SSH server not excepting external connections (7.04 ubuntu) - Ubuntu

This is a discussion on SSH server not excepting external connections (7.04 ubuntu) - Ubuntu ; I have just installed sshd (openssh) and I do not quit understand what it is doing. I installed the ssh server package , my box already had the client installed. I can connect to ssh locally from the same box ...

+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 32

Thread: SSH server not excepting external connections (7.04 ubuntu)

  1. SSH server not excepting external connections (7.04 ubuntu)

    I have just installed sshd (openssh) and I do not quit understand what
    it is doing. I installed the ssh server package , my box already had the
    client installed.

    I can connect to ssh locally from the same box as a test, but I can not
    from another box in my network. I also launched the graphic "Network
    Tools" and netstat'ed the connection. I shows tcp6 is listening on all
    interfaces on port 22. Through the same tool I scanned the ports and it
    showed port 22 but it does not state if it is tcp 4 or 6. I did not
    install a firewall nor did I config host.allow/deny either. I can not
    think of anything I have install or configured that would block the
    ports on my box.

    Is this server really running on tcp6 or is this "Network Tools" a
    little buggy?

    If it is how do I disable tcp6?

    Is there something in the default config. file that is blocking or
    disabling the functionality of sshd?

    Thx

  2. Re: SSH server not excepting external connections (7.04 ubuntu)

    Muffin wrote:
    > I have just installed sshd (openssh) and I do not quit understand what
    > it is doing. I installed the ssh server package , my box already had the
    > client installed.
    >
    > I can connect to ssh locally from the same box as a test, but I can not
    > from another box in my network. I also launched the graphic "Network
    > Tools" and netstat'ed the connection. I shows tcp6 is listening on all
    > interfaces on port 22. Through the same tool I scanned the ports and it
    > showed port 22 but it does not state if it is tcp 4 or 6. I did not
    > install a firewall nor did I config host.allow/deny either. I can not
    > think of anything I have install or configured that would block the
    > ports on my box.
    >
    > Is this server really running on tcp6 or is this "Network Tools" a
    > little buggy?
    >
    > If it is how do I disable tcp6?
    >
    > Is there something in the default config. file that is blocking or
    > disabling the functionality of sshd?


    Sounds like you have a firewall running.

    --
    Ogre

  3. Re: SSH server not excepting external connections (7.04 ubuntu)

    Ogre wrote:

    > Sounds like you have a firewall running.


    I did not install one. Is it in stalled by default and activated? I can
    ping however ssh keeps getting refused. I can ssh out bound but not in
    bound. I can connect on the loopback however, if I am using the right
    term. I have a fairly generic install. Did I use the right package
    called "openssh server"? Its' description is:

    "Secure shell server, an rshd replacement
    This is the portable version of OpenSSH, a free implementation of
    the Secure Shell protocol as specified by the IETF secsh working
    group.

    Ssh (Secure Shell) is a program for logging into a remote machine
    and for executing commands on a remote machine.
    It provides secure encrypted communications between two untrusted
    hosts over an insecure network. X11 connections and arbitrary TCP/IP
    ports can also be forwarded over the secure channel.
    It is intended as a replacement for rlogin, rsh and rcp, and can be
    used to provide applications with a secure communication channel.

    This package provides the sshd server."

    BTW do you know how to disable tcp6?

    Thx



  4. Re: SSH server not excepting external connections (7.04 ubuntu)

    On Thu, 27 Sep 2007 22:12:26 -0400
    Muffin wrote:

    > Ogre wrote:
    >
    > > Sounds like you have a firewall running.

    >
    > I did not install one. Is it in stalled by default and activated? I
    > can ping however ssh keeps getting refused. I can ssh out bound but
    > not in bound. I can connect on the loopback however, if I am using
    > the right term. I have a fairly generic install. Did I use the right
    > package called "openssh server"? Its' description is:
    >
    > "Secure shell server, an rshd replacement
    > This is the portable version of OpenSSH, a free implementation of
    > the Secure Shell protocol as specified by the IETF secsh working
    > group.
    >
    > Ssh (Secure Shell) is a program for logging into a remote machine
    > and for executing commands on a remote machine.
    > It provides secure encrypted communications between two untrusted
    > hosts over an insecure network. X11 connections and arbitrary TCP/IP
    > ports can also be forwarded over the secure channel.
    > It is intended as a replacement for rlogin, rsh and rcp, and can be
    > used to provide applications with a secure communication channel.
    >
    > This package provides the sshd server."
    >
    > BTW do you know how to disable tcp6?
    >
    > Thx
    >
    >

    Hi
    Is iptables installed (I run a sparc server version of ubuntu, I'm
    sure it was there..)?
    sudo iptables -L should show you the list if it is.
    Install firestarter (or lokkit) and open up ssh.

    --
    Cheers Malcolm (Linux Counter #276890)
    SLED 10.0 SP1 x86_64 Kernel 2.6.16.53-0.8-smp
    up 1 day 6:26, 0 users, load average: 1.77, 3.93, 5.30

  5. Re: SSH server not excepting external connections (7.04 ubuntu)

    On Tue, 25 Sep 2007 21:33:48 -0400, Muffin wrote:

    > I have just installed sshd (openssh) and I do not quit understand what
    > it is doing. I installed the ssh server package , my box already had the
    > client installed.
    >
    > I can connect to ssh locally from the same box as a test, but I can not
    > from another box in my network. I also launched the graphic "Network
    > Tools" and netstat'ed the connection. I shows tcp6 is listening on all
    > interfaces on port 22. Through the same tool I scanned the ports and it
    > showed port 22 but it does not state if it is tcp 4 or 6. I did not
    > install a firewall nor did I config host.allow/deny either.


    do you have the /etc/hosts.allow and /etc/hosts.deny files?
    If they don't exist then the default behaviour towards a machine trying to
    connect to this machine is probably to disallow the connection, so these
    files need to be created.
    If they do exist then check that /etc/hosts.allow permits connections from
    your other machine(s) which would mean a line something like; ALL:
    other_ip_number
    where other_ip_number is the IP number of the machine you want to connect
    from. The hosts.deny file can be as simple as a line like; ALL: ALL

    >
    > Is this server really running on tcp6 or is this "Network Tools" a
    > little buggy?
    >
    > If it is how do I disable tcp6?
    >


    afaik, IPv6 is built into the kernel, which also provides for translations
    between IPv4 and IPv6. I don't think this is your problem though ...

    > Is there something in the default config. file that is blocking or
    > disabling the functionality of sshd?
    >


    Not a default, but /etc/sshd_config can be set up to only allow
    connections from IPv4 or IPv6 (or ANY which is the default.)

    --
    l'air du temps



  6. Re: SSH server not excepting external connections (7.04 ubuntu)

    On Fri, 28 Sep 2007 22:45:19 +1000, jane doa wrote:

    >> Is this server really running on tcp6 or is this "Network Tools" a
    >> little buggy?
    >>
    >> If it is how do I disable tcp6?


    Does your install have a standard or custom TCP layer? AFAIK, most Linux
    distros are still using TCP modified for IPv6 according to RFC2460.

    > afaik, IPv6 is built into the kernel, which also provides for translations
    > between IPv4 and IPv6. I don't think this is your problem though ...
    >
    >> Is there something in the default config. file that is blocking or
    >> disabling the functionality of sshd?

    >
    > Not a default, but /etc/sshd_config can be set up to only allow
    > connections from IPv4 or IPv6 (or ANY which is the default.)


    Also check /etc/modprobe.d/blacklist to see if any of the layers of your
    desired network stack were blacklisted. I've definitely seen a distro
    recently (can't recall which) that came with inet6 blacklisted by default.

  7. Re: SSH server not excepting external connections (7.04 ubuntu)

    Malcolm wrote:
    >
    > Is iptables installed (I run a sparc server version of ubuntu, I'm
    > sure it was there..)?
    > sudo iptables -L should show you the list if it is.
    > Install firestarter (or lokkit) and open up ssh.
    >


    ">root@rat1:/home/user1# iptables -L
    > Chain INPUT (policy ACCEPT)
    > target prot opt source destination
    >
    > Chain FORWARD (policy ACCEPT)
    > target prot opt source destination
    >
    > Chain OUTPUT (policy ACCEPT)
    > target prot opt source destination
    > root@rat1:/home/user1# "


    I guess it is running, This is it's feed back from that command. It it
    blocking anything? How do I shut it down so I can test if it is
    blocking? I tryed ps -aux but could not locate the process.

    Thx

  8. Re: SSH server not excepting external connections (7.04 ubuntu)

    Mark South wrote:
    >
    > Also check /etc/modprobe.d/blacklist to see if any of the layers of your
    > desired network stack were blacklisted. I've definitely seen a distro
    > recently (can't recall which) that came with inet6 blacklisted by default.


    I checked but it looks like that may not be it. Here's my print out:

    root@rat1:/home/user1# cat /etc/modprobe.d/blacklist
    # This file lists those modules which we don't want to be loaded by
    # alias expansion, usually so some other driver will be loaded for the
    # device instead.

    # evbug is a debug tool that should be loaded explicitly
    blacklist evbug

    # these drivers are very simple, the HID drivers are usually preferred
    blacklist usbmouse
    blacklist usbkbd

    # replaced by e100
    blacklist eepro100

    # replaced by tulip
    blacklist de4x5

    # causes no end of confusion by creating unexpected network interfaces
    blacklist eth1394

    # snd_intel8x0m can interfere with snd_intel8x0, doesn't seem to support
    much
    # hardware on its own (Ubuntu bug #2011, #6810)
    blacklist snd_intel8x0m

    # causes failure to suspend on HP compaq nc6000 (Ubuntu: #10306)
    blacklist i2c_i801

    # buggy driver causes kernel BUG on load (Ubuntu: #78255, #88430)
    blacklist r818x
    blacklist r8187
    root@rat1:/home/user1#


    Thx


  9. Re: SSH server not excepting external connections (7.04 ubuntu)

    jane doa wrote:

    > do you have the /etc/hosts.allow and /etc/hosts.deny files?


    No I don't.

    root@rat1:/etc# touch hosts.allow
    root@rat1:/etc# touch hosts.deny

    root@rat1:/etc# echo "ALL: someip">hosts.allow
    root@rat1:/etc# echo "ALL: ALL">hosts.deny

    someip= the ip of my client box

    Should I cycle anything?

  10. Re: SSH server not excepting external connections (7.04 ubuntu)


    >> Install firestarter (or lokkit) and open up ssh.

    I have it installed and have opened port 22 inbound. It looks like I
    have it config'ed right but still can not log in with ssh yet.

  11. Re: SSH server not excepting external connections (7.04 ubuntu)

    On 2007-09-28, Muffin wrote:
    > Malcolm wrote:
    >>
    >> Is iptables installed (I run a sparc server version of ubuntu, I'm
    >> sure it was there..)?
    >> sudo iptables -L should show you the list if it is.
    >> Install firestarter (or lokkit) and open up ssh.
    >>

    >
    > ">root@rat1:/home/user1# iptables -L
    >> Chain INPUT (policy ACCEPT)
    >> target prot opt source destination
    >>
    >> Chain FORWARD (policy ACCEPT)
    >> target prot opt source destination
    >>
    >> Chain OUTPUT (policy ACCEPT)
    >> target prot opt source destination
    >> root@rat1:/home/user1# "

    >
    > I guess it is running, This is it's feed back from that command. It it
    > blocking anything? How do I shut it down so I can test if it is
    > blocking? I tryed ps -aux but could not locate the process.
    >
    > Thx


    there is nothing significantly wrong with this output from iptables.
    A concern would be the use of root. If you are trying to ssh into a box
    as root on a default 7.04 install you should always fail.

    have you tried to ssh into the box as root or as a normal user?

    --
    l'air du temps


  12. Re: SSH server not excepting external connections (7.04 ubuntu)


    > have you tried to ssh into the box as root or as a normal user?
    >


    Normal user, this user can su/sudo but is not root. I can also ssh and
    log in locally. I am checking on hosts.allow/deny to see if I did
    something there.

  13. Re: SSH server not excepting external connections (7.04 ubuntu)

    /On 2007-09-28, Muffin wrote:
    > jane doa wrote:
    >
    >> do you have the /etc/hosts.allow and /etc/hosts.deny files?

    >
    > No I don't.
    >
    > root@rat1:/etc# touch hosts.allow
    > root@rat1:/etc# touch hosts.deny
    >
    > root@rat1:/etc# echo "ALL: someip">hosts.allow
    > root@rat1:/etc# echo "ALL: ALL">hosts.deny
    >
    > someip= the ip of my client box
    >
    > Should I cycle anything?

    since it looks like you are root,
    /etc/init.d/ssh restart

    --
    l'air du temps


  14. Re: SSH server not excepting external connections (7.04 ubuntu)

    Muffin wrote:

    >
    >> have you tried to ssh into the box as root or as a normal user?
    >>

    >
    > Normal user, this user can su/sudo but is not root. I can also ssh and
    > log in locally. I am checking on hosts.allow/deny to see if I did
    > something there.


    What command line are you using on the client box to get a ssh connection to
    your host?

    Cheers.

    --
    Sometimes, I Wake Up Grumpy.
    Sometimes, I Just Let Him Sleep In.
    -- My Wife


  15. Re: SSH server not excepting external connections (7.04 ubuntu)


    >
    > What command line are you using on the client box to get a ssh connection to
    > your host?



    freebsd : ssh user1@some ip

    windows : putty gui

    I am scanning (nmap)my ssh server and (tcp4)port 22 is up and listening.
    It is just refusing the connection "operation not permited"

    From the ssh server I can connect via "ssh user1@[it's ip address].

    I have installed and uninstaller several times. It looks like for
    whatever reason openssh will not except remote client session.

  16. Re: SSH server not excepting external connections (7.04 ubuntu)

    I am wondering why netstat shows me tcp6 and not tcp4. Is this telling
    me it is running on both or just tcp2

    root@rat1:/home/user1# netstat -lnt
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address Foreign Address
    State
    tcp 0 0 127.0.0.1:631 0.0.0.0:*
    LISTEN
    tcp6 0 0 :::22 :::*
    LISTEN
    root@rat1:/home/user1#

  17. Re: SSH server not excepting external connections (7.04 ubuntu)

    On Fri, 28 Sep 2007 13:08:46 -0400, Muffin wrote:

    > I am wondering why netstat shows me tcp6 and not tcp4. Is this telling
    > me it is running on both or just tcp2
    >
    > root@rat1:/home/user1# netstat -lnt
    > Active Internet connections (only servers)
    > Proto Recv-Q Send-Q Local Address Foreign Address
    > State
    > tcp 0 0 127.0.0.1:631 0.0.0.0:*
    > LISTEN
    > tcp6 0 0 :::22 :::*
    > LISTEN
    > root@rat1:/home/user1#


    TCP is just TCP. If it's running over IPv6 then "tcp6" is the correct
    string for the application to show according to RFC3530, as in your
    example above.

    Have you tried running tcpdump to see what traffic is being passed?

  18. Re: SSH server not excepting external connections (7.04 ubuntu)

    I do not need or use ip6. Do I need to recompile to get rid of ip6?

  19. Re: SSH server not excepting external connections (7.04 ubuntu)

    Muffin wrote:
    >
    >>
    >> What command line are you using on the client box to get a ssh
    >> connection to
    >> your host?

    >
    >
    > freebsd : ssh user1@some ip
    >
    > windows : putty gui
    >
    > I am scanning (nmap)my ssh server and (tcp4)port 22 is up and
    > listening. It is just refusing the connection "operation not permited"
    >
    > From the ssh server I can connect via "ssh user1@[it's ip address].
    >
    > I have installed and uninstaller several times. It looks like for
    > whatever reason openssh will not except remote client session.



    The openssh is all you need, but it looks like an improper use of a
    username. Did you look at the man ssh synopsis?

    1. If you have an account named "muffin" on the openssh box, and you are
    logged in as "muffin" on another box, you don't need any username.

    john@zeus:~$ ssh opensshserverbox
    Password:
    Linux opensshserverbox 2.4.27-2-386 #1 Wed Aug 17 09:33:35 UTC 2005 i586
    GNU/Linux

    2. If you are logged in locally with a different username that the one
    you wish to access with on the openssh server, or logged in locally with
    a username that does not exist on the openssh server, then use the login
    name parameter like this:

    ssh -l muffin opensshserverbox

    john@zeus:~$ ssh -l john opensshserverbox
    Password:
    Linux opensshserverbox 2.4.27-2-386 #1 Wed Aug 17 09:33:35 UTC 2005 i586
    GNU/Linux


    --
    John

    No Microsoft products were used in the preparation or transmission of this message.

    The EULA sounds like it was written by a team of lawyers who want to tell me what I can't do. The GPL sounds like it was written by a human being, who wants me to know what I can do.

  20. Re: SSH server not excepting external connections (7.04 ubuntu)

    Sep 28 20:18:30 rat1 sshd[7551]: Did not receive identification string
    from xxx.xxx.xxx.xxx

    I have resolved most of the errors. I have done so much hacking I am not
    too sure what did the trick. Although various host firewalls seem to be
    the issue I think. I still have one node that's holding out. It seems to
    be boiling down to the above error. I am generating this error when I
    try to log in remotely. This node happens to be a VM running on the sshd
    box.

    Thx

+ Reply to Thread
Page 1 of 2 1 2 LastLast