| View previous topic :: View next topic |
| Author |
Message |
swagr
Tux's lil' helper
Joined: 18 Apr 2002
Posts: 90
Location: Toronto
|
 Posted: Fri Apr 23, 2004 5:36 pm Post subject: [fixed] ssh 127.0.0.1 won't work |
 |
|
I need to ssh my local machine to do some troubleshooting.
I realize ssh-ing the machine I'm on is a little pointeless otherwise.
Remote machines can ssh the box with no problems, but when I try to do a local ssh (ssh 127.0.0.1) it won't work.
Does it sound I have something misconfigured or does ssh actually do this on purpose?
Thanks for any help.
_________________
RUN!
Last edited by swagr on Fri Apr 23, 2004 10:12 pm; edited 1 time in total |
|
| Back to top |
|
 |
sekretarz
Retired Dev
Joined: 09 Feb 2004
Posts: 156
Location: Poznan, Poland
|
| Posted: Fri Apr 23, 2004 6:41 pm Post subject: |
|
|
I can normally ssh localhost. Check two files: /etc/hosts.allow and /etc/hosts.deny
_________________
#gentoo.pl Team - sekretarz |
|
| Back to top |
|
|
vonhelmet
l33t
Joined: 06 Apr 2004
Posts: 770
Location: Somewhere in a school
|
| Posted: Fri Apr 23, 2004 7:05 pm Post subject: |
|
|
| sekretarz wrote: | | I can normally ssh localhost. Check two files: /etc/hosts.allow and /etc/hosts.deny |
I just stumbled across this thread and found I can't ssh into my own box from itself either... And I don't have the hosts.allow and hosts.deny files in etc. |
|
| Back to top |
|
|
phthalocyanide
n00b
Joined: 17 Apr 2004
Posts: 6
Location: Somewhere in Canada
|
| Posted: Fri Apr 23, 2004 7:15 pm Post subject: Do you have any netfiltering rules? |
|
|
Do you have any netfiltering rules?
do this with root privilege:
/sbin/iptables -L
If you have not set any rules, you should get output like this:
Password:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination |
|
| Back to top |
|
|
swagr
Tux's lil' helper
Joined: 18 Apr 2002
Posts: 90
Location: Toronto
|
| Posted: Fri Apr 23, 2004 7:53 pm Post subject: |
|
|
No iptables rules. No hosts.allow/deny files in etc.
If I ssh verbosely I see that I actually physically connect, but sshd boots me off.
| Code: |
...
Connecting to localhost [127.0.0.1]
Connection established.
...
ssh_exchange_identification: Connection closed by remote host
|
_________________
RUN! |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54848
Location: 56N 3W
|
| Posted: Fri Apr 23, 2004 8:03 pm Post subject: |
|
|
swagr,
You may have rootsquash set. ssh in as an unprivilidged user and do su after if needed.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
swagr
Tux's lil' helper
Joined: 18 Apr 2002
Posts: 90
Location: Toronto
|
| Posted: Fri Apr 23, 2004 8:20 pm Post subject: |
|
|
This is really odd.
I set up a proxy on another machine that just bounces me straight back.
When I ssh myself that way it works!?
So the stuff going OVER the wire is the same. The only issue here is IP address. It's just that sshd doesn't like it coming from the same machine. So the question is still: why does sshd have a problem?
_________________
RUN! |
|
| Back to top |
|
|
swagr
Tux's lil' helper
Joined: 18 Apr 2002
Posts: 90
Location: Toronto
|
| Posted: Fri Apr 23, 2004 10:11 pm Post subject: |
|
|
FIXED!
Ok as it turns out, sshd was being started from xinetd.
I thought it was started from /etc/init.d/sshd because I'd always see sshd jobs in ps. I figured xinet.d would start/stop sshd as needed. I guess I was wrong.
Anyway, my xinetd.conf specifies the only_from parameter as the network address I'm on but not explicitly localhost or 127.0.0.1.
When I added localhost to the only_from field in xinetd.conf, everything worked fine.
I guess xinetd passes some command-line parameters to ssh that make it boot me off unless it explicitly sees an address allowed in xinetd.conf.
_________________
RUN! |
|
| Back to top |
|
|
|
Networking & Security
