You are not logged in.
- Topics: Active | Unanswered
#1 2016-06-02 13:34:37
- CarbonFixer
- Member
- Registered: 2013-10-19
- Posts: 20
[SOLVED] SSH not working for past few weeks
My work computer is behind an organisational firewall, so to access it via ssh I "hop" through a local server that is accessible through the internet. That server has an IP of RHEL_IP and my workstation has an IP of MY_IP. SSH is enabled on port 22 and is working when attempting to ssh locally (to "localhost").
I have not so far been able to get any meaningful answers from the IT staff on why it may have stopped working and now I'm simply trying to exclude the option that something went wrong in the configuration of my workstation, rather than something changing on the network. In order to exclude it's effect, I stopped the fail2ban service I had running.
On the bridge server, if I try to SSH to my workstation I get some delay and then the message "connection timed out".
While googling, I found that if I use tcpdump and don't see anything on port 22, then SSH is definitely blocked on the network level. I tried running tcpdump but I am getting some output while the bridge server (RHEL_IP) is trying to make a connection to my workstation (MY_IP):
sudo tcpdump -ni eno1 "port 22"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes
16:04:31.682794 IP RHEL_IP.54855 > MY_IP.22: Flags [s], seq 2251585818, win 14600, options [mss 1460,sackOK,TS val 3001620262 ecr 0,nop,wscale 7], length 0
16:04:32.682305 IP RHEL_IP.54855 > MY_IP.22: Flags [s], seq 2251585818, win 14600, options [mss 1460,sackOK,TS val 3001621262 ecr 0,nop,wscale 7], length 0
16:04:34.682603 IP RHEL_IP.54855 > MY_IP.22: Flags [s], seq 2251585818, win 14600, options [mss 1460,sackOK,TS val 3001623262 ecr 0,nop,wscale 7], length 0
16:04:38.682218 IP RHEL_IP.54855 > MY_IP.22: Flags [s], seq 2251585818, win 14600, options [mss 1460,sackOK,TS val 3001627262 ecr 0,nop,wscale 7], length 0
16:04:46.682561 IP RHEL_IP.54855 > MY_IP.22: Flags [s], seq 2251585818, win 14600, options [mss 1460,sackOK,TS val 3001635262 ecr 0,nop,wscale 7], length 0
16:05:02.682482 IP RHEL_IP.54855 > MY_IP.22: Flags [s], seq 2251585818, win 14600, options [mss 1460,sackOK,TS val 3001651262 ecr 0,nop,wscale 7], length 0
^C
6 packets captured
6 packets received by filter
0 packets dropped by kernelI tried changing the port to both 2222 and 80, to no affect.
I also tried connecting from neighbouring Windows computers instead of the RHEL server (with putty), to no avail.
Here is the similar output of tcpdump when trying to connect from an adjacent Windows machine:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes
16:27:34.548205 IP WINPC_IP.54052 > MY_IP.22: Flags [s], seq 348683094, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
16:27:38.040727 IP WINPC_IP.54052 > MY_IP.22: Flags [s], seq 348683094, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
16:27:44.035858 IP WINPC_IP.54052 > MY_IP.22: Flags [s], seq 348683094, win 8192, options [mss 1460,nop,nop,sackOK], length 0
^C
3 packets captured
3 packets received by filter
0 packets dropped by kernelCan I rule out the option that this is some mis-configuration on my system?
Is it possible to figure out what changed on the network that made SSH stop working for me?
Last edited by CarbonFixer (2016-06-06 14:49:47)
Offline
#2 2016-06-02 14:54:27
- ewaller
- Administrator
- From: Pasadena, CA
- Registered: 2009-07-13
- Posts: 19,772
Re: [SOLVED] SSH not working for past few weeks
CarbonFixer,
I sent you a PM with an server name I would like you to try. Can you see that server?
Are you allowing passwords? or is your server Key Only?
Are you in a part of the world that might be behind a government firewall that may be blocking VPNs?
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
#3 2016-06-02 17:16:27
- nomorewindows
- Member
- Registered: 2010-04-03
- Posts: 3,362
Re: [SOLVED] SSH not working for past few weeks
Try using nmap possibly?
I may have to CONSOLE you about your usage of ridiculously easy graphical interfaces...
Look ma, no mouse.
Offline
#4 2016-06-03 06:18:46
- CarbonFixer
- Member
- Registered: 2013-10-19
- Posts: 20
Re: [SOLVED] SSH not working for past few weeks
CarbonFixer,
I sent you a PM with an server name I would like you to try. Can you see that server?
Are you allowing passwords? or is your server Key Only?
Are you in a part of the world that might be behind a government firewall that may be blocking VPNs?
I can connect to arbitrary SSH servers from my workstation with no issue. The issue is with accepting incoming SSH connections.
I am allowing passwords.
I am behind a company firewall (this is my work computer), but incoming SSH worked until a couple of weeks ago, so I'm trying to figure out if something borked in my system or did something change on the network.
What is strange is that I'm seeing the packets coming in with tcpdump on port 22, but the sshd log shows nothing.
EDIT: I am troubleshooting SSH inside the the company LAN, not from the internet directly.
Last edited by CarbonFixer (2016-06-03 06:35:07)
Offline
#5 2016-06-06 14:43:31
- CarbonFixer
- Member
- Registered: 2013-10-19
- Posts: 20
Re: [SOLVED] SSH not working for past few weeks
Solved. The culprit was ufw.
Last edited by CarbonFixer (2016-06-06 14:49:25)
Offline