On Wed, Apr 25, 2001 at 07:07:58PM +0100 or so it is rumoured hereabouts,
bscanlan at irish-times.com thought:
> Hey,
>> On Wed, Apr 25, 2001 at 06:34:13PM +0100, Conor Daly wrote:
> >
> > Apr 23 14:01:10 Valkerie sshd[2679]: Connection from yyy.yyy.yyy.yyy port
> > 8120
> > Apr 23 14:01:10 Valkerie sshd[2679]: Did not receive ident string from
> > yyy.yyy.yyy.yyy
>> Wot's this, you might ask.
> Your ssh server identifies itself. "Hey there, I'm SSH Version bar.foo!"
> It then expects a response. The poor thing never gets one.
>> > I all cases, ssh to the firewall from *inside*
> > the firewall gets forwarded to the ssh server and I get to connect but from
> > *outside*, it's a different matter.
>> Your problem is either here...
>> > The outside machine I'm going from is
> > itself masqued
>> ...or here. :)
>> Something's stopping your masqued client from talking to your SSH server.
>> You need to isolate one from the other. Can your masqued client login to anything
> using SSH? Tell ya what, you could try to login to redbrick.dcu.ie (port 22) as
> some user, if you can succesfully get an unsuccessful login attempt (i.e. wrong
> username/password combination), your ssh client has at least identified itself
> to that ssh server correctly.
An attempt to redbrick from home gets me the following.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'redbrick.dcu.ie,136.206.15.5' (DSA) to the
list of known hosts.
Connection closed by 136.206.15.5
So I'm connecting, identifying and getting kicked off.
If I try from work, I suspect port 22 isn't allowed out in any case. I
get a "connection refused" error that way. I have port 21 forwarded to
port 22 through the home firewall and am attempting to connect via port 21
through the work firewall (I'm allowed ftp access). I wonder are there
some issues with the ftp protocol (which is expected to use port 21) and
the firewall rules that would be normally used for ftp. The work firewall
is an NT NAT forewall over which I have no control. Alternatively, are
there special rules necessary for ssh that would be applied to port 22?
For example, my port 22 rule includes mention of
$SSH_REMOTE_PORTS="513:65535" though I wouldn't think the lack of such
stuff would make too much difference. I had port 80 forwarded to port 22
also but an ssh -p80 would return "connection established" and then hang
before any ssh stuff happened.
Still stumped. Anyone got an account on redbrick they could loan me to
use for testing? I could try to connect from there and at least get my
end figured out.
Conor.
--
Conor Daly <conor.daly at oceanfree.net>
Domestic Sysadmin :-)
---------------------
Faenor.cod.ie
10:47pm up 10 days, 9:01, 0 users, load average: 0.02, 0.04, 0.03
Hobbiton.cod.ie
10:45pm up 57 days, 8:22, 2 users, load average: 0.13, 0.13, 0.04
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
