SSH can't connect
James McKenzie
jjmckenzie51 at earthlink.net
Sun Oct 3 18:49:30 UTC 2010
On 10/3/10 11:43 AM, JD wrote:
>
> On 10/03/2010 09:09 AM, Jim wrote:
>> On 10/02/2010 08:28 PM, JD wrote:
>>> On 10/02/2010 02:42 PM, Jim wrote:
>>>> What is the 6749 in this command ?
>>>>
>>>>
>>>> # netstat -nltp | grep 22
>>>> tcp 0 0 0.0.0.0:22
>>>> 0.0.0.0:* LISTEN 6749/sshd
>>>> tcp 0 0 0.0.0.0:8822
>>>> 0.0.0.0:* LISTEN 1666/smfpd
>>>> tcp 0 0 :::22
>>>> :::* LISTEN 6749/sshd
>>> That's the process id.
>>>
>> I guess this would indicate I'am getting out onto the Internet.
>> But is SSH ?
>>
>> # host -a 61.58.52.206
>> Trying "206.52.58.6.61.in-addr.arpa"
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28179
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>>
>> ;; QUESTION SECTION:
>> ;206.52.58.68.in-addr.arpa. IN PTR
>>
>> ;; ANSWER SECTION:
>> 206.52.58.68.in-addr.arpa. 7200 IN PTR
>> c-61-58-52-206.hsd1.in.comcast.net.
>>
>> Received 91 bytes from 61.87.72.134#53 in 29 ms
>>
> Well, the process ID of the sshd does not mean you ARE
> going over the internet, targeting a remote port 22.
> The sshd is in listening mode, that's all.
>
> Also, on your end, it matters not whether or not you
> are running the sshd, since you are not trying to ssh
> into your own machine. You want to ssh out to a remote
> machine, and that's the machine that is running the sshd
> that should respond to your connection request.
>
> When you shared with us the firewall entries, was that
> for your machine or the remote machine you are trying to connect to?
> if that was for YOUR machine, then please run the command
>
> iptables -L -n
>
> on the remote machine and post the results.
>
> Also, is your machine connected to a router/gateway?
> If so, can you login to that router or gateway (usually
> by aiming your browser to the router's LAN ip address.
> Go thtough all it's menus that display/configure ports
> and firewalls. See if that is where the block is.
>
Good idea. Also check the contents of hosts.allow/hosts.deny. One
further thing is to check if the IP address is being changed (NAT)
in-between the two systems. That can cause more troubles...
James McKenzie
More information about the users
mailing list