On Sat, Jul 15, 2023 at 10:32:11PM +0200, Roger Price wrote: > On Sat, 15 Jul 2023, to...@tuxteam.de wrote: > > > @Roger: what does "sudo ss -antp" (or "netstat -antp") say? Is sshd > > listening on 0.0.0.0:22? Then it's firewall, otherwise (not very > > probable,but hey) it's sshd config. > > Here is netstat -antp on one of the Debian 9 machines where I am currently > logged in locally as root via ssh. > > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address Foreign Address State > PID/Program name > tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 521/sshd > tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 4578/cupsd > tcp 0 0 127.0.0.1:22 127.0.0.1:50124 ESTABLISHED > 2905/sshd: root@pts > tcp 0 0 127.0.0.1:50124 127.0.0.1:22 ESTABLISHED 2903/ssh
Then (and as Greg wrote elsewhere in this thread, there were other strong indicators) it is definitely a firewall blocking port 22. One of those two (or both), "nft list ruleset" or "iptables -L" (both to be run as root) might shed light on that. Of course, once you have found out that there is a rule, you'll want to find out what is setting it (there are many packages which ease setting up firewall rules, like ufw, firewalld...: I have lost count of those; hopefully someone else can chime in here). Cheers -- t
signature.asc
Description: PGP signature