connect to host 192.168.0.7 port 22: Connection refused - Mandriva

This is a discussion on connect to host 192.168.0.7 port 22: Connection refused - Mandriva ; On Mon, 18 Aug 2008 15:54:42 +0000, Bit Twister wrote: > After playing around last night, I can now suggest just > > ALL: .mab.unregistered, 192.168.0. > > Until we can get ssh working from the laptop, I wish you ...

+ Reply to Thread
Page 3 of 5 FirstFirst 1 2 3 4 5 LastLast
Results 41 to 60 of 99

Thread: connect to host 192.168.0.7 port 22: Connection refused

  1. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 15:54:42 +0000, Bit Twister wrote:

    > After playing around last night, I can now suggest just
    >
    > ALL: .mab.unregistered, 192.168.0.
    >
    > Until we can get ssh working from the laptop, I wish you would not have
    > any commands in hosts.allow and hosts.deny


    So I should ignore the "ALL: .mab...." suggestion 5 lines
    above here?
    >
    >> [quoted text muted]

    >
    > Which /etc/hosts file. With that hosts file, you can have the same hosts
    > file on both machines.


    But I already do! They are identical on both desktop & laptop...
    >
    > Just for fun, I want to make the hosts file the same on both machines and
    > looks as follows:
    >
    > 127.0.0.1 localhost
    > 192.168.0.1 router.mab.unregistered router
    > 192.168.0.2 desktop.mab.unregistered desktop
    > 192.168.0.3 laptop.mab.unregistered laptop


    That's as already are, but omitting the 'MAB prefix. OK!

    > Until we can get ssh working from the laptop, I wish you would
    > not have any commands in hosts.allow and hosts.deny on either
    > machine.


    OK - will comment them out.
    >
    > In both 2008.0 and 2008.1 MCC System Services I have two

    lines/selections
    > sshd running [Info] [x] On Boot Start Stop
    > sshd-xinetd [Info] [ ] Start when Requested Start Stop


    No sign of tha sshd-xinetd entry...

    > If you are missing sshd-xinetd, I have no idea why you are missing
    > /etc/xinetd.d/sshd-xinetd


    But it's not missing!
    ----------------------------------------------------
    [mab@localhost ~]$ cat /etc/xinetd.d/sshd-xinetd
    # default: off
    # description: sshd server, xinetd version. \
    # Don't run the standalone version if you run \
    # this.
    service ssh
    {
    disable = yes
    socket_type = stream
    wait = no
    user = root
    server = /usr/sbin/sshd
    server_args = -i
    log_on_success += DURATION USERID
    log_on_failure += USERID
    nice = 10
    }
    --------------------------------------------------------

    > -rw-r--r-- 1 root root 321 2008-05-06 14:53
    > /etc/xinetd.d/sshd-xinetd


    Check here on desktop:
    ------------------------------------------------------
    [mab@localhost ~]$ ls -al /etc/xinetd.d/sshd-xinetd
    -rw-r--r-- 1 root root 321 2008-05-06 20:50
    /etc/xinetd.d/sshd-xinetd
    ------------------------------------------------------
    Seems a bit of a mystery. It's there but showing up where it
    should. How can that be? (Or, how can it be made to...)


    > Your settings in /etc/hosts and what is configured for the
    > nic are incorrect.
    >
    > You have to make ip address in /etc/hosts match what is in
    > /etc/sysconfig/network-scripts/ifcfg-eth0's IPADDRESS from each machine.


    I've no idea why ifconfig shows the wrong host IP!

    (Are you saying "inet addr" should show 192.168.0.2, rather
    than 192.168.0.3?)

    How does one figure out how to acquire the correct info from the
    ifcg-eth0 file so that ifconfig shows correct IP?
    Here are the contents of that file on desktop:
    ----------------------------------------------------------------
    [mab@localhost ~]$ cat /etc/sysconfig/network-scripts/ifcfg-eth0
    DEVICE=eth0
    BOOTPROTO=dhcp
    NETMASK=255.255.255.0
    ONBOOT=yes
    METRIC=10
    MII_NOT_SUPPORTED=no
    USERCTL=no
    RESOLV_MODS=no
    IPV6INIT=no
    IPV6TO4INIT=no
    DHCP_CLIENT=dhclient
    NEEDHOSTNAME=no
    PEERDNS=yes
    PEERYP=yes
    ---------------------------------------------------------------

    Regards,
    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  2. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 17:13:32 +0100, Maurice Batey wrote:
    > On Mon, 18 Aug 2008 14:29:07 +0000, Bit Twister wrote:


    >> pgrep -lf sshd <===== Should return the pid and program name
    >> 3866 /usr/sbin/sshd <============ see, sshd is running, pid=3866

    >
    > Yes (though no sign of "pid=xxxx")


    Comment was trying to show 3866 is the pid, hence pid=3866
    I change comment to read pid is 3866

    >> chkconfig --list | grep sshd <====== on some

    > systems sshd
    >> 0ff 1ff 2n 3n 4n 5n 6ff <= which run level starts on boot
    >> sshd-xinetd: off <=== on indicates to start when
    >> needed

    >
    > OK - except still no sign of "sshd-xinetd..."
    > =============================


    That is a problem in it's self. No idea why it is not there.
    It is in the sshd package you installed.

    >
    >> ssh bittwister@$(hostname --alias)

    >
    > Failed:
    > ------------------------------------------------
    > [mab@localhost ~]$ ssh mab@$(hostname --alias)
    > ssh: : Name or service not known
    > ------------------------------------------------


    Ok, your node name of localhost is biting you. You need to set the
    hostname to a FQDN value. Suggestion follows:

    $ cat /etc/sysconfig/network
    NETWORKING_IPV6=no
    NOZEROCONF=yes
    NEEDHOSTNAME=no
    NETWORKING=yes
    HOSTNAME=desktop.mab.unregistered <========= FQDN node set here

    Recommendation:
    $ cat /etc/sysconfig/network
    NETWORKING_IPV6=no
    NOZEROCONF=yes
    NEEDHOSTNAME=no
    NETWORKING=yes
    HOSTNAME=desktop.mab.test <========= better domain name here

    Read http://www.rfc-editor.org/rfc/rfc2606.txt

    NOTE: warning, anytime I change the hostname, I reboot to make every
    service/daemon aware of the name change, and check nothing breaks.

    >>
    >> If the hostname -i returns 127.0.0.1 on the server, you need to use the ip
    >> address of the server's nic that is connected to the client.

    >
    > I believe that is 192.168.0.2 in my case: cat /etc/hosts gives


    Belief does not hack it. You are required to KNOW.

    >
    > 127.0.0.1 localhost
    > 192.168.0.1 router.mab.unregistered MABsrouter
    > 192.168.0.2 desktop.mab.unregistered MABsdesktop
    > 192.168.0.3 laptop.mab.unregistered MABslaptop


    Just an FYI, those long aliases could bit you. I suggest getting them
    less than 9 characters.


    >
    >>
    >> ifconfig to find the address.

    > In my case:
    > -----------------------------------------------------------
    > eth0 Link encap:Ethernet HWaddr 00:1B:21:07:31:63
    > inet addr:192.168.0.3 Bcast:192.168.0.255
    > Mask:255.255.255.0
    > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    > ------------------------------------------------------------
    >>
    >> Verify the ip address test on server with
    >> ssh bittwister@servers_ip_here

    >
    > You mean - on server - ssh to itself?


    Yep, that is just what you did with these commands:
    ssh bittwister@$(hostname -i)
    ssh bittwister@$(hostname --alias)
    ssh bittwister@$(hostname --fqdn)

    > This is what happens:


    >
    > ------------------------------------------------------------
    > [mab@localhost ~]$ ssh mab@192.168.0.2
    > ssh: connect to host 192.168.0.2 port 22: Connection refused
    > ------------------------------------------------------------
    > (though ssh mab@127.0.0.1 and ssh mab@$(hostname) work)


    And why is that you ask. Run these three commands and see if you can relate.

    grep 127.0.0.1 /etc/hosts
    grep $(hostname) /etc/hosts
    echo $(hostname)

    > I'll stop here, as my earoier posting today may have helped
    > clear the air.


    Guessing my reply to that post should have fixed it. :-)

  3. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 12:55:23 -0400, Maurice Batey wrote:

    > I've no idea why ifconfig shows the wrong host IP!


    It doesn't. The hosts files are wrong.
    Change the hosts file (on both systems) to show what ifconfig shows.

    Also, try running "chkconfig --list" without any other pararaters, or piping it
    to grep. Does it show the sshd-xinetd?

    Regards, Dave Hodgins

    --
    Change nomail.afraid.org to ody.ca to reply by email.
    (nomail.afraid.org has been set up specifically for
    use in usenet. Feel free to use it yourself.)

  4. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 17:38:54 +0000, Bit Twister wrote:

    > Then check the perms.
    >
    > $ ls -ald /etc/xinetd.d/
    > drwxr-xr-x 2 root root 4096 2008-08-14 19:34 /etc/xinetd.d/


    OK:
    -------------------------------------------------------------
    [mab@desktop ~]$ ls -ald /etc/xinetd.d/
    drwxr-xr-x 2 root root 4096 2008-08-17 16:54 /etc/xinetd.d//
    -------------------------------------------------------------

    Still a mystery, I guess...

    However, despite all that, you can GET OUT THE FLAGS!
    MAFEKING HAS BEEN RELIEVED... 8-))

    I can now ssh in to desktop from laptop, now that the IP muddle
    has been identified and sorted out.
    (I really don't know how they got mixed up, but whenever it
    did was yonks ago, and a lot of water has flown under the bridge
    (and probably into what's left of my brain) since then.)

    BT, many many thanks once again for your unstinted help and
    patience - very much appreciated indeed.

    Regards,
    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  5. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 13:29:52 -0400, David W. Hodgins wrote:

    > try running "chkconfig --list" without any other pararaters, or
    > piping it to grep. Does it show the sshd-xinetd?


    No! Absolutely no sign of it, Dave.

    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  6. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 18:51:51 +0100, Maurice Batey wrote:

    > [mab@desktop ~]$ ls -ald /etc/xinetd.d/
    > drwxr-xr-x 2 root root 4096 2008-08-17 16:54 /etc/xinetd.d//



    What is that // doing on the end of that line. Should be

    $ ls -ald /etc/xinetd.d/
    drwxr-xr-x 2 root root 4096 2008-08-14 19:34 /etc/xinetd.d/

  7. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 13:51:51 -0400, Maurice Batey wrote:

    > Still a mystery, I guess...


    Do you have the package xinetd installed? Run "rpm -q -i xinetd"
    Is it running "service xinetd status"?

    Regards, Dave Hodgins

    --
    Change nomail.afraid.org to ody.ca to reply by email.
    (nomail.afraid.org has been set up specifically for
    use in usenet. Feel free to use it yourself.)

  8. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 17:55:32 +0000, Bit Twister wrote:

    > What is that // doing on the end of that line. Should be
    >
    > $ ls -ald /etc/xinetd.d/
    > drwxr-xr-x 2 root root 4096 2008-08-14 19:34 /etc/xinetd.d/


    Mmm. I tried it without the '/' on the end of the call and the
    2nd '/' doesn't appear!:
    -------------------------------------------------------------
    [mab@desktop ~]$ ls -ald /etc/xinetd.d
    drwxr-xr-x 2 root root 4096 2008-08-17 16:54 /etc/xinetd.d/
    -------------------------------------------------------------

    Figure that one out!

    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  9. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 19:27:44 +0100, Maurice Batey wrote:
    >
    > Mmm. I tried it without the '/' on the end of the call and the
    > 2nd '/' doesn't appear!:
    >
    > Figure that one out!


    No thank you.

    Homework assignment.
    type ls
    type -a ls

    On the subject of hosts.allow and hosts.deny.

    Your initial setup did not have anything in hosts.deny.

    I recommend All: ALL if you are not going to use mine.

    If you are going to hardcode ip addresses in /etc/hosts
    I recommend setting static instead of dynamic (chcp)
    for those interfaces.

    I recommend a FQDN for all nodes. For the linux install, I recommend
    these lines and values <=============
    $ cat /etc/sysconfig/network
    NETWORKING_IPV6=no <=============
    NOZEROCONF=yes <=============
    NEEDHOSTNAME=no <=============
    NETWORKING=yes <=============
    HOSTNAME=desktop.mab.test <=============


  10. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 14:24:51 -0400, David W. Hodgins wrote:

    > Do you have the package xinetd installed? Run "rpm -q -i xinetd" Is it
    > running "service xinetd status"?


    [root@desktop mab]# rpm -q -i xinetd
    package xinetd is not installed

    So - in spite of all that evidence to the contrary - it appears
    not!

    Have now installed it via MCC.

    Is there anything more that should be done with it?

    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  11. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 15:54:42 +0000, Bit Twister wrote:

    > In both 2008.0 and 2008.1 MCC System Services I have two lines/selections
    > sshd running [Info] [x] On Boot Start Stop
    > sshd-xinetd [Info] [ ] Start when Requested Start Stop


    I now see those two entries.

    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  12. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 19:46:52 +0100, Maurice Batey wrote:
    > On Mon, 18 Aug 2008 14:24:51 -0400, David W. Hodgins wrote:
    >
    >> Do you have the package xinetd installed? Run "rpm -q -i xinetd" Is it
    >> running "service xinetd status"?

    >
    > [root@desktop mab]# rpm -q -i xinetd
    > package xinetd is not installed
    >
    > So - in spite of all that evidence to the contrary - it appears
    > not!
    >
    > Have now installed it via MCC.
    >
    > Is there anything more that should be done with it?


    In your case, so far, it is only good for deciding if you want sshd started
    on boot, or if sshd only starts when a sshd connection is tried.


  13. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 18:57:03 +0000, Bit Twister wrote:

    > In your case, so far, it is only good for deciding if you want sshd
    > started on boot, or if sshd only starts when a sshd connection is tried.


    OIC - that answers a question I was going to ask!

    How does one use it to get sshd to start only when a ssh
    connection is attempted?

    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  14. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Monday 18 August 2008 23:48, someone identifying as *Maurice Batey* wrote
    in /alt.os.linux.mandriva:/

    > On Mon, 18 Aug 2008 18:57:03 +0000, Bit Twister wrote:
    >
    >> In your case, so far, it is only good for deciding if you want sshd
    >> started on boot, or if sshd only starts when a sshd connection is tried.

    >
    > OIC - that answers a question I was going to ask!
    >
    > How does one use it to get sshd to start only when a ssh
    > connection is attempted?


    If that is what you want, then you should use /xinet-sshd/ - or whatever
    it's called - instead of the regular sshd, and then you must set
    up /xinetd/ to include /sshd/ among the offered services.

    --
    *Aragorn*
    (registered GNU/Linux user #223157)

  15. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 22:48:29 +0100, Maurice Batey wrote:
    >
    > How does one use it to get sshd to start only when a ssh
    > connection is attempted?


    Get into MCC Services,
    uncheck sshd On Boot
    click Stop for sshd
    click Start when requested for ssd-xinetd
    Click Ok, bottom left
    Control q
    Control q

    man xinetd
    man xinetd.conf

    And start hacking away at
    /etc/xinetd.d/sshd-xinetd
    do keep an original somewhere else before editing. :-)


  16. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 18:46:44 +0000, Bit Twister wrote:

    > I recommend All: ALL if you are not going to use mine.


    Have put that in /etc/hosts/deny; thanks.

    I did take a long look at your 'email' setup for that file,
    and would love to have it, but it seemd so intricate that I
    chickened out, as it would have cost you more days of
    trouble-shooting to get it working. 8-)

    I assume the purpose is to report any rogue attempt to ssh in to
    the server via the router wireless channel.
    In my case the router is WAP-key protected, and no one else
    here would know what 'ssh' was, so I don't feel a need for more
    security.

    But all the same it looks an interesting project for a rainy
    day...

    > If you are going to hardcode ip addresses in /etc/hosts ..


    How does one avoid that?

    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  17. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Mon, 18 Aug 2008 22:26:15 +0000, Bit Twister wrote:

    > Get into MCC Services,
    > uncheck sshd On Boot
    > click Stop for sshd
    > click Start when requested for ssd-xinetd Click Ok, bottom left


    Happy with that!

    > And start hacking away at /etc/xinetd.d/sshd-xinetd


    Mmm. I won't get into that, as I don't see a need for
    sshd-xinetd (yet).

    Many thanks!
    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  18. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Tue, 19 Aug 2008 00:04:43 +0200, Aragorn wrote:

    > If that is what you want, then you should use /xinet-sshd/ - or whatever
    > it's called - instead of the regular sshd, and then you must set up
    > /xinetd/ to include /sshd/ among the offered services.


    I installed xinetd because I got the impression it was needed
    to properly allow the SSH from laptop, hence my wondering how it
    is used.

    As I was (eventually!) able to achieve the SSH connection without
    it, and don't really need the 'start at first call' facility, I
    propose to uninstall it as superfluous (unless there is some
    other reason why it should be kept).
    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


  19. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Tue, 19 Aug 2008 16:44:13 +0100, Maurice Batey wrote:

    > I did take a long look at your 'email' setup for that file,
    > and would love to have it, but it seemd so intricate that I
    > chickened out, as it would have cost you more days of
    > trouble-shooting to get it working. 8-)


    No, changes/debugging to that fancy .deny script needed.
    Bring up a root terminal.

    You change a line in /etc/postfix/aliases, (close to bottom of aliases)
    from root: postfix
    to root: mab
    save/quit editor

    postalias aliases

    service postfix restart

    At this point, mab on this node should receive this nodes root's
    email. You test by sending root a message and check mab's mail box.

    mail -s "root test shot" mab < /dev/null

    su - mab

    mail <==== should show 1 root test shot
    (carriage return) <==== would read the mail
    d <==== deletes email
    q <==== exits mail and deletes marked email.
    exit <==== closes the su - mab session.

    If postfix has been running since install, I would check root's mail box.

    mail

    d 1-30 <==== deletes email 1 through 30

    exit <==== closes this root terminal session.


    > I assume the purpose is to report any rogue attempt to ssh in to
    > the server via the router wireless channel.


    Not just ssh, report any application attempt compiled with tcpwrapper support
    which did not match a rule in hosts.allow.

    > In my case the router is WAP-key protected, and no one else here
    > would know what 'ssh' was, so I don't feel a need for more security.


    What about a 192.168.0.* node cracked when user was playing out on the
    internet. :-(

    If me, I would have to set all nodes static, starting at, say 192.168.0.100
    just in case someone can get a lease/connection from your router.

    I would then set .allow ALL: 192.168.0.101, 192.168.0.102, 192.168.0.103
    Now, only those nodes could use tcpwrapped apps like sshd.

    >> If you are going to hardcode ip addresses in /etc/hosts ..

    >
    > How does one avoid that?


    Good question for someone knowing network stuff and make/model of router. :-)



    Carry over from your other question posted today.

    The xinetd package would allow you to have tighter tweaks/features
    and not require sshd to be running all the time.

    If you did not take my suggestion for your FQDN, you might want
    to look through this thread.

    http://groups.google.com/group/alt.o...df6653de20a8a4

  20. Re: connect to host 192.168.0.7 port 22: Connection refused

    On Tue, 19 Aug 2008 17:48:04 +0000, Bit Twister wrote:

    > No, changes/debugging to that fancy .deny script needed.


    The problem is that in your posting of that script the text
    appears split up all over the place, so that it's difficult to
    see how it is supposed to precisely fit together.
    (I printed it out and pored over it, but even then I couldn't
    make it gell...)

    > You change a line in /etc/postfix/aliases,


    But I don't use postfix; not installed. Happy with KMail.

    Perhaps there's a way of throwing some warning panel onto the
    screen instead?

    --
    /\/\aurice
    Linux Mandriva 2.6.22.19-desktop-2mdv 2008.0 PP 32-bit
    KDE 3.5.7 Virtualbox 1.5.6
    (Remove 'removethis.' to reply by email)


+ Reply to Thread
Page 3 of 5 FirstFirst 1 2 3 4 5 LastLast