On Wednesday 06 October 2004 01:54, Gerhard Magnus wrote:
I have two machines (PuteA and PuteB) sharing an ActionTec DSL modem.
IP I was using was that of my "Gateway" ISP (220.127.116.11) -- an error.
But when I used the correct, static IP address of the ActionTec
(18.104.22.168) I got this message:
ssh: connect to host 22.214.171.124 port22: Connection refused
I thought I had port forwarding (for port 22) set correctly on the
which internal machine are you forwarding to?
(ie see the lower answer about ifconfig)
For troubleshooting, my ISP advised me to run "tcpdump -n host
on PuteA, where 192.168.0.2 is the "internal" IP of PuteA. Then I logged on
to the remote location from PuteB and tried to ssh from there to PuteA
using the static IP address. The ssh from the remote location timed out
with the same "port 22: connection refused" message. The tcpdump on Pute
Here are my replies to the people who responded to my first post:
(1) "Do you have the firewall configured to deny incoming packets to port
How do I check this?
service iptables status
iptables -L -v
(the v is verbose, which will include the interfaces too)
"service sshd status" gives"sshd (pid 787) is
so that's not the problem.
neither, it would appear is tcp_wrappers (the hosts.allow/deny files)
eth0 Link encap:Ethernet HWaddr 00:40:05:81:60:8E
inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0
Could this be the problem -- the "inet addr" of 192.168.0.4? As far as I
can tell, the modem is 192.168.0.1, PuteA is 192.168.0.2, and PuteB is
192.168.0.3. I haven't set anything as 192.168.0.4.
This I believe is the
issue here. ifconfig does not tell lies.
your eth0 device is currently set to 192.168.0.4.
Are you by any chance using your modem as a dhcp server?
incidentally, try (on your fedora box)
nmap -sP 192.168.0.0/24
which will tell you which machines are up with which ip addresses on your
local network (it's a ping scan). You may need to install nmap first.
try ssh-ing to from your other host
you can reconfigure the interface (to what you expected) using netconfig:
netconfig -d eth0
set your ip address and the other bits
then do a service network restart.
then try ssh again.
(9) "nmap 126.96.36.199"
(The 1598 ports scanned but not shown below are in state: closed)
Port State Service
23/tcp open telnet
53/tcp open domain
80/tcp open http
Shouldn't ssh be here? And what's telnet doing open? The books have me
scared to death of this... hackers, crackers, script kiddies, etc.
it's not difficult to turn off, however. See Matthew's post about this.
Stuart Sears RHCE, RHCX
Quidquid latine dictum sit, altum viditur