You are not logged in.
Port 22 is open in router.
Offline
It sounds like you haven't installed and/or enabled an ssh server?
https://wiki.archlinux.org/title/Ssh
Offline
Hello, Ferdinand.
No, it is a basic arch Linux live cd and ssh should be installed by default. One thing I noticed, is that Nmap says that port 22 is closed, but it's open in my router.
Offline
Hm.. maybe I misunderstand you?
Are you trying to ssh from some computer to another computer running Arch, or are you trying to ssh from Arch to the router?
In the first case it doesn't matter whether or not the router is listening on port 22, you need something listening on port 22 on the Arch machine - and in the latter case you only need an ssh client on Arch (which should be installed) and if the router refuses you it would be due to access restrictions configured on the router (but then nmap shouldn't report it as closed).
I think some more detail could help :-)
Offline
I'm trying to ssh from my Mac to my friend's pc to install Arch Linux. So my friend should install the OpenSSH package first?
Offline
On the booted iso run "systemctl status sshd" and post the output.
"closed" means there's nothing listening on that port on that IP - does the IP you test respond to ping's?
but it's open in my router.
Since you keep saying that: are you trying to access the server from a different network segment through a NAT'ing router?
If both systems are in the same segment, there's nothing to do in the router and if they're not, you need to actually forward that port to the desired lease.
Edit:
I'm trying to ssh from my Mac to my friend's pc to install Arch Linux.
1. your friend should install arch him/her/whateverself
2. Assuming you're operating across different segments: are you talking about your router or your friends router?
Last edited by seth (2022-09-29 15:49:26)
Offline
If you are using the standard Arch ISO you will also need to set a root password and restart the SSH server. Read...
https://wiki.archlinux.org/title/Instal … ux_via_SSH
Offline
On the booted iso run "systemctl status sshd" and post the output.
"closed" means there's nothing listening on that port on that IP - does the IP you test respond to ping's?but it's open in my router.
Since you keep saying that: are you trying to access the server from a different network segment through a NAT'ing router?
If both systems are in the same segment, there's nothing to do in the router and if they're not, you need to actually forward that port to the desired lease.Edit:
I'm trying to ssh from my Mac to my friend's pc to install Arch Linux.
1. your friend should install arch him/her/whateverself
2. Assuming you're operating across different segments: are you talking about your router or your friends router?
1. He has almost no Linux knowledge and time so he wants me to install him arch Linux.
2. Port 22 is opened in his OpenWrt router.
Offline
And you're going to maintain it for him as well? Install everything? Take all support issues?
Don't do it.
Offline
If you are using the standard Arch ISO you will also need to set a root password and restart the SSH server. Read...
https://wiki.archlinux.org/title/Instal … ux_via_SSH
I did read this wiki page, the root password is set. Still "Connection refused". I suppose the issue might be in the Arch Linux default firewall, ex. all the ports in arch Linux iso are closed by default (?)
Offline
And you're going to maintain it for him as well? Install everything? Take all support issues?
Don't do it.
Yes, as I did.
Offline
On the booted iso run "systemctl status sshd" and post the output.
Port 22 is opened in his OpenWrt router.
you need to actually forward that port to the desired lease.
I did read this wiki page, the root password is set.
Confirm that PermitRootLogin yes is set in /etc/ssh/sshd_config. If it is not, set it and reload the OpenSSH daemon sshd.service to apply the changes.
I suppose the issue might be in the Arch Linux default firewall
"closed" means there's nothing listening on that port on that IP
you need to actually forward that port to the desired lease.
Offline
Port 22 is open:
systemctl status sshd:
Permit root login is uncommented:
Offline
You've opened port 22 on the router, but is it forwarding to the correct dynamic address that your friends client is being assigned?
By the looks of it you're forwarding port 22 to an Android smartphone instead of the PC you are trying to connect to.
Offline
https://ibb.co/kcLrzTp says that 22 is forwarded to "this device" and "this device" is apparently some phone and not the IP/lease of the system that booted the arch iso ("ip a")?
Edit: fuck.
Last edited by seth (2022-10-01 19:50:09)
Offline
"this device" is the router, that part is correct.
Edit the port forward and set "Internal IP address" to the IP address of the system booting the ISO and "Internal port" to 22.
Last edited by nl6720 (2022-10-02 09:31:18)
Offline
"this device" is the router, that part is correct.
Edit the port forward and set "Internal IP address" to the IP address of the system booting the ISO and "Internal port" to 22.
Did this, no success: https://ibb.co/NT1KJXh
Offline
Source zone should be "wan" not "lan".
Offline
Source zone should be "wan" not "lan".
I know, I tried both.
Offline
If you know this, why do you post a screenshot with the nonsense setting???
Source zone WAN, destination LAN. Check nmap again.
Do you try this or your friend who "has almost no Linux knowledge and time" on the other end?
OpenWRT requires to apply the settings, if he just saves it it doesn't do anything and for a MAC user it's probably required to point out that merely changing the numbers does even less.
Offline
It is him trying it, he applied the correct settings.
Offline
Mac is only for my college work.
Offline
Updated nmap? Closed, filtered, open??
Offline
PORT STATE SERVICE
135/tcp open msrpc
139/tcp filtered netbios-ssn
445/tcp open microsoft-ds
1433/tcp open ms-sql-s
3389/tcp open ms-wbt-server
Nmap done: 1 IP address (1 host up) scanned in 2.74 seconds
Offline
Are you supposed to have those ports open the WAN/forwarded by the router???
22 is still closed, nothing is listening on the other end.
Offline