[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ssh and port 22 problem, cont.

On Wednesday 06 October 2004 01:54, Gerhard Magnus wrote:
> I have two machines (PuteA and PuteB) sharing an ActionTec DSL modem.  The
> IP I was using was that of my "Gateway" ISP ( -- an error. 
> But when I used the correct, static IP address of the ActionTec
> ( I got this message:
> ssh: connect to host port22: Connection refused

> I thought I had port forwarding (for port 22) set correctly on the modem. 
which internal machine are you forwarding to?
(ie see the lower answer about ifconfig)
> For troubleshooting, my ISP advised me to run "tcpdump -n host"
> on PuteA, where is the "internal" IP of PuteA. Then I logged on
> to the remote location from PuteB and tried to ssh from there to PuteA
> using the static IP address.  The ssh from the remote location timed out
> with the same "port 22: connection refused" message.  The tcpdump on Pute
> Here are my replies to the people who responded to my first post:
> (1) "Do you have the firewall configured to deny incoming packets to port
> 22?"
> How do I check this?
service iptables status
iptables -L -v 
(the v is verbose, which will include the interfaces too)

>"service sshd status" gives"sshd (pid 787) is running".
so that's not the problem.
neither, it would appear is tcp_wrappers (the hosts.allow/deny files)

> eth0      Link encap:Ethernet  HWaddr 00:40:05:81:60:8E
>           inet addr:  Bcast:  Mask:
> Could this be the problem -- the "inet addr" of  As far as I
> can tell, the modem is, PuteA is, and PuteB is
>  I haven't set anything as
This I believe is the issue here. ifconfig does not tell lies.
your eth0 device is currently set to
Are you by any chance using your modem as a dhcp server?
incidentally, try (on your fedora box)
nmap -sP
which will tell you which machines are up with which ip addresses on your 
local network (it's a ping scan). You may need to install nmap first.
try ssh-ing to from your other host

you can reconfigure the interface (to what you expected) using netconfig:
netconfig -d eth0
set your ip address and the other bits
then do a service network restart.

then try ssh again.

> (9) "nmap"
> (The 1598 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 23/tcp     open        telnet
> 53/tcp     open        domain
> 80/tcp     open        http
> Shouldn't ssh be here?  And what's telnet doing open?  The books have me
> scared to death of this... hackers, crackers, script kiddies, etc.
no idea.
it's not difficult to turn off, however. See Matthew's post about this.


Stuart Sears RHCE, RHCX
Quidquid latine dictum sit, altum viditur

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]