can't ssh from host to remote

Michael Havens bmike1 at gmail.com
Thu Jul 17 14:12:55 MST 2014


it seems I can't ssh from the host to any other computer though I can ssh
from the clients to the host. (tested on two computers). It is strange, the
ip adresses  on the remote boxes seem to have changed. instead of being
192.168.0.x they are now 192.168.1.10x.
gots to go to work now.

:-)~MIKE~(-:


On Thu, Jul 17, 2014 at 1:47 PM, Michael Havens <bmike1 at gmail.com> wrote:

> on the server it says:
>
> tcp        0      0 0.0.0.0:22              0.0.0.0:*
> LISTEN      1308/sshd
> tcp        0      0 127.0.0.1:22            127.0.0.1:56545
> ESTABLISHED 19569/sshd: bmike1
> tcp        0      0 127.0.0.1:56545         127.0.0.1:22
> ESTABLISHED 19568/ssh
> tcp6       0      0 :::22                   :::*
> LISTEN      1308/sshd
>
> while the client says:
>
> tcp        0      0 0.0.0.0:22              0.0.0.0:*
> LISTEN      2546/sshd
> tcp6       0      0 :::22                   :::*
> LISTEN      2546/sshd
>
> so it looks like both are listening.
>
> :-)~MIKE~(-:
>
>
> On Thu, Jul 17, 2014 at 1:04 PM, Michael Butash <michael at butash.net>
> wrote:
>
>>  sudo netstat -anp | grep tcp | grep LISTEN
>>
>> -a == all
>> -n == do not resolve dns (slows it down significantly)
>> -p == show the app opening the socket (requires sudo to enumerate)
>>
>> grep tcp == look for tcp-based sockets (most apps won't use udp)
>> grep LISTEN == look at listening sockets, vs established that indicated
>> something *is* connected
>>
>> This is a good one to remember, this shows all your "listening" sockets.
>> Your ssh socket is outbound to another host, but doesn't look like sshd is
>> listening on port 22, which won't let you in.
>>
>> TCP/UDP sockets are your door into the system.
>>
>> mb at host ~ $ sudo netstat -anp | grep tcp | grep ssh
>> [sudo] password for mb:
>> tcp        0      0 0.0.0.0:22              0.0.0.0:*
>> LISTEN      19847/sshd
>> tcp6       0      0 :::22                   :::*
>> LISTEN      19847/sshd
>>
>> First is ipv4-based socket, second is ipv6-based.  You should see
>> similar, with 0.0.0.0 meaning it's listening on _all_ interfaces.
>>
>> -mb
>>
>>
>>
>> On 07/17/2014 12:28 PM, Michael Havens wrote:
>>
>>     okay,
>>  netsstat on the server prints out a lot of data.
>>  The first section says:
>> Active Internet connections (w/o servers)
>> Proto Recv-Q Send-Q Local Address           Foreign Address
>> State
>> tcp        0      0 192.168.0.4:38521       lax17s01-in-f21.1:https
>> ESTABLISHED
>> tcp        0      0 192.168.0.4:36523       lax17s01-in-f4.1e:https
>> ESTABLISHED
>> tcp        0      0 localhost:45886         localhost:53919
>> ESTABLISHED
>> tcp        0      0 localhost:ssh           localhost:56545
>> ESTABLISHED
>> tcp        0      0 localhost:44799         localhost:53919
>> ESTABLISHED
>> tcp        0      0 localhost:47157         localhost:53919
>> ESTABLISHED
>> tcp        0      0 localhost:53919         localhost:44799
>> ESTABLISHED
>> tcp        0      0 localhost:53919         localhost:47157
>> ESTABLISHED
>> tcp        0      0 localhost:56545         localhost:ssh
>> ESTABLISHED
>> tcp        0      0 localhost:53919         localhost:45886
>> ESTABLISHED
>> tcp        0      0 192.168.0.4:37884       lax17s01-in-f0.1e:https
>> ESTABLISHED
>> tcp        0      0 192.168.0.4:45304       lax17s01-in-f5.1e:https
>> ESTABLISHED
>> tcp        0      0 192.168.0.4:36525       lax17s01-in-f4.1e:https
>> ESTABLISHED
>> tcp6       1      0 ip6-localhost:53614     ip6-localhost:ipp
>> CLOSE_WAIT
>>
>>  while the second section says:
>> Active UNIX domain sockets (w/o servers)
>> Proto RefCnt Flags       Type       State         I-Node   Path
>> unix  18     [ ]         DGRAM                    11578    /dev/log
>> unix  2      [ ]         DGRAM                    10914
>> /var/run/wpa_supplicant/wlan0
>> unix  3      [ ]         STREAM     CONNECTED     343530
>> unix  3      [ ]         STREAM     CONNECTED     198728
>> unix  3      [ ]         STREAM     CONNECTED     198167
>> unix  3      [ ]         STREAM     CONNECTED     198683
>>  ---edit out a lot of stuff--
>>
>>  while on the remote system netstat prints 7 lines that is basically the
>> second section (above).
>>
>>  I'm not sure how to run sshin debug mode but the man page implies to run
>> it with the verbose flag:
>> :~$ ssh -v mike at 192.168.1.101
>> OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
>> debug1: Reading configuration data /etc/ssh/ssh_config
>> debug1: /etc/ssh/ssh_config line 19: Applying options for *
>> debug1: Connecting to 192.168.1.101 [192.168.1.101] port 22.
>> debug1: connect to address 192.168.1.101 port 22: Connection timed out
>> ssh: connect to host 192.168.1.101 port 22: Connection timed out
>> bmike1 at CQ57-1:~$ ssh -vv mike at 192.168.1.101
>> OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
>> debug1: Reading configuration data /etc/ssh/ssh_config
>> debug1: /etc/ssh/ssh_config line 19: Applying options for *
>> debug2: ssh_connect: needpriv 0
>> debug1: Connecting to 192.168.1.101 [192.168.1.101] port 22.
>> debug1: connect to address 192.168.1.101 port 22: Connection timed out
>> ssh: connect to host 192.168.1.101 port 22: Connection timed out
>>
>>
>> :~$ ps -aef | grep sshd
>> root      1308     1  0 Jul15 ?        00:00:00 /usr/sbin/sshd -D
>> bmike1   19566  4242  0 11:53 pts/2    00:00:00 grep --colour=auto sshd
>>
>>
>>  it doesn't seem ssh failed at any point.
>>
>> :-)~MIKE~(-:
>>
>>
>> On Thu, Jul 17, 2014 at 12:33 AM, James Mcphee <jmcphe at gmail.com> wrote:
>>
>>> Verify openssh is enabled on the server with netstat.  Verify you can
>>> connect to port 22 from client to server.  Run ssh in debug mode to see
>>> messages.  When you hit a point that it fails, then you have a better idea
>>> of what's wrong.
>>>
>>>
>>>  On Wed, Jul 16, 2014 at 9:54 PM, Michael Havens <bmike1 at gmail.com>
>>> wrote:
>>>
>>>>   okay, so I bought a used computer to do Linux from scratch on. Well,
>>>> I'm going to ssh from my primary computer to the new computer but got a
>>>> 'Connection timed out' error. After googling for a bit I discovered ufw was
>>>> to blame.
>>>>
>>>> after I disabled the firewall I could ssh from 192.168.1.101 <parasite>
>>>> to 192.168.0.4 <host>
>>>>
>>>> the error I got going the other way was the connection timed out error:
>>>>
>>>> ssh mike at 192.168.1.101
>>>> ssh: connect to host 192.168.1.101 port 22: Connection timed out
>>>>
>>>>  After googling some more I thought perhaps openssh-server wasn't
>>>> installed... but it is. So please.... what is the problem? I verifed
>>>> openssh-client is installed but I don't know what it could be. Could you
>>>> help me out?
>>>>  :-)~MIKE~(-:
>>>>
>>>>  ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>
>>>
>>>
>>>
>>>  --
>>> James McPhee
>>> jmcphe at gmail.com
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20140717/e48f6787/attachment.html>


More information about the PLUG-discuss mailing list