LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Accessing SSH remotely.

[ILUG] Accessing SSH remotely.

Darragh lists at digitaldarragh.com
Sat Apr 21 11:38:58 IST 2007 

Thanks for your response.  
On Sat, 2007-04-21 at 15:26 +0100, Gavin McCullagh wrote:
> Hi,
> 
> On Sat, 21 Apr 2007, Darragh wrote:
> 
> > One thing that did cross my mind is that nmap is actually passing
> > through the router and it's the linux box that's stopping port 22.  
> 
> It might be of use to figure out exactly where the packet stops.  If you
> run 
> 	tcptraceroute w.x.y.z 80
> 	tcptraceroute w.x.y.z 22
> 
> you should see them both take the same route and at the last hop you'll see
> [open] and [closed] respoectively (you probably won't see a hop from your
> router to FC6).  You can simultaneously run tcpdump on the FC6 machine:
> 
> 	tcpdump -i eth0 port 80
> 	tcpdump -i eth0 port 22
> 
> If the packets are reaching FC6, you'll see it on tcpdump.  If not, the
> router is either blocking them or forwarding them incorrectly -- it's
> possible it forwards them to some other address on your lan and that
> machine refuses the connection.
> 
> If you can't use tcptraceroute you can probably get most of the way just
> using telnet, though if there were some sort of filtering happening on port
> 22 further up (seems unlikely), the tcptraceroute would show it.   I guess
> you have verified that you can ssh from your external box to other hosts.
> 
> > I've turned off the firewall on the linux box temporarily to see if that
> > made any difference but as you can probably guess, it didn't.  Is there
> > something else that could be causing this?  Anything
> > in /etc/ssh/sshd_config or any of the other config files in that
> > directory?  What about SELinux? Could that be causing a problem?
> 
> What error does ssh actually give you?  For example, if it's an
> ssh_exchange_identification error, you probably have ssh blocked in
> /etc.hosts.{allow,deny}.
> 
> As Niall says, it sounds like a router issue.
> 
> Gavin
> 

Thanks for your help.

Yes.  it seems to be a router issue.  host unreachable is the error I'm
getting on the client side.

I've tried the tcpdump. it shows the connections when I'm connecting
from a computer inside the network but nothing is shown if I try
connecting from a computer not on this network which would lead me to
believe that it's a router issue.  

Thanks for your help.

Looks like I'm going to have to figure out what is wrong with this
router.

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell