[vox-tech] SSH On Home Network
Jim Angstadt
vox-tech@lists.lugod.org
Mon, 10 Mar 2003 15:29:16 -0800 (PST)
Hi Mike,
Here is the output you requested. Thanks for the
directions.
Jim
--- Mike Simons <msimons@moria.simons-clan.com> wrote:
> On Mon, Mar 10, 2003 at 02:28:44PM -0800, Jim
> Angstadt wrote:
> > Immediately after failed ssh attempts, I did not
> find
> > any error messages in /var/log/messages.
> >
> > Below is a summary of my attempts to connect
> between
> > various boxes. What should I do?
>
> There are a number of possible problems... most
> likely you have some
> sort of firewall configuration running on the redhat
> box or maybe
> sshd is configured to only accept connections with
> specific version of
> ssh protocol.
>
> run and send results.
> ====
> iptables -nvL
Chain INPUT (policy ACCEPT 8045 packets, 9116K bytes)
pkts bytes target prot opt in out source
destination
11039 9473K RH-Lokkit-0-50-INPUT all -- * *
0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 7697 packets, 1015K bytes)
pkts bytes target prot opt in out source
destination
Chain RH-Lokkit-0-50-INPUT (1 references)
pkts bytes target prot opt in out source
destination
3 597 ACCEPT udp -- * *
204.127.202.4 0.0.0.0/0 udp spt:53
dpts:1025:65535
138 30741 ACCEPT udp -- * *
216.148.227.68 0.0.0.0/0 udp spt:53
dpts:1025:65535
16 960 ACCEPT tcp -- * *
0.0.0.0/0 0.0.0.0/0 tcp dpt:80
flags:0x16/0x02
0 0 ACCEPT tcp -- * *
0.0.0.0/0 0.0.0.0/0 tcp dpt:21
flags:0x16/0x02
0 0 ACCEPT tcp -- * *
0.0.0.0/0 0.0.0.0/0 tcp dpt:22
flags:0x16/0x02
5 1904 ACCEPT udp -- eth0 *
0.0.0.0/0 0.0.0.0/0 udp spts:67:68
dpts:67:68
0 0 ACCEPT udp -- eth1 *
0.0.0.0/0 0.0.0.0/0 udp spts:67:68
dpts:67:68
1367 121K ACCEPT all -- lo *
0.0.0.0/0 0.0.0.0/0
6 360 REJECT tcp -- * *
0.0.0.0/0 0.0.0.0/0 tcp
dpts:0:1023 flags:0x16/0x02 reject-with
icmp-port-unreachable
0 0 REJECT tcp -- * *
0.0.0.0/0 0.0.0.0/0 tcp dpt:2049
flags:0x16/0x02 reject-with icmp-port-unreachable
1459 202K REJECT udp -- * *
0.0.0.0/0 0.0.0.0/0 udp
dpts:0:1023 reject-with icmp-port-unreachable
0 0 REJECT udp -- * *
0.0.0.0/0 0.0.0.0/0 udp dpt:2049
reject-with icmp-port-unreachable
0 0 REJECT tcp -- * *
0.0.0.0/0 0.0.0.0/0 tcp
dpts:6000:6009 flags:0x16/0x02 reject-with
icmp-port-unreachable
0 0 REJECT tcp -- * *
0.0.0.0/0 0.0.0.0/0 tcp dpt:7100
flags:0x16/0x02 reject-with icmp-port-unreachable
> ifconfig
eth0 Link encap:Ethernet HWaddr
00:09:5B:1A:31:9A
inet addr:192.168.0.3 Bcast:192.168.0.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500
Metric:1
RX packets:9921 errors:0 dropped:0
overruns:0 frame:0
TX packets:6376 errors:0 dropped:0
overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:9503575 (9.0 Mb) TX bytes:983743
(960.6 Kb)
Interrupt:11 Base address:0xf000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1403 errors:0 dropped:0
overruns:0 frame:0
TX packets:1403 errors:0 dropped:0
overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:123305 (120.4 Kb) TX bytes:123305
(120.4 Kb)
> grep ^Protocol /etc/ssh/sshd*
There is no output from this command.
/etc/ssh/sshd_config has only 3 uncommented lines:
SyslogFacility AUTHPRIV
X11Forwarding yes
Subsystem sftp /usr/libexec/openssh/sftp-server
There are no other matches for sshd*
> ====
>
> Also for additional information try a "ssh -v" to
> connect from your
> rh7.2 box and include a ifconfig.
Script started on Mon Mar 10 15:20:06 2003
ssh -v ja@192.168.0.11
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL
0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating
port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 0 anon 1
debug1: Connecting to 192.168.0.11 [192.168.0.11] port
22.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: connect: No route to host
debug1: restore_uid
debug1: Trying again...
debug1: Connecting to 192.168.0.11 [192.168.0.11] port
22.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: connect: No route to host
debug1: restore_uid
debug1: Trying again...
debug1: Connecting to 192.168.0.11 [192.168.0.11] port
22.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: connect: No route to host
debug1: restore_uid
debug1: Trying again...
debug1: Connecting to 192.168.0.11 [192.168.0.11] port
22.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: connect: No route to host
debug1: restore_uid
Secure connection to 192.168.0.11 refused.
�]0;ja@localhost:~[ja@localhost ja]$ exit
Script done on Mon Mar 10 15:21:00 2003
/sbin/ifconfig from my rh7.2 box to rh8.0 box:
eth0 Link encap:Ethernet HWaddr
00:C0:F0:5C:02:8C
inet addr:192.168.0.10 Bcast:192.168.0.255
Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MTU:1500
Metric:1
RX packets:537939 errors:1 dropped:0
overruns:0 frame:0
TX packets:672055 errors:1 dropped:0
overruns:0 carrier:1
collisions:0 txqueuelen:100
RX bytes:275057475 (262.3 Mb) TX
bytes:574089494 (547.4 Mb)
Interrupt:9 Base address:0x5f00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:5129 errors:0 dropped:0
overruns:0 frame:0
TX packets:5129 errors:0 dropped:0
overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1817989 (1.7 Mb) TX bytes:1817989
(1.7 Mb)
>
> TTFN,
> Mike
> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/