Re: ssh in network

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Michael Havens
Date:  
To: Main PLUG discussion list
Subject: Re: ssh in network
I'm doing your suggestions right now..... I don't know how I missed them
but after I sent the reply you are responding to I noticed them and started
the implemetation of them. I did reboot and still ssh doesn't work. Just
wait until you get the response to your suggestion email. Sorry about the
confusion.

On Sun, Apr 1, 2012 at 4:50 PM, Lisa Kachold <>wrote:

> Michael, did you follow every suggestion in the last email?
>
> Reboot
> check and verify network and ssh daemons including default routes on both
> machines
> verify that you have the right settings in your /etc/hosts.allow and
> /etc/hosts.deny files on both servers
> add /etc/hosts entries for all your machines
> verify that you don't have a DenyHost or iptables running
> Test your ssh again
>
> Also:
> run apt-get update
> look at why you are using ddclient and why it's failing [from the link I
> sent]
>
> ??
>
>
> On Sun, Apr 1, 2012 at 4:18 PM, Michael Havens <> wrote:
>
>> Now, instead of the 'no route to host' error I get a 'connection
>> refused'. I still can't ssh to the ubuntu machine. it times out.
>>
>> On Sun, Apr 1, 2012 at 4:08 PM, Lisa Kachold <>wrote:
>>
>>> <snip>
>>>
>>> I was googling the 'no route to host' and found a suggestion to add a
>>>> route that poimts to the routerr with the command 'sudo ip route add
>>>> 192.168.1.0/24 dev eth0'. So I thought that sounded good but after I
>>>> did not only could I not ssh out of the computer but I could no longer ssh
>>>> into the computer. I then tried to remove the route with the command 'sudo
>>>> ip route del 192.168.1.0/24 dev eth0', but that didn't help any. I
>>>> just realized that the ip address is wrong.... my router is 192.168.0.1 but:
>>>>
>>>> sudo ip route add 192.168.0.1/24 dev eth0
>>>> RTNETLINK answers: Invalid argument
>>>>
>>>
>>> A route add command is not persistent past a reboot or network restart.
>>>
>>> Mike, ONE of your systems is on your Wireless and the other is on the
>>> wired? Sometimes wireless to wired connections take longer than the
>>> timeout values for ssh or scp. Try putting them both on either wireless or
>>> wired and see if that's more successful?
>>>
>>> Timeouts could be why you get a no route to host.
>>>
>>> Verify that both boxes have a default route:
>>>
>>> # sudo netstat -rn
>>>
>>> Verify that both boxes have a listening ssh daemon:
>>>
>>> # sudo netstat -antp | grep 22
>>>
>>> Make sure you haven't installed DenyHosts or iptables that limits your
>>> connections:
>>>
>>> # locate Deny |more
>>> # sudo iptables-save |more
>>>
>>> If you don't understand the output post it to the list.
>>>
>>>>
>>>> # apt-get install openssh-server
>>>>>
>>>>
>>>> sudo apt-get install openssh-server
>>>> . . .
>>>> openssh-server is already the newest version.
>>>> openssh-server set to manually installed.
>>>>
>>>>
>>>>> You run a ssh server and you use a ssh client as a user.
>>>>>
>>>>> # ssh myusername@targetserverIP
>>>>>
>>>>>>
>>>>>>> # grep Root /etc/ssh/sshd_config <--------------- 'root' not in file
>>>>>>>
>>>>>>
>>>>> Make sure you used "Root" like
>>>>> # sudo grep Root /etc/ssh/sshd_config
>>>>>
>>>>
>>>> there it is..... PermitRootLogin yes
>>>>
>>>
>>> Good! You can ssh to this host with root.
>>>
>>>>
>>>> If the connection is seen on the host (but has some problem due to
>>>>>>> FQN (/etc/hosts) or /etc/hosts.allow files, it will be logged in either:
>>>>>>>
>>>>>> Hmmm? Go look in var log and see what this system logs to:
>>>>>
>>>>> # sudo tail /var/log/syslog
>>>>>
>>>>>>
>>>>>>> bmike1@Michaels-PC:~$ sudo tail /var/log/messages;sudo tail
>>>> /var/log/syslog
>>>> tail: cannot open `/var/log/messages' for reading: No such file or
>>>> directory
>>>> Apr 1 13:09:46 Michaels-PC ddclient[1763]: WARNING: file
>>>> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
>>>> Apr 1 13:14:46 Michaels-PC ddclient[1763]: WARNING: file
>>>> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
>>>> Apr 1 13:17:01 Michaels-PC CRON[8219]: (root) CMD ( cd / &&
>>>> run-parts --report /etc/cron.hourly)
>>>> Apr 1 13:19:46 Michaels-PC ddclient[1763]: WARNING: file
>>>> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
>>>> Apr 1 13:24:46 Michaels-PC ddclient[1763]: WARNING: file
>>>> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
>>>> Apr 1 13:29:46 Michaels-PC ddclient[1763]: WARNING: file
>>>> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
>>>> Apr 1 13:34:46 Michaels-PC ddclient[1763]: WARNING: file
>>>> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
>>>> Apr 1 13:39:46 Michaels-PC ddclient[1763]: WARNING: file
>>>> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
>>>> Apr 1 13:44:46 Michaels-PC ddclient[1763]: WARNING: file
>>>> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
>>>> Apr 1 13:49:46 Michaels-PC ddclient[1763]: WARNING: file
>>>> /etc/ddclient.conf, line 8: Invalid Value for keyword 'login' = ''
>>>> bmike1@Michaels-PC:~$
>>>>
>>>
>>> What - are you running ddclient for?
>>> If you can't properly resolve DNS, you will not be able to ssh:
>>>
>>> Please see this link regarding your ddclient errors:
>>>
>>> http://www.linuxquestions.org/questions/linux-wireless-networking-41/wifi-connects-but-no-network-access-but-wired-works-880213/
>>>
>>>>
>>>>
>>>>> Add this to /etc/hosts.allow:
>>>>>>>
>>>>>>> /etc/hosts.allow looks:
>>>>>>>
>>>>>>> ALL : 127.0.0.1
>>>>>>> sshd : 192.168.0.0/24, 78.207.132.32
>>>>>>>
>>>>>>> This example shows an external address you might want to use to
>>>>>>> connect from outside your internal network (once you open or port forward
>>>>>>> port 22).
>>>>>>>
>>>>>>> This is the hosts.allow file that I added. Does this look right?
>>>>
>>>> ALL : 127.0.0.1
>>>> sshd : 192.168.0.0/24, 192.168.0.1/24, 192.168.0.2/24, 192.168.0.3/24,
>>>> 192.168.$ <this goes on to x.y.z.10/24>
>>>> #shows address to use from outside of network#, 78.207.132.32
>>>>
>>>
>>> No, you need that 78.207.132.32 on the SAME line with either ALL or
>>> sshd: or commented out.
>>>
>>> And 192.168.$ might cause problems. Change it to a safe entry:
>>> ############cut here############
>>> ALL : 127.0.0.1
>>> sshd : 192.168.0.0/16, 78.207.132.32 <http://192.168.0.0/24>
>>> ###########end ###############
>>>
>>> Make sure you did this:
>>>
>>>> Now the /etc/hosts.deny file:
>>>>>>>
>>>>>>> ALL : ALL
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> Do this and your apt-get/aptitude will be fixed:
>>>>>
>>>>> # sudo apt-get install make
>>>>>
>>>>>
>>>>>
>>>> make is already its current version
>>>>
>>>
>>> # sudo apt-get update
>>>
>>> Also setup your /etc/hosts file on both servers following these
>>> suggestions:
>>> http://linux.about.com/od/commands/l/blcmdl5_hosts.htm
>>>
>>> Should look like this (except with all your hostnames on your network -
>>> be sure to put the same one on all your linux boxes):
>>>
>>>  127.0.0.1       localhost
>>>  192.168.1.10    foo.mydomain.org       foo
>>>  192.168.1.13    bar.mydomain.org       bar

>>>
>>>
>>>
>>> --
>>> (503) 754-4452 Android
>>> (623) 239-3392 Skype
>>> (623) 688-3392 Google Voice
>>> **
>>> it-clowns.com
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list -
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>>
>>
>>
>>
>> --
>> :-)~MIKE~(-:
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list -
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
>
>
>
> --
> (503) 754-4452 Android
> (623) 239-3392 Skype
> (623) 688-3392 Google Voice
> **
> it-clowns.com
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>




--
:-)~MIKE~(-:
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss