Running F23/XFCE, with firewalld, and having commanded: # systemctl start sshd.service
/var/log/secure
shows that sshd is opening port 22, and listening on 0.0.0.0 . There is no entry suggesting a login attempt is received.
In the XFCE GUI for firewalld, everything is running in zone labelled 'public'. - The network interface is bound to the zone 'public' - SSH service is enabled in zone 'public' - I've added port 22/tcp to the list of active ports in zone 'public' - 'Lockdown', and 'panic mode' are disabled
These settings are the same in mode 'permanent' and in mode 'runtime'
sshd config is set to listen on 0.0.0.0 (and ::).
Our LAN uses ipv4, in the range 192.168.0/24 .
This machine is connected to the network, but I cannot log in to sshd from any machine on the LAN. The client times-out after a few seconds. Clients do not report a 'rejection'.
If any list readers have any ideas about what else might need to be set up, or might be going wrong, I'd be very grateful to hear,
Ron
The things I would do first thing:
Can you SSH to localhost on port 22? If not, then check to see if the port is listening using netstat -an | grep 22 Run nmap from another system on that subnet to that machine to see if port 22 is available on the network if the above is fine.
My guess is that ssh isn't bound to the NIC and not listening on port 22. Last resort would be to shut down the firewall and test it that way. (If it's a true 'public' server, I wouldn't just leave the FW down if that fixes it. But it will give you a place to start.)
On Thu, Sep 8, 2016 at 2:43 PM, Ron Leach ronleach@tesco.net wrote:
Running F23/XFCE, with firewalld, and having commanded: # systemctl start sshd.service
/var/log/secure
shows that sshd is opening port 22, and listening on 0.0.0.0 . There is no entry suggesting a login attempt is received.
In the XFCE GUI for firewalld, everything is running in zone labelled 'public'.
- The network interface is bound to the zone 'public'
- SSH service is enabled in zone 'public'
- I've added port 22/tcp to the list of active ports in zone 'public'
- 'Lockdown', and 'panic mode' are disabled
These settings are the same in mode 'permanent' and in mode 'runtime'
sshd config is set to listen on 0.0.0.0 (and ::).
Our LAN uses ipv4, in the range 192.168.0/24 .
This machine is connected to the network, but I cannot log in to sshd from any machine on the LAN. The client times-out after a few seconds. Clients do not report a 'rejection'.
If any list readers have any ideas about what else might need to be set up, or might be going wrong, I'd be very grateful to hear,
Ron
users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
On 09/08/2016 11:43 AM, Ron Leach wrote:
Running F23/XFCE, with firewalld, and having commanded: # systemctl start sshd.service
/var/log/secure
shows that sshd is opening port 22, and listening on 0.0.0.0 . There is no entry suggesting a login attempt is received.
In the XFCE GUI for firewalld, everything is running in zone labelled 'public'.
- The network interface is bound to the zone 'public'
- SSH service is enabled in zone 'public'
- I've added port 22/tcp to the list of active ports in zone 'public'
- 'Lockdown', and 'panic mode' are disabled
These settings are the same in mode 'permanent' and in mode 'runtime'
sshd config is set to listen on 0.0.0.0 (and ::).
Our LAN uses ipv4, in the range 192.168.0/24 .
This machine is connected to the network, but I cannot log in to sshd from any machine on the LAN. The client times-out after a few seconds. Clients do not report a 'rejection'.
If any list readers have any ideas about what else might need to be set up, or might be going wrong, I'd be very grateful to hear,
Have you tried to "ssh -vvv remote-ip" to see what's going on? You could also run a tcpdump (or Wireshark) on port 22 of the machine you're trying to connect to in order to get a trace.
The most common things I've found is that you aren't permitting the authentication method you're trying to use in your /etc/ssh/sshd_config file. By default, you should be allowed to log in via a username and password. In the sshd_config file, the line is
PasswordAuthentication yes
Note that if it's not in the sshd_config file, it's enabled. However, I've seen a lot of systems where the "PasswordAuthentication no" is set which would require one of the other authentication methods available to be used. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com - - AIM/Skype: therps2 ICQ: 226437340 Yahoo: origrps2 - - - - We look for things. Things that make us go! - - -- The "Paclyds", Star Trek TNG - ----------------------------------------------------------------------
-
Mark Haney -
Rick Stevens -
Ron Leach