[ILUG] Accessing SSH remotely.

[Gavin McCullagh]

Hi,

On Sat, 21 Apr 2007, Darragh wrote:

> One thing that did cross my mind is that nmap is actually passing
> through the router and it's the linux box that's stopping port 22.  

It might be of use to figure out exactly where the packet stops.  If you
run 
	tcptraceroute w.x.y.z 80
	tcptraceroute w.x.y.z 22

you should see them both take the same route and at the last hop you'll see
[open] and [closed] respoectively (you probably won't see a hop from your
router to FC6).  You can simultaneously run tcpdump on the FC6 machine:

	tcpdump -i eth0 port 80
	tcpdump -i eth0 port 22

If the packets are reaching FC6, you'll see it on tcpdump.  If not, the
router is either blocking them or forwarding them incorrectly -- it's
possible it forwards them to some other address on your lan and that
machine refuses the connection.

If you can't use tcptraceroute you can probably get most of the way just
using telnet, though if there were some sort of filtering happening on port
22 further up (seems unlikely), the tcptraceroute would show it.   I guess
you have verified that you can ssh from your external box to other hosts.

> I've turned off the firewall on the linux box temporarily to see if that
> made any difference but as you can probably guess, it didn't.  Is there
> something else that could be causing this?  Anything
> in /etc/ssh/sshd_config or any of the other config files in that
> directory?  What about SELinux? Could that be causing a problem?

What error does ssh actually give you?  For example, if it's an
ssh_exchange_identification error, you probably have ssh blocked in
/etc.hosts.{allow,deny}.

As Niall says, it sounds like a router issue.

Gavin