[vox-tech] SSH question

[ME]

(Top posting in this case for flow and order of procedure)

As others have covered different parts, I'll try to avoid repeating what
they have written:

Make sure that the ssh service is running:
$ ps -auxw | grep sshd

Make sure it is listening to the ssh port:
$ netstat -a | grep ssh
should give you something like:
tcp        0      0 *:ssh                   *:*                     LISTEN

Make sure the error in connecting is actually from a filtering rule:
$ telnet IP-ADDRESS-OF-SERVER 22
(Example:)
Trying IP-ADDRESS-OF-SERVER...
Connected to HOSTNAME.
Escape character is '^]'.
SSH-2.0-OpenSSH_3.8p1

(Now to exit out of this telnet session, press control hold it down and
then press "]" and then press return and you should see:
telnet>

Then type "quit":
telnet> quit
Connection closed.

If you can't get any response from the telnet, and it just hangs, then you
should first inspect iptables/ipchains and then /etc/hosts.deny as
suggested by Rod and Bill.

If you can connect to the ssh service that is running, and it is ssh that
is disconnecting you, then check out what Pete wrote:

Peter Jay Salzman said:
> Take a look at /etc/ssh.  In particular, /etc/ssh/sshd_config.
>
> Don't forget about your log files.  Make sure there's nothing in auth or
> syslog.  Doubtful it'll be in messages.  Log files should be the first
> thing you look at, even before Googling.
>
> Don't forget about ssh options.  Did you know that ssh has a "verbose"
> option?  Check it out.
>
> Don't forget about tcpdump.  You probably won't learn anything useful
> from it, but you may.  "tcpdump -i ethX tcp port ssh" may tell you
> something interesting.
>
> As Bill said, you can check out the tcpwrapper files, but I doubt that's
> relevent here.
>
> Also, please do not start a new thread by replying to an old one and
> changing the subject line.  Many of us use threaded mailers like mutt.
> It's kinda annoying.  Thanks.