iptables - how to open port 22 (I guess)
I am feeling reasonably clueless about this one .... I am trying to connect to a new server using PuTTY and get SSH Connection Refused. I have been following the The Perfect Server for Gutsy tutorial on howtoforge. I am up to page 3 where it says "From now on you can use an SSH client and connect from your workstation".
Good if it works but for me it does not. I have installed openssh-server on one machine. Fresh install of Gutsy server and nothing else on the machine. I am using PuTTY to connect and I get the message Connection Refused. If I use command line ssh user@host I get more or less the same thing ssh: connect to host name port 22: Connection refused Tried from another machine and the same message. But I can ping the IP and the host name without issue. So I was asking round and it has been suggested that I need to open port 22 on iptables. If that is the case I do not know how to. Or is there something else I should look at? I have tried this command but it did not seem to have any effect - iptables -A INPUT -i eth1 -p tcp --dport 22 -j ACCEPT Any idea why I have got such a simple tutorial messed up .... ? |
"connection refused" means that either (a) the packet made it to the port, but nobody's listening (ie: sshd isn't running) or (b) you hit a "-j REJECT" rule before your accept rule.
So, your first step is to verify that sshd is indeed running on the target machine (eg: "ps -ef | grep sshd" on the target machine). If it's not, try running /etc/init.d/ssh start . Your second step is to check your INPUT chain (ie: iptables -nvL INPUT ) or whatever it's traversing for REJECT rules. If it is, try inserting your SSH rule above that reject rule. |
Thank you for your help ....
I started with Code:
ps -ef | grep sshd Code:
username 4149 4132 0 10:02 tty1 00:00:00 grep sshd Code:
/etc/init.d/ssh start Code:
No file or directory Code:
apt-get install ssh openssh-server Then I restarted the server and went back and ran Code:
ps -ef | grep sshd Code:
root 4104 1 0 10:21 ? 00:00:00 /usr/sbin/ssh Code:
/etc/init.d/ssh start Code:
Starting OpenBSD Secure Shell server sshd |
the second part of your comments ... iptables
from iptables -nvL INPUT I got Code:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes) Do I need to change this at all? |
What I have just done is to reinstall the server since there was nothing there. Slight difference that instead of installing SSH server through the installer I skipped that and did it only through apt.
The only difference is that I do not get the error about the keys when starting up ssh but I still get connection refused. |
I appear to have got this working.
If I ping hostname I get a response but it relates to opendns and not my local network PING hostname (208.67.219.130) 56(84) bytes of data. 64 bytes from nxdomain.guide.opendns.com (208.67.219.130): icmp_seq=1 ttl=240 time=320 ms 64 bytes from nxdomain.guide.opendns.com (208.67.219.130): icmp_seq=3 ttl=240 time=321 ms 64 bytes from nxdomain.guide.opendns.com (208.67.219.130): icmp_seq=4 ttl=240 time=318 ms 64 bytes from nxdomain.guide.opendns.com (208.67.219.130): icmp_seq=5 ttl=240 time=318 ms but if I ping the ip address PING 192.168.1.125 (192.168.1.125) 56(84) bytes of data. 64 bytes from 192.168.16.70: icmp_seq=1 ttl=64 time=1.49 ms 64 bytes from 192.168.16.70: icmp_seq=2 ttl=64 time=0.094 ms 64 bytes from 192.168.16.70: icmp_seq=3 ttl=64 time=0.092 ms 64 bytes from 192.168.16.70: icmp_seq=4 ttl=64 time=0.093 ms 64 bytes from 192.168.16.70: icmp_seq=5 ttl=64 time=0.094 ms 64 bytes from 192.168.16.70: icmp_seq=6 ttl=64 time=0.080 ms So if I then use putty ipaddress on the cli it will connect. It looks like I need to work a bit further through the tutorial and edit the hosts file to make this problem go away ..... |
All times are GMT -5. The time now is 09:44 AM. |