has Debian 6.0.4 and it works great so I am sure that I have the ssh server up and running on the server machine. The only 3 lines that I changed in the sshd_config file were "Port xxxx", "PermitRootLogin no", and "X11Forwarding no", everything else is default.

In Putty I enter the local static IP (which I set) of the server and the port which I am now using after changing the sshd_config file. I also set the correct auto-login username for the server. When I try to connect, it gives me: "Putty Fatal Error: Network Error: Connection Refused"

Also I am having trouble connecting remotely from my laptop with Debian 6.0.4 on it. I did enable port forwarding on the correct port in my router. In Debian I try to use the command:

ssh username@xxx.xxx.xxx.xxx -p xxxx

using the public IP address of my home network and the port that I have opened up on that network. I receive the same "Connection Refused".

I am wondering if there are certain settings in the sshd_config file that I need to change? Maybe restarting the router? I am not at home and cannot connect to the server machine right now, as I said, but I was hoping for some suggestions or maybe someone has had the same issues and knows exactly how to fix it. Thank you.

Scott.

soudns like the iptables firewall rules on ubuntu are configured to not allow the right port in. SSHD itself will not require any changes whatever, but as you've changed the port number (did you have a good reason??) then that needs to be opened up on the rules.

Just for security purposes. As I have been researching, it seemed like a general consensus that it was a good idea to change from the default port 22.

So how would I go about changing the Ubuntu firewall settings?

obscurity is not really security. If this is just on a LAN, change it back.

I've not used Ubuntu for a while, so someone may well correct me, but first off check that ufw is running - "sudo ufw status". try disabling it - "sudo ufw disable" and try connecting again. Presuming that does work, reenable and add port access ass per the rest of the docs - https://help.ubuntu.com/community/UFW

OK, thank you for your replies. The Putty issue is just on the LAN, but I am trying to set it up so I can remote in as well from other locations. That is where I thought I would need to be a little more obscure in my port selection. I am first going to try and change the port back and see if that fixes it, because that will be a good indication if that is the issue. Then I can dig into the Ubuntu firewall stuff if I feel the need to after that.

Looking around, there are people saying that ufw isn't even running by default, so do check.

Ultimately, you can print the REAL REAL iptables rulebase running underneath ufe with "iptables -vnL" that'll give you , and us, a very clear view of what's going on at a distro agnostic level.

UFW is inactive by default. I changed the port back to 22 and at least the Putty issue is definitely resolved. I will check later tonight to see if I can remote in from another network. Thank you for your help. So there is no real advantage to changing the port that I use for my remote connections?

Yes, it stops all the bots from hammering on your port 22 and filling your logs.

Simply forward a random high external port to port 22 on your local machine, and use that high port from outside.