Find the answer to your Linux question:
Results 1 to 4 of 4
I have setup sshd so I am able to connect via putty to my laptop running backtrack2. I want to be able to connect to it from other places, like ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2007
    Posts
    2

    sshd_config listenaddress


    I have setup sshd so I am able to connect via putty to my laptop running backtrack2. I want to be able to connect to it from other places, like work and school, so i have configured my router to accept inbound connections on port 22 (and 23 for no reason at all) and I have set the listen address to the gateway on my router which is 192.168.0.1. I try and connect to my lan with my network's ip as assigned by my isp with putty from outside my network and am getting connection time out error from putty. It was actually working a while ago, but I had to do a reinstall for an unrelated reason and have not been able to get it working since. Below is my sshd_config file:

    $OpenBSD: sshd_config,v 1.74 2006/07/19 13:07:10 dtucker Exp $

    # This is the sshd server system-wide configuration file. See
    # sshd_config(5) for more information.

    # This sshd was compiled with PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin

    # The strategy used for options in the default sshd_config shipped with
    # OpenSSH is to specify options with their default value where
    # possible, but leave them commented. Uncommented options change a
    # default value.

    Port 22
    #Protocol 2,1
    #AddressFamily any
    ListenAddress 192.168.0.0
    #ListenAddress ::

    # HostKey for protocol version 1
    #HostKey /etc/ssh/ssh_host_key
    # HostKeys for protocol version 2
    #HostKey /etc/ssh/ssh_host_rsa_key
    #HostKey /etc/ssh/ssh_host_dsa_key

    # Lifetime and size of ephemeral version 1 server key
    #KeyRegenerationInterval 1h
    #ServerKeyBits 768

    # Logging
    # obsoletes QuietMode and FascistLogging
    #SyslogFacility AUTH
    #LogLevel INFO

    # Authentication:

    #LoginGraceTime 2m
    #PermitRootLogin yes
    #StrictModes yes
    #MaxAuthTries 6

    #RSAAuthentication yes
    #PubkeyAuthentication yes
    #AuthorizedKeysFile .ssh/authorized_keys

    # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
    #RhostsRSAAuthentication no
    # similar for protocol version 2
    #HostbasedAuthentication no
    # Change to yes if you don't trust ~/.ssh/known_hosts for
    # RhostsRSAAuthentication and HostbasedAuthentication
    #IgnoreUserKnownHosts no
    # Don't read the user's ~/.rhosts and ~/.shosts files
    #IgnoreRhosts yes

    # To disable tunneled clear text passwords, change to no here!
    #PasswordAuthentication yes
    #PermitEmptyPasswords no

    # Change to no to disable s/key passwords
    #ChallengeResponseAuthentication yes

    # Kerberos options
    #KerberosAuthentication no
    #KerberosOrLocalPasswd yes
    #KerberosTicketCleanup yes
    #KerberosGetAFSToken no

    # GSSAPI options
    #GSSAPIAuthentication no
    #GSSAPICleanupCredentials yes

    # Set this to 'yes' to enable PAM authentication, account processing,
    # and session processing. If this is enabled, PAM authentication will
    # be allowed through the ChallengeResponseAuthentication and
    # PasswordAuthentication. Depending on your PAM configuration,
    # PAM authentication via ChallengeResponseAuthentication may bypass
    # the setting of "PermitRootLogin without-password".
    # If you just want the PAM account and session checks to run without
    # PAM authentication, then enable this but set PasswordAuthentication
    # and ChallengeResponseAuthentication to 'no'.
    #UsePAM no

    #AllowTcpForwarding yes
    #GatewayPorts no
    #X11Forwarding no
    #X11DisplayOffset 10
    #X11UseLocalhost yes
    #PrintMotd yes
    #PrintLastLog yes
    #TCPKeepAlive yes
    #UseLogin no
    #UsePrivilegeSeparation yes
    #PermitUserEnvironment no
    #Compression delayed
    #ClientAliveInterval 0
    #ClientAliveCountMax 3
    #UseDNS yes
    #PidFile /var/run/sshd.pid
    #MaxStartups 10
    #PermitTunnel no

    # no default banner path
    #Banner /some/path

    # override default of no subsystems
    Subsystem sftp /usr/libexec/sftp-server

    # Example of overriding settings on a per-user basis
    #Match User anoncvs
    # X11Forwarding no
    # AllowTcpForwarding no
    # ForceCommand cvs server


    If anyone is able to help me out with this i would greatly appreciate it. Also, i was wondering if I am able to set ListenAddress to a range with 0's (like 192.168.0.0) so it can take connections both internally and externally at the same time. Hope to see a response soon!

  2. #2
    Linux Guru
    Join Date
    Nov 2007
    Posts
    1,756
    You shouldn't need to change the listenaddress at all. I assume you only have 1 NIC, so just let it listen on the default interface.

    My sshd_config:

    Code:
    # The strategy used for options in the default sshd_config shipped with
    # OpenSSH is to specify options with their default value where
    # possible, but leave them commented.  Uncommented options change a
    # default value.
    
    Port 16786
    Protocol 2
    #ListenAddress 0.0.0.0
    #ListenAddress ::
    
    # HostKey for protocol version 1
    #HostKey /etc/ssh/ssh_host_key
    # HostKeys for protocol version 2
    #HostKey /etc/ssh/ssh_host_rsa_key
    #HostKey /etc/ssh/ssh_host_dsa_key
    I'm sometimes behind a hardware router, and sometimes behind an iptables firewall. I just forward the needed port thru the firewall to the IP of the SSH server.

    PS. No, 192.168.0.0 is not a valid address.

  3. #3
    Linux Enthusiast
    Join Date
    Aug 2006
    Location
    Portsmouth, UK
    Posts
    539
    (and 23 for no reason at all)
    You don't want port 23 open (telnet) that will attract more than the usual amount of undesirable traffic!
    RHCE #100-015-395
    Please don't PM me with questions as no reply may offend, that's what the forums are for.

  4. #4
    Just Joined!
    Join Date
    Nov 2007
    Posts
    2
    Thanks HROAdmin26 and matonb for the advice. In making the changes you both suggested I then received an error in putty saying connection refused. I looked up that error and found:
    http://www.linuxforums.org/forum/ser...sed-error.html
    which led me to a resolution. thanks again!!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •