ssh problems

John jharitos at yahoo.com
Mon Nov 17 21:15:52 MST 2008 

You need to configure the router to forward the port 22 to the LAN IP that you're trying to connect to.

Since 22 is the default ssh port, I changed mine to forward to a different port to since I read somewhere this was better to do. If you do this, you need to change the port in the /etc/ssh/sshd_config file and then restart ssh. You then want to do $ssh -p 222 username at I.P. where 222 is the port number.


--- On Mon, 11/17/08, Mike Hoy <mhoy06 at gmail.com> wrote:

> From: Mike Hoy <mhoy06 at gmail.com>
> Subject: Re: ssh problems
> To: "Main PLUG discussion list" <plug-discuss at lists.plug.phoenix.az.us>
> Date: Monday, November 17, 2008, 9:34 PM
> Lisa,
> 
> Thanks for in depth response. I'm gonna stop on #2
> because I went to
> that site and typed in port 22 and it replied with:
> "that We completed
> the audit and did not find any open ports.
> This is ideal for the average visitor."
> 
> So apparently port 22 is not 'open'. Does that mean
> I need to
> configure my router or is it something on my computer?
> 
> On Mon, Nov 17, 2008 at 8:26 PM, Lisa Kachold
> <lisakachold at obnosis.com> wrote:
> > 1) Check your Local Router port forwarding/triggering.
> >
> > 2) Verify that port 22 is open:
> >
> > http://www.auditmypc.com/firewall-test.asp
> >
> > 3) Verify that /etc/ssh/sshd_conf has:
> >
> > a) Protocol 2
> > b) Root access disabled
> >
> > PermitRootLogin                 no
> >
> > c) Listen on 0.0.0.0
> > d) Keys setup.
> >
> > http://www.linuxsecure.de/index.php?action=33
> >
> > 4) If you are in fact opening up SSH to the internet,
> you should optimally
> > setup:
> >
> > a) IPTABLES SSH protection rule:  (NOTE if you have
> Suse or RHEL your
> > iptables are probably setup differently).
> >
> > # /sbin/iptables-save >/root/iptables.last
> > # vi /root/iptables.last
> >
> > Verify you have all the basics...and add at bottom:
> >
> > -A INPUT -i eth0 -p tcp --dport 22 -m state --state
> NEW -m recent --set
> > --name SSH
> > -A INPUT -i eth0 -p tcp --dport 22 -m state --state
> NEW -m recent --update
> > --seconds 60 --hitcount 8 --rttl --name SSH -j DROP
> >
> > then enter
> > # /sbin/iptables-restore </root/iptables.last
> >
> > You can also just drop this into the command line:
> >
> > # sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -m
> state --state NEW -m
> > recent --set --name SSH
> > # sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -m
> state --state NEW -m
> > recent --update --seconds 60 --hitcount 8 --rttl
> --name SSH -j DROP
> >
> > Be sure to save this for persistence (next restart
> survival):
> >
> > # /etc/init.d/iptables save
> >
> >
> http://kevin.vanzonneveld.net/techblog/article/block_brute_force_attacks_with_iptables/
> >
> >
> > b) Sshutout or SSHIT  wrapper for dictionary and brute
> force attacks:
> >
> > http://www.techfinesse.com/sshutout/sshutout.html
> >
> >
> > 5) Still not working?
> >
> > a) Check SELINUX
> >
> > b) Check the logs on the server.
> >
> > c) Run a sniffer and watch while you try.
> >
> > # tcpdump >file
> > # grep $login file
> >
> > Obnosis.com | 
> http://en.wiktionary.org/wiki/Citations:obnosis |
> > http://www.urbandictionary.com/define.php?term=obnosis
> (503)754-4452
> > ________________________________
> >> From: phrkonaleash at gmail.com
> >> To: plug-discuss at lists.plug.phoenix.az.us
> >> Subject: Re: ssh problems
> >> Date: Mon, 17 Nov 2008 19:56:00 -0700
> >>
> >> On Mon November 17 2008 07:44:11 pm Mike Hoy
> wrote:
> >> > Hi,
> >> >
> >> > I just set up ssh server on this computer and
> was able to connect like
> >> > this:
> >> >
> >> > ssh localhost
> >> >
> >> > and from my laptop connected to the same
> router like this
> >> >
> >> > ssh username at 192.168.1.100
> >> >
> >> > Now I take it that I'm going to need my
> real ip address so I tried
> >> > that and I got
> >> >
> >> > ssh: connect to host IP_ADDRESS port 22:
> Connection refused
> >> >
> >> > I thought it may have something to do with my
> router so I forwarded
> >> > port 22 to this machine and same error. Any
> thoughts as to what's
> >> > going on? I need to be able to connect to
> this machine from work
> >> > tomorrow.
> >>
> >> Hi MIke,
> >>
> >> There are two problems most likely, imo... DHCP is
> giving you a new ip
> >> address
> >> (either on the router or your ISP) or that our ISP
> simply does not allow
> >> you
> >> to connect to port 22... This is common on port 80
> but i am not so sure on
> >> 22.
> >>
> >> try doing a traceroute on it, and when the trace
> dies, do an nslookup on
> >> that
> >> site and see if that's one of your ISP's
> then call them up and bitch em
> >> out.
> >>
> >> if you think it may be a dhcp problem try a
> dynamic dns service like
> >> dyndns.org (I use it quite wonderfully, with a
> package called ddclient in
> >> debian apt) If you don't have a domain name on
> your system this will
> >> provide
> >> you with a free *.dyndns.org domain name, which
> again, quite nice
> >>
> >> If these don't work for you, someone else will
> help :)
> >>
> >> ~Ryan
> >>
> >>
> >> --
> >> Thanks and best regards,
> >> Ryan Rix
> >> TamsPalm - The PalmOS Blog
> >>
> >> I begin to wonder if randomized sigs really
> accomplish anything.
> >>
> >>
> >>
> >
> > ________________________________
> > Stay up to date on your PC, the Web, and your mobile
> phone with Windows Live
> > Click here
> > ---------------------------------------------------
> > PLUG-discuss mailing list -
> PLUG-discuss at lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change your mail
> settings:
> >
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> 
> 
> 
> -- 
> Mike Hoy
> ---------------------------------------------------
> PLUG-discuss mailing list -
> PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

More information about the PLUG-discuss mailing list