| View previous topic :: View next topic |
| Author |
Message |
chr1z
Apprentice
Joined: 17 Jul 2002
Posts: 207
|
 Posted: Thu Mar 06, 2003 12:02 pm Post subject: router does not allow ssh connection |
 |
|
i want to connect to my machine from outside with ssh
sshd is running on it
i set the router to forward port 22 to my ip (192.168.168.1) on port 22
the router has the ip 192.168.168.230
when i connect to my ip inside the lan it works
when do this from outside, i get connection refused
this is the nmap result of my router
| Code: |
root@misanthropia:/home/chr1z% nmap 192.168.168.230
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on Router (192.168.168.230):
(The 1599 ports scanned but not shown below are in state: closed)
Port State Service
23/tcp open telnet
80/tcp open http
|
why is port 22 not open?
Last edited by chr1z on Thu Mar 06, 2003 1:57 pm; edited 1 time in total |
|
| Back to top |
|
 |
garo
Bodhisattva
Joined: 15 Jul 2002
Posts: 860
Location: Edegem,BELGIUM
|
| Posted: Thu Mar 06, 2003 12:30 pm Post subject: |
|
|
| Quote: | i set the router to forward port 22 to my ip (192.168.168.230) on port 22
the router has the ip 192.168.168.230 |
Why does your machine has the same ip as the router ?!?
_________________
My favorite links this month:
- Surf Random
- Web-based SSH
- Stop Spam |
|
| Back to top |
|
|
chr1z
Apprentice
Joined: 17 Jul 2002
Posts: 207
|
| Posted: Thu Mar 06, 2003 1:56 pm Post subject: |
|
|
| sorry i have the ip 192.168.168.1 of course |
|
| Back to top |
|
|
sieter
Tux's lil' helper
Joined: 03 Jan 2003
Posts: 111
|
| Posted: Thu Mar 06, 2003 2:33 pm Post subject: |
|
|
Is it possible that the router blocks port 22 from outside?
Or does your client block external adresses?
Did you try and ssh you router from your client?
Maybe someting show´s up in the logs...  |
|
| Back to top |
|
|
garo
Bodhisattva
Joined: 15 Jul 2002
Posts: 860
Location: Edegem,BELGIUM
|
| Posted: Thu Mar 06, 2003 3:04 pm Post subject: |
|
|
Add this:
| Code: | | ListenAddress 192.168.168.230 |
to "/etc/ssh/sshd_config"
_________________
My favorite links this month:
- Surf Random
- Web-based SSH
- Stop Spam |
|
| Back to top |
|
|
chr1z
Apprentice
Joined: 17 Jul 2002
Posts: 207
|
| Posted: Thu Mar 06, 2003 4:48 pm Post subject: |
|
|
i added that line
still same problem!
i think it is router related! |
|
| Back to top |
|
|
chr1z
Apprentice
Joined: 17 Jul 2002
Posts: 207
|
| Posted: Thu Mar 06, 2003 4:49 pm Post subject: |
|
|
| sieter wrote: | Is it possible that the router blocks port 22 from outside?
Or does your client block external adresses?
Did you try and ssh you router from your client?
Maybe someting show´s up in the logs... |
the router refuses port 22
ssh: connect to host 192.168.168.230 port 22: Connection refused |
|
| Back to top |
|
|
starbecks
n00b
Joined: 30 Mar 2003
Posts: 45
|
| Posted: Mon May 05, 2003 11:33 pm Post subject: |
|
|
| chr1z wrote: | | sieter wrote: | Is it possible that the router blocks port 22 from outside?
Or does your client block external adresses?
Did you try and ssh you router from your client?
Maybe someting show´s up in the logs... |
the router refuses port 22
ssh: connect to host 192.168.168.230 port 22: Connection refused |
For days, I couldn't figure out why ssh WOULD work on the way out to the internet through my router, but NOT from the internet back in. Just like you, I forwarded port 22 to a local address. I checked to make sure sshd was running and configured correctly. I could ssh around inside the local net fine so I knew everything was working.
It wasn't until I was working on something else that I came across my /etc/hosts.deny... ALL:ALL... I was blocking it (doh). Try tweaking the hosts.allow and hosts.deny. It helped me.
Note: When I NMAP the router it does not 'show' port 22 as open. It just shows telnet and http, the 2 ways to get in to configure it. Those are actually blocked from the outside world by router rules. I forward port 80 to a local address anyway. Telnet is not used. |
|
| Back to top |
|
|
cybermans
Apprentice
Joined: 04 Apr 2003
Posts: 193
|
| Posted: Tue May 06, 2003 6:18 am Post subject: |
|
|
bt w make a port scan from a place outside your network to test if your telnet port is op. Inside that port will be used for router config i suppose but if you dont need telnet access from of the web close the port!!!
_________________
My weBlog
Linux compability list (hardware) |
|
| Back to top |
|
|
|
Networking & Security
