Arch Linux

FATImpulse

Member

Registered: 2023-09-01

Posts: 2

Cannot SSH into Arch Machine from WAN

I have a similar situation as this discussion where I can ssh into the machine through LAN but not through WAN.

I have port forwarding set up and everything seems right but I cannot connect (connection times out). I have some suspicion that it is because of my ISP (Cox) and I am wondering if anyone has experience setting up SSH server with Cox and/or if there is something basic I am missing/doing wrong.

Port: 63402
ISP: Cox
Router & Modem: From Cox

/etc/ssh/sshd_config:

# Include drop-in configurations
Include /etc/ssh/sshd_config.d/*.conf

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

Port 63402
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::

#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none
"/etc/ssh/sshd_config" [readonly] 124L, 3246B
# Include drop-in configurations
Include /etc/ssh/sshd_config.d/*.conf

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

# no default banner path
Banner /etc/issue

# override default of no subsystems
Subsystem       sftp    /usr/lib/ssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       PermitTTY no
#       ForceCommand cvs server

AllowUsers john
HostKey /etc/ssh/ssh_host_ed25519_key
PermitRootLogin no
PasswordAuthentication no
MaxStartups 3

nmap -Pn -p 63402 <public-ip>:

Nmap scan report for ip<public-ip>.ph.ph.cox.net
Host is up.

PORT      STATE    SERVICE
63402/tcp filtered unknown

Nmap done: 1 IP address (1 host up) scanned in 2.05 seconds

seth

Member

From: Won't reply 2 private help req

Registered: 2012-09-03

Posts: 76,104

Re: Cannot SSH into Arch Machine from WAN

Do you run a local firewall?
Make sure the port isn't blocked (in doubt temporarily disable the FW) and wireshark the connection to see whether there's any inbound traffic on that port.
If not, you either misconfigured the port forwarding or get cox-blocked (scnr) by your ISP.

---

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

FATImpulse

Member

Registered: 2023-09-01

Posts: 2

Re: Cannot SSH into Arch Machine from WAN

Thank you for the response.

I have the firewall disabled and wiresharked the connection; unfortunately there is no inbound packets aside from the SSH connection from LAN.

Cox has moved port forwarding for their routers onto a mobile app which does not give me any confidence. I will tinker around some more and if I still cannot find a solution, I will go through a VPN.