ssh - cannot log in

Jacques B. jjrboucher at gmail.com
Wed Jun 27 11:45:54 UTC 2007 

On 6/27/07, David Katz <david at davidkatzconsulting.com> wrote:
> I'm using Putty under XP to try to login to FC6 but it times out.
>
> I can ping the external ip from my laptop.
>
> Here's my iptables --list:
>
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain RH-Firewall-1-INPUT (2 references)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     icmp --  anywhere             anywhere            icmp any
> ACCEPT     tcp  --  anywhere             anywhere            tcp
> dpt:http flags:SYN,RST,ACK/SYN
> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
> flags:SYN,RST,ACK/SYN
> ACCEPT     esp  --  anywhere             anywhere
> ACCEPT     ah   --  anywhere             anywhere
> ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns
> ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
> ACCEPT     all  --  anywhere             anywhere            state
> RELATED,ESTABLISHED
> ACCEPT     tcp  --  anywhere             anywhere            state NEW
> tcp dpt:xdmcp
> ACCEPT     udp  --  anywhere             anywhere            state NEW
> udp dpt:xdmcp
> ACCEPT     tcp  --  anywhere             anywhere            state NEW
> tcp dpt:x11
> ACCEPT     tcp  --  anywhere             anywhere            state NEW
> tcp dpt:x11-ssh-offset
> ACCEPT     tcp  --  anywhere             anywhere            state NEW
> tcp dpt:ssh
> REJECT     all  --  anywhere             anywhere            reject-with
> icmp-host-prohibited
>
> I've tried without the windows firewall. The router is open to port 22
> and nats over to what I think is my workstation (how can I check this?)
>
> Thanks for any help.
>
> Note - ultimately I'd like to use X but right now I'm just trying to get
> a login prompt.
>
>
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
Sounds like your router isn't forwarding port 22 traffic to your box
from what you are describing.  Check the settings on your router to
see what IP it forwards port 22 traffic, and make sure your
workstation has that IP (ifconfig command).  You'll want to either
statically set your IP on that workstation, or set up a static DHCP
entry for the MAC of your workstation so it always gets the same IP.
Otherwise your port forwarding destination IP will be a moving target.

Having said all that, are you certain you are trying to connect to the
proper public IP for your router?  Have you checked what public IP is
allocated to your router? Here again that is a moving target unless
you have a static IP (very unlikely for a home user).  So you may be
trying to connect to an IP that is now allocated to someone else.
Hence why the ping would respond but SSH would not work.

If that is the case, you'll need to use a service such as DynDNS and
enable that feature on your router (providing it supports it).

Jacques B.

More information about the fedora-list mailing list