ssh in network

Lisa Kachold lisakachold at obnosis.com
Sun Apr 1 16:08:03 MST 2012 

<snip>

I was googling the 'no route to host' and found a suggestion to add a route
> that poimts to the routerr with the command 'sudo ip route add
> 192.168.1.0/24 dev eth0'. So I thought that sounded good  but after I did
> not only could I not ssh out of the computer but I could no longer ssh into
> the computer. I then tried to remove the route with the command 'sudo ip
> route del 192.168.1.0/24 dev eth0', but that didn't help any. I just
> realized that the ip address is wrong.... my router is 192.168.0.1 but:
>
>   sudo ip route add 192.168.0.1/24 dev eth0
>   RTNETLINK answers: Invalid argument
>

A route add command is not persistent past a reboot or network restart.

Mike, ONE of your systems is on your Wireless and the other is on the
wired?  Sometimes wireless to wired connections take longer than the
timeout values for ssh or scp.  Try putting them both on either wireless or
wired and see if that's more successful?

Timeouts could be why you get a no route to host.

Verify that both boxes have a default route:

# sudo netstat -rn

Verify that both boxes have a listening ssh daemon:

# sudo netstat -antp | grep 22

Make sure you haven't installed DenyHosts or iptables that limits your
connections:

# locate Deny |more
# sudo iptables-save |more

If you don't understand the output post it to the list.

>
> # apt-get install openssh-server
>>
>
> sudo apt-get install openssh-server
> . . .
> openssh-server is already the newest version.
> openssh-server set to manually installed.
>
>
>> You run a ssh server and you use a ssh client as a user.
>>
>> # ssh myusername at targetserverIP
>>
>>>
>>>> # grep Root /etc/ssh/sshd_config <--------------- 'root' not in file
>>>>
>>>
>> Make sure you used "Root" like
>> # sudo grep Root /etc/ssh/sshd_config
>>
>
> there it is..... PermitRootLogin yes
>

Good! You can ssh to this host with root.

>
>  If the connection is seen on the host (but has some problem due to FQN
>>>> (/etc/hosts) or /etc/hosts.allow files, it will be logged in either:
>>>>
>>> Hmmm?  Go look in var log and see what this system logs to:
>>
>> # sudo tail /var/log/syslog
>>
>>>
>>>> bmike1 at Michaels-PC:~$ sudo tail /var/log/messages;sudo tail
> /var/log/syslog
> tail: cannot open `/var/log/messages' for reading: No such file or
> directory
> Apr  1 13:09:46 Michaels-PC ddclient[1763]: WARNING:  file
> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
> Apr  1 13:14:46 Michaels-PC ddclient[1763]: WARNING:  file
> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
> Apr  1 13:17:01 Michaels-PC CRON[8219]: (root) CMD (   cd / && run-parts
> --report /etc/cron.hourly)
> Apr  1 13:19:46 Michaels-PC ddclient[1763]: WARNING:  file
> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
> Apr  1 13:24:46 Michaels-PC ddclient[1763]: WARNING:  file
> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
> Apr  1 13:29:46 Michaels-PC ddclient[1763]: WARNING:  file
> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
> Apr  1 13:34:46 Michaels-PC ddclient[1763]: WARNING:  file
> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
> Apr  1 13:39:46 Michaels-PC ddclient[1763]: WARNING:  file
> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
> Apr  1 13:44:46 Michaels-PC ddclient[1763]: WARNING:  file
> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
> Apr  1 13:49:46 Michaels-PC ddclient[1763]: WARNING:  file
> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
> bmike1 at Michaels-PC:~$
>

What - are you running ddclient for?
If you can't properly resolve DNS, you will not be able to ssh:

Please see this link regarding your ddclient errors:
http://www.linuxquestions.org/questions/linux-wireless-networking-41/wifi-connects-but-no-network-access-but-wired-works-880213/

>
>
>>  Add this to /etc/hosts.allow:
>>>>
>>>>   /etc/hosts.allow looks:
>>>>
>>>> ALL : 127.0.0.1
>>>> sshd : 192.168.0.0/24, 78.207.132.32
>>>>
>>>> This example shows an external address you might want to use to connect
>>>> from outside your internal network (once you open or port forward port 22).
>>>>
>>>> This is the hosts.allow file that I added. Does this look right?
>
> ALL : 127.0.0.1
> sshd : 192.168.0.0/24, 192.168.0.1/24, 192.168.0.2/24, 192.168.0.3/24,
> 192.168.$ <this goes on to x.y.z.10/24>
> #shows address to use from outside of network#, 78.207.132.32
>

No, you need that 78.207.132.32 on the SAME line with either ALL or sshd:
or commented out.

And 192.168.$ might cause problems.  Change it to a safe entry:
############cut here############
ALL : 127.0.0.1
sshd : 192.168.0.0/16, 78.207.132.32 <http://192.168.0.0/24>
###########end ###############

Make sure you did this:

>   Now the /etc/hosts.deny file:
>>>>
>>>> ALL : ALL
>>>>
>>>>
>>>
>>> Do this and your apt-get/aptitude will be fixed:
>>
>> # sudo apt-get install make
>>
>>
>>
> make is already its current version
>

# sudo apt-get update

Also setup your /etc/hosts file on both servers following these suggestions:
http://linux.about.com/od/commands/l/blcmdl5_hosts.htm

Should look like this (except with all your hostnames on your network - be
sure to put the same one on all your linux boxes):

 127.0.0.1       localhost
 192.168.1.10    foo.mydomain.org       foo
 192.168.1.13    bar.mydomain.org       bar



-- 
(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20120401/6caaf7e4/attachment.html>

More information about the PLUG-discuss mailing list