sudo netstat -anp | grep tcp | grep LISTEN
-a == all
-n == do not resolve dns (slows it down significantly)
-p == show the app opening the socket (requires sudo to enumerate)
grep tcp == look for tcp-based sockets (most apps won't use udp)
grep LISTEN == look at listening sockets, vs established that indicated
something *is* connected
This is a good one to remember, this shows all your "listening"
sockets. Your ssh socket is outbound to another host, but doesn't look
like sshd is listening on port 22, which won't let you in.
TCP/UDP sockets are your door into the system.
mb@host ~ $ sudo netstat -anp | grep tcp | grep ssh
[sudo] password for mb:
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
19847/sshd
tcp6 0 0 :::22 :::* LISTEN 19847/sshd
First is ipv4-based socket, second is ipv6-based. You should see
similar, with 0.0.0.0 meaning it's listening on _all_ interfaces.
-mb
On 07/17/2014 12:28 PM, Michael Havens wrote:
> okay,
> netsstat on the server prints out a lot of data.
> The first section says:
> Active Internet connections (w/o servers)
> Proto Recv-Q Send-Q Local Address Foreign Address State
> tcp 0 0 192.168.0.4:38521 <http://192.168.0.4:38521>
> lax17s01-in-f21.1:https ESTABLISHED
> tcp 0 0 192.168.0.4:36523 <http://192.168.0.4:36523>
> lax17s01-in-f4.1e:https ESTABLISHED
> tcp 0 0 localhost:45886 localhost:53919 ESTABLISHED
> tcp 0 0 localhost:ssh localhost:56545 ESTABLISHED
> tcp 0 0 localhost:44799 localhost:53919 ESTABLISHED
> tcp 0 0 localhost:47157 localhost:53919 ESTABLISHED
> tcp 0 0 localhost:53919 localhost:44799 ESTABLISHED
> tcp 0 0 localhost:53919 localhost:47157 ESTABLISHED
> tcp 0 0 localhost:56545 localhost:ssh ESTABLISHED
> tcp 0 0 localhost:53919 localhost:45886 ESTABLISHED
> tcp 0 0 192.168.0.4:37884 <http://192.168.0.4:37884>
> lax17s01-in-f0.1e:https ESTABLISHED
> tcp 0 0 192.168.0.4:45304 <http://192.168.0.4:45304>
> lax17s01-in-f5.1e:https ESTABLISHED
> tcp 0 0 192.168.0.4:36525 <http://192.168.0.4:36525>
> lax17s01-in-f4.1e:https ESTABLISHED
> tcp6 1 0 ip6-localhost:53614 ip6-localhost:ipp
> CLOSE_WAIT
>
> while the second section says:
> Active UNIX domain sockets (w/o servers)
> Proto RefCnt Flags Type State I-Node Path
> unix 18 [ ] DGRAM 11578 /dev/log
> unix 2 [ ] DGRAM 10914 /var/run/wpa_supplicant/wlan0
> unix 3 [ ] STREAM CONNECTED 343530
> unix 3 [ ] STREAM CONNECTED 198728
> unix 3 [ ] STREAM CONNECTED 198167
> unix 3 [ ] STREAM CONNECTED 198683
> ---edit out a lot of stuff--
>
> while on the remote system netstat prints 7 lines that is basically
> the second section (above).
>
> I'm not sure how to run sshin debug mode but the man page implies to
> run it with the verbose flag:
> :~$ ssh -v mike@192.168.1.101 <mailto:mike@192.168.1.101>
> OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: Applying options for *
> debug1: Connecting to 192.168.1.101 [192.168.1.101] port 22.
> debug1: connect to address 192.168.1.101 port 22: Connection timed out
> ssh: connect to host 192.168.1.101 port 22: Connection timed out
> bmike1@CQ57-1:~$ ssh -vv mike@192.168.1.101 <mailto:mike@192.168.1.101>
> OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to 192.168.1.101 [192.168.1.101] port 22.
> debug1: connect to address 192.168.1.101 port 22: Connection timed out
> ssh: connect to host 192.168.1.101 port 22: Connection timed out
>
>
> :~$ ps -aef | grep sshd
> root 1308 1 0 Jul15 ? 00:00:00 /usr/sbin/sshd -D
> bmike1 19566 4242 0 11:53 pts/2 00:00:00 grep --colour=auto sshd
>
>
> it doesn't seem ssh failed at any point.
>
> :-)~MIKE~(-:
>
>
> On Thu, Jul 17, 2014 at 12:33 AM, James Mcphee <jmcphe@gmail.com
> <mailto:jmcphe@gmail.com>> wrote:
>
> Verify openssh is enabled on the server with netstat. Verify you
> can connect to port 22 from client to server. Run ssh in debug
> mode to see messages. When you hit a point that it fails, then
> you have a better idea of what's wrong.
>
>
> On Wed, Jul 16, 2014 at 9:54 PM, Michael Havens <bmike1@gmail.com
> <mailto:bmike1@gmail.com>> wrote:
>
> okay, so I bought a used computer to do Linux from scratch on.
> Well, I'm going to ssh from my primary computer to the new
> computer but got a 'Connection timed out' error. After
> googling for a bit I discovered ufw was to blame.
>
> after I disabled the firewall I could ssh from 192.168.1.101
> <parasite> to 192.168.0.4 <host>
>
> the error I got going the other way was the connection timed
> out error:
>
> ssh mike@192.168.1.101 <mailto:mike@192.168.1.101>
> ssh: connect to host 192.168.1.101 port 22: Connection timed out
>
> After googling some more I thought perhaps openssh-server
> wasn't installed... but it is. So please.... what is the
> problem? I verifed openssh-client is installed but I don't
> know what it could be. Could you help me out?
> :-)~MIKE~(-:
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> <mailto:PLUG-discuss@lists.phxlinux.org>
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>
>
> --
> James McPhee
> jmcphe@gmail.com <mailto:jmcphe@gmail.com>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> <mailto:PLUG-discuss@lists.phxlinux.org>
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss