I can't connect via ssh

Erik Hemdal ehemdal at townisp.com
Sat Sep 26 19:30:37 UTC 2009 


> From: Germ?n Racca <german.racca at gmail.com>
> Subject: Re: I can't connect via ssh
> To: "Community assistance, encouragement, and advice for using
> Fedora." <fedora-list at redhat.com>
> Message-ID: <1253925734.7784.27.camel at centauri.das.inpe.br>
> Content-Type: text/plain; charset="UTF-8"
>
> On Fri, 2009-09-25 at 18:32 -0500, Aaron Konstam wrote:
>> On Fri, 2009-09-25 at 16:20 -0300, Germán Racca wrote:
>> > Hi list:
>> >
>> > I need to use ssh to transfer data between a PC and a notebook, both
>> > with Fedora 11, but the result is, from notebook to PC:
>> >
>> >
>> > $ ssh xx.xx.xx.xx
>> > ssh: connect to host xx.xx.xx.xx port 22: No route to host

It might help to picture what has to happen for an SSH connection to work:

--You have to make a request with the ssh command on the client machine, 
where you are sitting.  If you can craft an ssh command, as you did, this is 
probably not your problem.
--The SSH traffic has to get past the local firewall.  By default, this 
isn't usually a problem, because the firewall will allow outbound traffic. 
If you can browse the Web and get email, this is probably OK and is not the 
source of your problem.
--The SSH traffic has to get through your network.  It might be blocked 
because your network administrator forbids SSH or because there's some other 
problem.  So we need to investigate this first.
--The firewall on the remote computer (the one you want to "SSH into") has 
to let the SSH traffic in.  This is usually done by telling the firewall to 
"trust SSH" or "open port 22".
--The remote computer has to have an SSH server running and ready to go. 
This is the "service sshd start" part.

The error "No route to host" means that your SSH packets could not find 
their way to the computer at xx.xx.xx.xx.  That might be because the 
firewall on that computer hasn't opened port 22 (common) or because the 
computer can't be reached through the network.

Pinging the computer uses a different kind of message ("ICMP packets") to 
see if the computer can be contacted.  But you don't want to ping localhost, 
because that is pinging your local PC.  So it will tell you if the network 
interfaces on the two computers are working, but won't tell you if they are 
visible to each other on the network.  On my laptop, "ping localhost" works 
even when my network connections are disconnected from everything.

To make sure, you need the IP addresses; any computer at all should respond 
when you call it localhost.  Ping from one computer using the IP address of 
the other one.

ping xx.xx.xx.xx

with the actual IP addresses will tell you a lot.  If the pings are 
successful, then you know that there is a connection between the two. If 
not, you need help from your network administrators to know if the 
connection is possible.

The ifconfig command will tell you the IP address (inet address) for each 
network interface that is up.

>> >
>> > $ ping xx.xx.xx.xx
>> > >From xx.xx.xx.xx icmp_seq=11 Destination Host Unreachable
>> > >From xx.xx.xx.xx icmp_seq=12 Destination Host Unreachable
>> > >From xx.xx.xx.xx icmp_seq=13 Destination Host Unreachable

Destination Host Unreachable means that the remote computer can't be found. 
There's no way to get an ICMP packet to reach it.
>> >
>> > >From PC to notebook there is no response.

This is what I'd expect if the computer can be found on the network, but it 
is deliberately not responding to pings -- or if something like a firewall 
is in the way and blocking pings.  In either case, this looks like a network 
issue.  There may be other problems too, but making sure the network is OK 
is first on the list to solve.

Post back if you need more help.  I hope this will help you.  These kinds of 
problems can be very hard to solve.

Erik

More information about the users mailing list