SSH connectivity issues

wvrhlu · 04-01-2003, 02:23 PM

I am running OpenSSH_3.4p1(SSH protocols 1.5/2.0) on Red Hat 8. From the box, I can connect back with ssh using the IP address. If I try to connect (using command line or putty) from any other server I either get a timeout or connection refused by peer.

I verified the sshd_config file against another machine with a similar install that has ssh running fine, and it checked out.

I verified that ssh is listening on port 22.

Any ideas?

iceman47 · 04-01-2003, 02:24 PM

firewall/router?

david_ross · 04-01-2003, 02:25 PM

Any firewalls running?

wvrhlu · 04-01-2003, 02:26 PM

Nope. Not yet...

iceman47 · 04-01-2003, 02:28 PM

some ISP's block services on known ports like 21,22,23,80,... try running ssh on a higher unused port

david_ross · 04-01-2003, 02:29 PM

Quote:

Originally posted by wvrhlu
Nope. Not yet...

Are you including software firewalls on the linux box?

ipchains -L
or
iptables -L

Should show you a list of any.

wvrhlu · 04-01-2003, 02:44 PM

We looked at 'iptables -L' which returned several REJECTs. Then ran 'iptables -F' and now I can connect. Thanks.

Now I just need to work on iptables config...

Hube · 04-01-2003, 02:45 PM

nope not yet???

Firewall = no???
router =no???

You need both firewall and router to be open for port 22.

Do you connect your Linux box directly to the internet via a cable modem or are you dialup?

You are not running a firewall? if the answer to that question is yes, then get the firewall running NOW and forget about ssh until you've done the firewall...

Hube

david_ross · 04-01-2003, 02:46 PM

With RedHat you can run "lokkit" as root - it will lead you through setting the rules.

Hube · 04-01-2003, 02:52 PM

or edit:

/etc/sysconfig/iptables

It resaonably easy to understand

noizez · 04-01-2003, 08:29 PM

I'm having trouble with this same thing.

I tried using chkconfig to turn iptables off and it is showing iptables as being off on all levels, but I still get "connection refused" when trying to connect to my linux box remotely using putty.

When I run iptables -L , I get this:

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Does this output mean I am not successfully turning it off?

I have run init.d to turn it off as well as iptables -F but still I can't connect.

Any help is much appreciated.

thx in advance.

Capt_Caveman · 04-01-2003, 08:59 PM

Probably should have started a new thread for this.

Looks like you've flushed your iptables rules alright, but did you put an entry for the ssh client's ip address in /etc/hosts.allow?

sshd: xxx.xxx.xxx.xxx