can't ssh from host to remote
Michael Havens
bmike1 at gmail.com
Thu Jul 17 14:12:55 MST 2014
it seems I can't ssh from the host to any other computer though I can ssh
from the clients to the host. (tested on two computers). It is strange, the
ip adresses on the remote boxes seem to have changed. instead of being
192.168.0.x they are now 192.168.1.10x.
gots to go to work now.
:-)~MIKE~(-:
On Thu, Jul 17, 2014 at 1:47 PM, Michael Havens <bmike1 at gmail.com> wrote:
> on the server it says:
>
> tcp 0 0 0.0.0.0:22 0.0.0.0:*
> LISTEN 1308/sshd
> tcp 0 0 127.0.0.1:22 127.0.0.1:56545
> ESTABLISHED 19569/sshd: bmike1
> tcp 0 0 127.0.0.1:56545 127.0.0.1:22
> ESTABLISHED 19568/ssh
> tcp6 0 0 :::22 :::*
> LISTEN 1308/sshd
>
> while the client says:
>
> tcp 0 0 0.0.0.0:22 0.0.0.0:*
> LISTEN 2546/sshd
> tcp6 0 0 :::22 :::*
> LISTEN 2546/sshd
>
> so it looks like both are listening.
>
> :-)~MIKE~(-:
>
>
> On Thu, Jul 17, 2014 at 1:04 PM, Michael Butash <michael at butash.net>
> wrote:
>
>> sudo netstat -anp | grep tcp | grep LISTEN
>>
>> -a == all
>> -n == do not resolve dns (slows it down significantly)
>> -p == show the app opening the socket (requires sudo to enumerate)
>>
>> grep tcp == look for tcp-based sockets (most apps won't use udp)
>> grep LISTEN == look at listening sockets, vs established that indicated
>> something *is* connected
>>
>> This is a good one to remember, this shows all your "listening" sockets.
>> Your ssh socket is outbound to another host, but doesn't look like sshd is
>> listening on port 22, which won't let you in.
>>
>> TCP/UDP sockets are your door into the system.
>>
>> mb at host ~ $ sudo netstat -anp | grep tcp | grep ssh
>> [sudo] password for mb:
>> tcp 0 0 0.0.0.0:22 0.0.0.0:*
>> LISTEN 19847/sshd
>> tcp6 0 0 :::22 :::*
>> LISTEN 19847/sshd
>>
>> First is ipv4-based socket, second is ipv6-based. You should see
>> similar, with 0.0.0.0 meaning it's listening on _all_ interfaces.
>>
>> -mb
>>
>>
>>
>> On 07/17/2014 12:28 PM, Michael Havens wrote:
>>
>> okay,
>> netsstat on the server prints out a lot of data.
>> The first section says:
>> Active Internet connections (w/o servers)
>> Proto Recv-Q Send-Q Local Address Foreign Address
>> State
>> tcp 0 0 192.168.0.4:38521 lax17s01-in-f21.1:https
>> ESTABLISHED
>> tcp 0 0 192.168.0.4:36523 lax17s01-in-f4.1e:https
>> ESTABLISHED
>> tcp 0 0 localhost:45886 localhost:53919
>> ESTABLISHED
>> tcp 0 0 localhost:ssh localhost:56545
>> ESTABLISHED
>> tcp 0 0 localhost:44799 localhost:53919
>> ESTABLISHED
>> tcp 0 0 localhost:47157 localhost:53919
>> ESTABLISHED
>> tcp 0 0 localhost:53919 localhost:44799
>> ESTABLISHED
>> tcp 0 0 localhost:53919 localhost:47157
>> ESTABLISHED
>> tcp 0 0 localhost:56545 localhost:ssh
>> ESTABLISHED
>> tcp 0 0 localhost:53919 localhost:45886
>> ESTABLISHED
>> tcp 0 0 192.168.0.4:37884 lax17s01-in-f0.1e:https
>> ESTABLISHED
>> tcp 0 0 192.168.0.4:45304 lax17s01-in-f5.1e:https
>> ESTABLISHED
>> tcp 0 0 192.168.0.4:36525 lax17s01-in-f4.1e:https
>> ESTABLISHED
>> tcp6 1 0 ip6-localhost:53614 ip6-localhost:ipp
>> CLOSE_WAIT
>>
>> while the second section says:
>> Active UNIX domain sockets (w/o servers)
>> Proto RefCnt Flags Type State I-Node Path
>> unix 18 [ ] DGRAM 11578 /dev/log
>> unix 2 [ ] DGRAM 10914
>> /var/run/wpa_supplicant/wlan0
>> unix 3 [ ] STREAM CONNECTED 343530
>> unix 3 [ ] STREAM CONNECTED 198728
>> unix 3 [ ] STREAM CONNECTED 198167
>> unix 3 [ ] STREAM CONNECTED 198683
>> ---edit out a lot of stuff--
>>
>> while on the remote system netstat prints 7 lines that is basically the
>> second section (above).
>>
>> I'm not sure how to run sshin debug mode but the man page implies to run
>> it with the verbose flag:
>> :~$ ssh -v mike at 192.168.1.101
>> OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
>> debug1: Reading configuration data /etc/ssh/ssh_config
>> debug1: /etc/ssh/ssh_config line 19: Applying options for *
>> debug1: Connecting to 192.168.1.101 [192.168.1.101] port 22.
>> debug1: connect to address 192.168.1.101 port 22: Connection timed out
>> ssh: connect to host 192.168.1.101 port 22: Connection timed out
>> bmike1 at CQ57-1:~$ ssh -vv mike at 192.168.1.101
>> OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
>> debug1: Reading configuration data /etc/ssh/ssh_config
>> debug1: /etc/ssh/ssh_config line 19: Applying options for *
>> debug2: ssh_connect: needpriv 0
>> debug1: Connecting to 192.168.1.101 [192.168.1.101] port 22.
>> debug1: connect to address 192.168.1.101 port 22: Connection timed out
>> ssh: connect to host 192.168.1.101 port 22: Connection timed out
>>
>>
>> :~$ ps -aef | grep sshd
>> root 1308 1 0 Jul15 ? 00:00:00 /usr/sbin/sshd -D
>> bmike1 19566 4242 0 11:53 pts/2 00:00:00 grep --colour=auto sshd
>>
>>
>> it doesn't seem ssh failed at any point.
>>
>> :-)~MIKE~(-:
>>
>>
>> On Thu, Jul 17, 2014 at 12:33 AM, James Mcphee <jmcphe at gmail.com> wrote:
>>
>>> Verify openssh is enabled on the server with netstat. Verify you can
>>> connect to port 22 from client to server. Run ssh in debug mode to see
>>> messages. When you hit a point that it fails, then you have a better idea
>>> of what's wrong.
>>>
>>>
>>> On Wed, Jul 16, 2014 at 9:54 PM, Michael Havens <bmike1 at gmail.com>
>>> wrote:
>>>
>>>> okay, so I bought a used computer to do Linux from scratch on. Well,
>>>> I'm going to ssh from my primary computer to the new computer but got a
>>>> 'Connection timed out' error. After googling for a bit I discovered ufw was
>>>> to blame.
>>>>
>>>> after I disabled the firewall I could ssh from 192.168.1.101 <parasite>
>>>> to 192.168.0.4 <host>
>>>>
>>>> the error I got going the other way was the connection timed out error:
>>>>
>>>> ssh mike at 192.168.1.101
>>>> ssh: connect to host 192.168.1.101 port 22: Connection timed out
>>>>
>>>> After googling some more I thought perhaps openssh-server wasn't
>>>> installed... but it is. So please.... what is the problem? I verifed
>>>> openssh-client is installed but I don't know what it could be. Could you
>>>> help me out?
>>>> :-)~MIKE~(-:
>>>>
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>
>>>
>>>
>>>
>>> --
>>> James McPhee
>>> jmcphe at gmail.com
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>>
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20140717/e48f6787/attachment.html>
More information about the PLUG-discuss
mailing list