Good Job Michael!  You have negotiated the ufw.  Keep in mind that you would not want to open all this on a traveling laptop (since it would expose trusted services to all).  Now just because you have opened the ports on one system, you can't be sure they are actually "seen" from the other system without a test?

From the other system, now run:

# nmap $thissystem

Did you see 22 tcp  open from the other system NOW?

Make sure it's enabled for the service via ufw (on the target system):

# sudo ufw allow ssh

It appears that your ssh is timing out, but the logs can tell you why:

On the target system:

# tail /var/log/messages
or
# tail /var/log/secure

Sshd is setup by default for strict host checking, so you MUST have an acceptable /etc/hosts file configuration:

There must be a hostname that matches your host entry, which matches your IP address.

EXAMPLE

       127.0.0.1       localhost
       192.168.1.10    foo.mydomain.org       foo
       192.168.1.13    bar.mydomain.org       bar
       146.82.138.7    master.debian.org      master
       209.237.226.90  www.opensource.org


Reference:  http://manpages.ubuntu.com/manpages/jaunty/man5/hosts.5.html
You can also do a couple of ssh daemon "hacks", by editing the /etc/ssh/sshd_config file:

a) Allow root ssh (which is disallowed by default) [What command are you running from the other system to get here?  As root?]:

Find out line that read as follows:
PermitRootLogin no
Set it as follows:
PermitRootLogin yes

b) Disable Strict
StrictHostKeyChecking yes
set it as follows:
StrictHostKeyChecking no

c)  Change/extend the timeouts:

ServerAliveInterval 100

These changes can be used to provide more information on why you are not connecting.

ALWAYS remember to copy your original CONFIGS to backup before editing so you can seamlessly roll forward and back.
 
Don't forget to restart ssh daemon after making configuration changes!

On Fri, Mar 16, 2012 at 11:00 PM, James Mcphee <jmcphe@gmail.com> wrote:

if you're opening that much, just disable iptables until you figure out what you need to leave open.

On Mar 16, 2012 6:06 PM, "Michael Havens" <bmike1@gmail.com> wrote:
     hmmmmmm..... opening the ports didn't help any. I opened:

bmike1@Michaels-PC:~$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
137                        ALLOW       Anywhere
138                        ALLOW       Anywhere
139                        ALLOW       Anywhere
445                        ALLOW       Anywhere
389                        ALLOW       Anywhere
901                        ALLOW       Anywhere
53                         ALLOW       Anywhere
80                         ALLOW       Anywhere
110                        ALLOW       Anywhere
143                        ALLOW       Anywhere
443                        ALLOW       Anywhere
631                        ALLOW       Anywhere
993                        ALLOW       Anywhere
995                        ALLOW       Anywhere
5800                       ALLOW       Anywhere
5900                       ALLOW       Anywhere
9418                       ALLOW       Anywhere
8080                       ALLOW       Anywhere
22                         ALLOW       Anywhere (v6)
137                        ALLOW       Anywhere (v6)
138                        ALLOW       Anywhere (v6)
139                        ALLOW       Anywhere (v6)
445                        ALLOW       Anywhere (v6)
389                        ALLOW       Anywhere (v6)
901                        ALLOW       Anywhere (v6)
53                         ALLOW       Anywhere (v6)
80                         ALLOW       Anywhere (v6)
110                        ALLOW       Anywhere (v6)
143                        ALLOW       Anywhere (v6)
443                        ALLOW       Anywhere (v6)
631                        ALLOW       Anywhere (v6)
993                        ALLOW       Anywhere (v6)
995                        ALLOW       Anywhere (v6)
5800                       ALLOW       Anywhere (v6)
5900                       ALLOW       Anywhere (v6)
9418                       ALLOW       Anywhere (v6)
8080                       ALLOW       Anywhere (v6)

bmike1@Michaels-PC:~$


     What else do you think I should open?    


On Fri, Mar 16, 2012 at 10:44 AM, Michael Havens <bmike1@gmail.com> wrote:
look what I found in my quest to open ports for printing: I found a program called ufw which is a 'program for managing a netfilter firewall.' And one of the commands is:

       ufw allow 53
       This  rule  will allow tcp and udp port 53 to any address on this
       host.

Which is the printers port?... of course 631. my search engine is givong me another: 515? But both of my computers print.
Do you know if I can specify more than one port in the command? oops... I just found the correct syntax:
     ufw allow 18:25,50:110,130:150,389:445,
631,900:1000,5800:5900,8080,9418
the man page says I'm allowed 15 numbers in there. No spaces, separated by a coma, and ranges (x:y ) count as two numbers.

What other ports does the great brain known as PLUG believe is good to open?
I think ufw is basically a program to make iptables easier. Or do you want to give me a tutelage on iptables. I'm willing if you are! Does anyone have any pointers about ufw?

ufw probably is an acronym for unix fire wall. or perhaps ubuntu fire wall.



--
(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com