Find the answer to your Linux question:
Results 1 to 6 of 6
I have been trying to get my computer available for ssh logins/web access for the past month or so with no success. There is no trouble connecting from within my ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2005
    Location
    US
    Posts
    17

    problems connecting from remote hosts


    I have been trying to get my computer available for ssh logins/web access for the past month or so with no success. There is no trouble connecting from within my LAN but outside of this there always lies a 'connection refused' response.

    Here is my setup:

    I use Comcast @ Home Cable as my ISP

    192.168.0.1 is my cable modem which doubles as a gateway
    192.168.0.10 is my windows based computer which I have successfully connected to the linux box only using the LAN assigned ip address (192.168.0.11)
    192.168.0.11 is the knoppix box (installed to hard drive) I am on and hoping to have available for remote access

    Here is what I have tryed to do to allow remote logins:

    I have executed:

    root@box:/home/grim# iptables -F
    root@box:/home/grim# iptables -L
    Chain INPUT (policy ACCEPT)
    target prot opt source destination

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    root@box:/home/grim#

    1> I have logged into the gateway and added port forwarding for port 22 (both tcp/udp in case) for 192.168.0.11, then applyed the changes, and restarted the gateway

    2> I have added to my /etc/hosts.allow file:
    ALL : ALL@ALL : ALLOW

    3> I have made sure every line is commented out on my /etc/hosts.deny file

    4> I have run ethereal to capture packets and include a screen shot of the packet captures here:
    http://www.crypt.cc/ss/sshd.jpg

    5> I have run nmap to see if it was getting through the gateway here is the output:

    root@box:/home/grim# nmap -O -sV -v myip

    Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-12-21 04:25 EST
    Initiating SYN Stealth Scan against pcp09v01.md.comcast.net (myip) [1663 ports] at 04:25
    The SYN Stealth Scan took 4.21s to scan 1663 total ports.
    Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
    Host pcp0011459512pcs.chrchv01.md.comcast.net (myip) appears to be up ... good.
    All 1663 scanned ports on pcp001142pcs.c1.md.comcast.net (myip) are: closed
    Too many fingerprints match this host to give specific OS details
    TCP/IP fingerprint:
    SInfo(V=3.81%P=i686-pc-linux-gnu%D=12/21%Tm=43A91FA0%O=-1%C=1)
    T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
    T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=)
    T7(Resp=N)
    PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPC K=0 K=0%ULEN=134%DAT=E)

    Nmap finished: 1 IP address (1 host up) scanned in 13.016 seconds
    Raw packets sent: 1684 (67.6KB) | Rcvd: 1673 (77KB)
    root@box:/home/grim#

    Looking above it seems as though it is getting through the gatway to identify it as linux

    I thank you for any advice you can give me I am really not sure what is wrong here, maybe it's my ISP?
    I also cannot recieve/send file transfers on GAIM

    Limewire works ok though

    Thanks

  2. #2
    Trusted Penguin Dapper Dan's Avatar
    Join Date
    Oct 2004
    Location
    The Sovereign State of South Carolina
    Posts
    4,630
    I'm trying to picture your present setup. Am I understanding correctly that all boxes are presently on the same LAN, and you are trying to ssh from one to the other by going through the IP you are asigned by your ISP, then through a forwarded port back into another box on the same LAN for testing purposes?
    Linux Mint + IceWM Registered: #371367 New Members: click here

  3. #3
    Just Joined!
    Join Date
    Nov 2005
    Location
    US
    Posts
    17
    yes, all are on the same lan. All connected to the gateway sharing the 192.168.0.* range. I am testing by attempting to connect to the internet IP address from the 192.168.0.11 box (should be connecting to the gateway and transferring the connection back over to itself because it is the only one in the demilitarized zone). This is when I receive connection refused. On the other hand when specifying 192.168.0.11 as the ip address to connect to I have no trouble getting through.

    I am hoping to have it so that I can log in from my campus or other network to perform administrative tasks etc.
    Thanks for the quick reply

  4. #4
    Trusted Penguin Dapper Dan's Avatar
    Join Date
    Oct 2004
    Location
    The Sovereign State of South Carolina
    Posts
    4,630
    We were running a Shoutcast server out of my radio station and could not connect back to the server through a browser is the reason I ask. This may be what you're running into. We also recieved a "connection refused" even though I had the firewall and ports set up correctly. Recieving our stream from outside our network worked without problems. My suggestion would be to ask someone from outside your network to try sshing in. If they can't then I'm completely wrong and it's likely something else. I think of this because everything else appears to be right.
    EDIT: And you're absolutly sure the ssh server/daemon is up and running?
    Linux Mint + IceWM Registered: #371367 New Members: click here

  5. #5
    Just Joined!
    Join Date
    Nov 2005
    Location
    US
    Posts
    17
    yes I checked the ps list and it's running. I know its working, because I can ssh from inside the network just not from outside the network.

    Also using GAIM (aol instant messager clone) I cannot send or recieve files so Its something to do with outside connections.

    One thing I have had no problems with is Limewire (gnutella network).

  6. #6
    Trusted Penguin Dapper Dan's Avatar
    Join Date
    Oct 2004
    Location
    The Sovereign State of South Carolina
    Posts
    4,630
    If you are certain those ports are open and your firewall isn't blocking them, it could be something to do with your ISP. Sorry I couldn't help more...
    Linux Mint + IceWM Registered: #371367 New Members: click here

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •