Remote SSH problems

Silvo · 2011-12-18 10:44:48

Hi,

I am trying to set up SSH, but have hit a few snags. I've successfully installed and set up sshd, which is running (have checked -- I can ssh into my computer from other computers on my network). I have successfully forwarded port 22 from my router (have checked on canyouseeme.org, port 22 is open, other ports are not), any yet when I try:

ssh username@my-external-ip-address -p 22

it just sits there for ages and eventually times out. There is no further message beyond "connection timed out".

My guess is that either a firewall on Arch is blocking the connection (but I haven't installed any firewalls...), or there is some setting in my sshd config file that is denying connections from everyone (but then surely there would be some kind of message to tell me this beyond timing out?)

Any ideas? I just don't see what the problem could be. Assuming the port-forwarding works (is there any other way to check this?), i just dont see why local internal connections work but external ones dont.

fukawi2 · 2011-12-18 11:13:00

https://wiki.archlinux.org/index.php/Se … ut_Problem

Let us know how far you get through that.

Silvo · 2011-12-18 11:23:54

Thanks for the reply.

The netstat command shows the following two lines:

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 19101/sshd
tcp6 0 0 :::22 :::* LISTEN 19101/sshd

so I assume that's working. Stopping iptables fails because iptables isn't started. And then I run that final tcpdump command, and it spits out this initially:

cpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes

And nothing I do will make it give any other output.

So, thoughts? What does all that mean? "If you do not see any output when you attempt to connect, then something outside of your computer is blocking the traffic (e. g., hardware firewall, NAT router etc.)." That would suggest that my router is blocking the traffic, but I have opened that port already, and I don't have a hardware firewall.

R00KIE · 2011-12-18 15:32:16

It might not work if you are trying from your network, are you trying to connect from the outside?

From other forum posts, that seems to always be the problem.

/dev/zero · 2011-12-18 19:25:16

I would do something like:

Check you can ping the ip address you're trying to connect to.
Run nmap on the ip address to see what ports it has open.
Run ssh verbosely.
Check the logs on both sides.
Use all the knowledge gained from running the previous steps to inform some stfw action.
If it still isn't clear what's wrong after all that, come to the forums.

jasonwryan · 2011-12-18 19:43:35

/dev/zero wrote:

Run ssh verbosely.

This.

fukawi2 · 2011-12-18 22:27:54

Silvo wrote:

cpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
And nothing I do will make it give any other output.

The traffic isn't getting from your router to your computer properly then. Double-check your port forwards on the router.

Silvo · 2011-12-18 22:37:25

R00KIE wrote:

It might not work if you are trying from your network, are you trying to connect from the outside?

That was the problem! Thank you, it works perfectly when I try to connect from outside the network.

That seems a little strange to me, I would have thought that you would be able to connect using the external IP address as well. But not to worry, I can connect both internally and externally now using different addresses, that's not so bad.

Thanks for all the help.

Arch Linux

#1 2011-12-18 10:44:48

Remote SSH problems

#2 2011-12-18 11:13:00

Re: Remote SSH problems

#3 2011-12-18 11:23:54

Re: Remote SSH problems

#4 2011-12-18 15:32:16

Re: Remote SSH problems

#5 2011-12-18 19:25:16

Re: Remote SSH problems

#6 2011-12-18 19:43:35

Re: Remote SSH problems

#7 2011-12-18 22:27:54

Re: Remote SSH problems

#8 2011-12-18 22:37:25

Re: Remote SSH problems

Board footer