Find the answer to your Linux question:
Results 1 to 3 of 3
Hi folks, Ubuntu LAMP 6.06 amd64 IP 192.168.0.52 Local PC IP 192.168.0.10 Without iptables running the local PC can ssh connect the server at port 2222. Just have iptables up ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Guru
    Join Date
    Sep 2004
    Posts
    1,808

    Problem on ssh connect the server


    Hi folks,


    Ubuntu LAMP 6.06 amd64
    IP 192.168.0.52


    Local PC
    IP 192.168.0.10


    Without iptables running the local PC can ssh connect the server at port 2222.


    Just have iptables up running local PC fails to ssh-connect the server

    $ ssh -p 2222 192.168.0.52
    Code:
    ssh: connect to host 192.168.0.52 port 2222: Connection timed out

    $ tail /var/log/lastlog (local PC)
    Code:
    ϢiHtty4A�HttySKGtty1Gtty1�BGtty1satimis@mail:~$

    $ tail /var/log/faillog (local PC)
    Code:
    tty1���tty1
               toHtty1#�Hsatimis@mail:~$
    I can't understand the meaning of the codes. Are these the right files to check?


    $ cat /etc/rc.local
    Code:
    #!/bin/sh -e
    #
    # rc.local
    #
    # This script is executed at the end of each multiuser runlevel.
    # Make sure that the script will "exit 0" on success or any other
    # value on error.
    #
    # In order to enable or disable this script just change the execution
    # bits.
    #
    # By default this script does nothing.
    
    # INPUT
    
    # Set the default policy to drop
    iptables -P INPUT DROP
    
    # Allow existing connections to continue
    iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    
    # Allow the server to talk to itself
    iptables -A INPUT -i lo -j ACCEPT
    
    # Allow ssh from workstation local IP
    
    iptables -A INPUT -s 192.168.0.10 -p tcp --dport 22 -j ACCEPT
    
    iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
    iptables -A INPUT -j LOG
    
    
    
    # OUTPUT
    
    # Set the default policy to drop
    iptables -P OUTPUT ACCEPT
    
    # Allow existing connections to continue
    iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    
    # Allow the server to talk to itself
    iptables -A OUTPUT -d 127.0.0.1 -j ACCEPT
    
    # Allow DNS requests out
    iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
    iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
    iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
    Please advise. TIA


    B.R.
    satimis

  2. #2
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    Quote Originally Posted by satimis View Post
    iptables -A INPUT -s 192.168.0.10 -p tcp --dport 22 -j ACCEPT
    is ssh running on port 22 or port 2222? iptables looks like it is opening port 22 and your connecting thru port 2222

  3. #3
    Linux Guru
    Join Date
    Sep 2004
    Posts
    1,808
    Quote Originally Posted by jledhead View Post
    is ssh running on port 22 or port 2222? iptables looks like it is opening port 22 and your connecting thru port 2222
    Hi jledhead,


    Thanks for your advice.


    Sorry I made a typo on port number. It works now after changing 22 to 2222.


    satimis

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •