ssh and port 22 problem, cont.

Stuart Sears stuart at sjsears.com
Wed Oct 6 10:12:27 UTC 2004 

On Wednesday 06 October 2004 01:54, Gerhard Magnus wrote:
> I have two machines (PuteA and PuteB) sharing an ActionTec DSL modem.  The
> IP I was using was that of my "Gateway" ISP (64.146.133.1) -- an error. 
> But when I used the correct, static IP address of the ActionTec
> (64.146.133.52) I got this message:
>
> ssh: connect to host 64.146.133.52 port22: Connection refused

> I thought I had port forwarding (for port 22) set correctly on the modem. 
which internal machine are you forwarding to?
(ie see the lower answer about ifconfig)
> For troubleshooting, my ISP advised me to run "tcpdump -n host 192.168.0.2"
> on PuteA, where 192.168.0.2 is the "internal" IP of PuteA. Then I logged on
> to the remote location from PuteB and tried to ssh from there to PuteA
> using the static IP address.  The ssh from the remote location timed out
> with the same "port 22: connection refused" message.  The tcpdump on Pute
> Here are my replies to the people who responded to my first post:
>
> (1) "Do you have the firewall configured to deny incoming packets to port
> 22?"
> How do I check this?
service iptables status
or
iptables -L -v 
(the v is verbose, which will include the interfaces too)

>"service sshd status" gives"sshd (pid 787) is running".
so that's not the problem.
neither, it would appear is tcp_wrappers (the hosts.allow/deny files)

> eth0      Link encap:Ethernet  HWaddr 00:40:05:81:60:8E
>           inet addr:192.168.0.4  Bcast:192.168.0.255  Mask:255.255.255.0
> Could this be the problem -- the "inet addr" of 192.168.0.4?  As far as I
> can tell, the modem is 192.168.0.1, PuteA is 192.168.0.2, and PuteB is
> 192.168.0.3.  I haven't set anything as 192.168.0.4.
This I believe is the issue here. ifconfig does not tell lies.
your eth0 device is currently set to 192.168.0.4.
Are you by any chance using your modem as a dhcp server?
incidentally, try (on your fedora box)
nmap -sP 192.168.0.0/24
which will tell you which machines are up with which ip addresses on your 
local network (it's a ping scan). You may need to install nmap first.
try ssh-ing to from your other host

you can reconfigure the interface (to what you expected) using netconfig:
netconfig -d eth0
set your ip address and the other bits
then do a service network restart.

then try ssh again.




> (9) "nmap 64.146.133.52"
> (The 1598 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 23/tcp     open        telnet
> 53/tcp     open        domain
> 80/tcp     open        http
> Shouldn't ssh be here?  And what's telnet doing open?  The books have me
> scared to death of this... hackers, crackers, script kiddies, etc.
no idea.
it's not difficult to turn off, however. See Matthew's post about this.

HTH

Stuart
-- 
Stuart Sears RHCE, RHCX
Quidquid latine dictum sit, altum viditur

More information about the fedora-list mailing list