[Tuxaloosa] ssh problems
Andrew Browning
drew826 at gmail.com
Thu Jul 30 17:17:54 UTC 2009
On Thu, Jul 30, 2009 at 11:59 AM, E.H.<leprkhn at gmail.com> wrote:
> andrew: 192.168.0.5 is the only interface, should i change it back?
There's no real need to do so, unless you plan on changing the IP
address in the future and don't want to have to edit the configuration
file. I tend to keep my config file directives at default values
unless there's a compelling reason to change them, but there's nothing
wrong with specifying a particular interface to use (in fact, it's
encouraged in certain situations).
> ps says
> that /usr/sbin/ssh is running. i can log into an ssh session from the
> console, but not from putty.
Did you mean sshd? On the distros I'm familiar with, /usr/bin/ssh is
the client and /usr/bin/sshd is the daemon. However, since you said
you can log in to an ssh session from a console, I'll assume that
means that sshd is in fact running. Are you logging in from a console
on the same Ubuntu machine, or from a different one? If you can log in
locally but not from a remote machine, then your Ubuntu machine might
not be accepting outside connections.
You can check to see if your Ubuntu machine is listening on the sshd
port with telnet. From your Windows machine, open a command prompt
(Start->Run->cmd) and at the terminal, type
"telnet 192.168.0.5 22" without the quotes (note there is a space, not
a colon, between the IP address and the port). If you get a response
along the lines of "Could not open connection...," then the Ubuntu
machine _is not_ accepting outside connections on that port. If you
instead get some kind of banner, along the lines of
"SSH-2.0-OpenSSH_5.2," then the Ubuntu machine _is_ accepting outside
connections on that port.
If your Ubuntu machine is not accepting outside connections, then it
might have a default firewall blocking port 22, or it might be using
the hosts.allow/hosts.deny files.
The files /etc/hosts.allow and /etc/hosts.deny specify which hosts are
allowed to connect to your Ubuntu machine and one which ports. If your
/etc/hosts.deny file has a line that reads something like "ALL: ALL:
DENY," then you'll need to make sure that your /etc/hosts.allow file
has a line that reads something like "sshd : ALL : allow" (assuming
you're comfortable with all local network traffic being able to
connect to your Ubuntu machine on TCP port 22). You can change the ALL
to a specific hostname or subnet if you desire to do so. If your
/etc/hosts.deny file is empty, then it pretty much allows all traffic
through, so it might be a firewall issue instead.
I assume that Ubuntu uses iptables for a firewall; you can view its
current configuration with (as root):
#iptables -L -n
If the INPUT chain lists a REJECT line for tcp dpt:22, then the
firewall (if running) is blocking port TCP port 22, and you'll need to
change that. If that's the case, respond back and we'll help with
that.
More information about the TUXaloosa
mailing list