On Mon, 17 Jul 2023, to...@tuxteam.de wrote:
On Sun, Jul 16, 2023 at 03:21:06PM -0400, Timothy M Butterworth wrote:
Do you have TCP wrappers installed and running? Please post the output
of: `less /etc/hosts.allow` `less /etc/hosts.deny`
tcpwrappers would lead to a connection refused, not a
On Sun, Jul 16, 2023 at 03:21:06PM -0400, Timothy M Butterworth wrote:
[...]
> Do you have TCP wrappers installed and running? Please post the output
> of: `less
> /etc/hosts.allow` `less /etc/hosts.deny`
tcpwrappers would lead to a connection refused, not a timeout.
Cheers
--
t
On Sat, Jul 15, 2023 at 4:32 PM Roger Price wrote:
> On Sat, 15 Jul 2023, to...@tuxteam.de wrote:
>
> > @Roger: what does "sudo ss -antp" (or "netstat -antp") say? Is sshd
> > listening on 0.0.0.0:22? Then it's firewall, otherwise (not very
> > probable,but hey) it's sshd config.
>
> Here is
On Sun, 16 Jul 2023, Anssi Saari wrote:
Roger Price writes:
Does the style of comment give a clue to the tool used ?
Earlier you posted a list of firewall rules like this:
iptables -L -n --line-numbers reports
Chain INPUT (policy ACCEPT)
num targetprot opt source
Roger Price writes:
> Does the style of comment give a clue to the tool used ?
Earlier you posted a list of firewall rules like this:
iptables -L -n --line-numbers reports
Chain INPUT (policy ACCEPT)
num targetprot opt source destination
1
Roger Price wrote:
> After the restart, I tried to ssh from Debian 11 to that Debian 9 machine
>
> rprice@titan ~ ssh -v rprice@kananga
> ssh: connect to host kananga port 22: Connection timed out
>
> So it's something else? Roger
Sorry, but I didn't follow the whole thread complete. Maybe
mick.crane (12023-07-16):
> I'd compare the public key of you at 11 to what's in the authorized_keys on
> 9.
> and what's in known_hosts.
> and what's in the sshd config file on 9 about "Listen"
> after that I dunno.
Oh, please stop. The symptoms do not point to issues with the key AT ALL
and the
On 2023-07-16 10:53, Roger Price wrote:
On Sun, 16 Jul 2023, mick.crane wrote:
did you try to ssh to the ip address?
I vaguely remember something to do with the keys where I could ssh by
number but not name.
I ssh from Debian 11 to Debian 9 :
rprice@titan ~ ssh rprice@192.168.1.13
ssh:
On Sun, 16 Jul 2023, mick.crane wrote:
did you try to ssh to the ip address?
I vaguely remember something to do with the keys where I could ssh by number
but not name.
I ssh from Debian 11 to Debian 9 :
rprice@titan ~ ssh rprice@192.168.1.13
ssh: connect to host 192.168.1.13 port 22:
On 2023-07-16 09:28, Roger Price wrote:
On Sun, 16 Jul 2023, mick.crane wrote:
Can you ping the problem machine by name?
rprice@titan ~ ping -c2 kananga
PING kananga (192.168.1.16) 56(84) bytes of data.
64 bytes from kananga (192.168.1.16): icmp_seq=1 ttl=64 time=1.38 ms
64 bytes from
On Sun, Jul 16, 2023 at 11:03:52AM +0200, Roger Price wrote:
[...]
> On a Debian 9 machine I typed the commands
>
> iptables -F
> iptables -X
> iptables -P INPUT ACCEPT
> iptables -P FORWARD ACCEPT
> iptables -P OUTPUT ACCEPT
>
> and then _immediately_ attempted to ssh from Debian 11
On Sun, 16 Jul 2023, to...@tuxteam.de wrote:
On Sun, Jul 16, 2023 at 09:39:35AM +0200, Roger Price wrote:
I tried to clear out the existing firewall on a Debian 9 machine with the
commands
This would be a good time to try ssh :-)
But before chasing that culprit it'd be nice to know we
On Sun, 16 Jul 2023, mick.crane wrote:
Can you ping the problem machine by name?
rprice@titan ~ ping -c2 kananga
PING kananga (192.168.1.16) 56(84) bytes of data.
64 bytes from kananga (192.168.1.16): icmp_seq=1 ttl=64 time=1.38 ms
64 bytes from kananga (192.168.1.16): icmp_seq=2 ttl=64
On Sun, Jul 16, 2023 at 09:07:03AM +0100, mick.crane wrote:
[...]
> Can you ping the problem machine by name?
> mick
No, it isn't a name resolution issue. The original "ssh -v" output,
which I re-quote here shows that clearly:
| rprice@kananga:~$ ssh -v rprice@maria
| OpenSSH_7.4p1
On 2023-07-16 07:26, Roger Price wrote:
On Sun, 16 Jul 2023, Intense Red wrote:
Are you trying to ssh into the box as the root user?
I do not ssh into remote boxes as root; I use ssh to root only within
the box.
If so, remember Debian's ssh configuration stops root from logging in.
On Sun, Jul 16, 2023 at 03:46:06PM +0800, jeremy ardley wrote:
>
> On 16/7/23 15:39, Roger Price wrote:
> > So it's something else? Roger
>
>
> Have you checked /etc/ssh/sshd_config on the target to see if it is actually
> listening on port 22? You can also use netstat to see listening ports
On Sun, Jul 16, 2023 at 09:39:35AM +0200, Roger Price wrote:
> On Sat, 15 Jul 2023, Greg Wooledge wrote:
> > On Sat, Jul 15, 2023 at 11:59:33AM +0200, Roger Price wrote:
> > > rprice@kananga:~$ ssh -v rprice@maria
> > > ssh: connect to host maria port 22: Connection timed out
> >
> > A timeout is
On 16/7/23 15:39, Roger Price wrote:
So it's something else? Roger
Have you checked /etc/ssh/sshd_config on the target to see if it is
actually listening on port 22? You can also use netstat to see listening
ports and processes
Second is to check the /etc/ssh/ssh_config on the
On Sat, 15 Jul 2023, Greg Wooledge wrote:
On Sat, Jul 15, 2023 at 11:59:33AM +0200, Roger Price wrote:
rprice@kananga:~$ ssh -v rprice@maria
ssh: connect to host maria port 22: Connection timed out
A timeout is an ENTIRELY different symptom, and when combined with
"but I can ping the remote",
On Sun, Jul 16, 2023 at 2:27 AM Roger Price wrote:
>
> On Sun, 16 Jul 2023, Intense Red wrote:
>
> > Are you trying to ssh into the box as the root user?
>
> I do not ssh into remote boxes as root; I use ssh to root only within the box.
>
> > If so, remember Debian's ssh configuration stops
On Sun, 16 Jul 2023, Intense Red wrote:
Are you trying to ssh into the box as the root user?
I do not ssh into remote boxes as root; I use ssh to root only within the box.
If so, remember Debian's ssh configuration stops root from logging in.
In my Debian 9 and 11 boxes I see in
On Sun, Jul 16, 2023 at 12:47:43AM -0500, Intense Red wrote:
>Are you trying to ssh into the box as the root user? If so, remember
> Debian's ssh configuration stops root from logging in.
The ssh -v tells another story: the port isn't even open. If this
were root being rejected, it would
On Sat, Jul 15, 2023 at 10:32:11PM +0200, Roger Price wrote:
> On Sat, 15 Jul 2023, to...@tuxteam.de wrote:
>
> > @Roger: what does "sudo ss -antp" (or "netstat -antp") say? Is sshd
> > listening on 0.0.0.0:22? Then it's firewall, otherwise (not very
> > probable,but hey) it's sshd config.
>
>
On Sat, 15 Jul 2023, to...@tuxteam.de wrote:
@Roger: what does "sudo ss -antp" (or "netstat -antp") say? Is sshd
listening on 0.0.0.0:22? Then it's firewall, otherwise (not very
probable,but hey) it's sshd config.
Here is netstat -antp on one of the Debian 9 machines where I am currently
On Sat, Jul 15, 2023 at 11:12:23AM -0400, Greg Wooledge wrote:
> On Sat, Jul 15, 2023 at 11:59:33AM +0200, Roger Price wrote:
> > rprice@kananga:~$ ssh -v rprice@maria
> > OpenSSH_7.4p1 Debian-10+deb9u2, OpenSSL 1.0.2l 25 May 2017
> > debug1: Reading configuration data /etc/ssh/ssh_config
> >
On Sat, Jul 15, 2023 at 07:31:51AM -0400, Timothy M Butterworth wrote:
> On Sat, Jul 15, 2023 at 7:23 AM Roger Price wrote:
>
> > On Sat, 15 Jul 2023, Timothy M Butterworth wrote:
> >
> > > On Sat, Jul 15, 2023 at 7:12 AM Roger Price
> > wrote:
> > >
> > > The two debian 9 machines can
Greg Wooledge (12023-07-15):
> A timeout is an ENTIRELY different symptom, and when combined with
> "but I can ping the remote", it means a firewall is involved. Every
> time.
It can on occasion be a MTU black hole. But I am nitpicking and you are
almost certainly right here.
Regards,
--
On Sat, Jul 15, 2023 at 11:59:33AM +0200, Roger Price wrote:
> rprice@kananga:~$ ssh -v rprice@maria
> OpenSSH_7.4p1 Debian-10+deb9u2, OpenSSL 1.0.2l 25 May 2017
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: Applying options for *
> debug1:
On Sat, Jul 15, 2023 at 7:23 AM Roger Price wrote:
> On Sat, 15 Jul 2023, Timothy M Butterworth wrote:
>
> > On Sat, Jul 15, 2023 at 7:12 AM Roger Price
> wrote:
> >
> > The two debian 9 machines can ssh to themselves.
> >
> > Can you SSH from one Debian 9 to the other Debian 9?
>
> No. I
On Sat, 15 Jul 2023, Timothy M Butterworth wrote:
On Sat, Jul 15, 2023 at 7:12 AM Roger Price wrote:
The two debian 9 machines can ssh to themselves.
Can you SSH from one Debian 9 to the other Debian 9?
No. I can ping, but I cannot ssh. The ssh hangs after "Connecting to maria
On Sat, Jul 15, 2023 at 7:12 AM Roger Price wrote:
> On Sat, 15 Jul 2023, to...@tuxteam.de wrote:
> > To sort out the possible things:
> > - log in to maria
> > - try "ssh rprice@localhost": what happens?
>
> The two debian 9 machines can ssh to themselves.
>
Can you SSH from one Debian 9 to
On Sat, 15 Jul 2023, to...@tuxteam.de wrote:
To sort out the possible things:
- log in to maria
- try "ssh rprice@localhost": what happens?
The two debian 9 machines can ssh to themselves.
- if it works, there's an ssh daemon running on maria;
next to check would be
- is it listening
On Sat, 15 Jul 2023, Ming Kuang wrote:
Are you using any firewall rules? The phenomenon you describe is very much like
a
firewall blocking connections to these ports (you can connect out, can't
connect in).
Thanks for the suggestion. The two Debian 9 machines have customising firewall
On Sat, Jul 15, 2023 at 11:59:33AM +0200, Roger Price wrote:
> I have three Debian machines on a 192.168.1/24 WiFi network. One is debian
> 11 and the two others are debian 9. The network is connected, I can ping
> from any machine to any other.
>
> The problem is that I can ssh from the debian
On Sat, 15 Jul 2023, Roger Price wrote:
Sorry, a formatting problem. Let's hope this is clearer
_
The debian 9 machines are listening on ports 22 and 3493:
root@maria ~ netstat -pnlt
Active Internet connections
I have three Debian machines on a 192.168.1/24 WiFi network. One is debian 11
and the two others are debian 9. The network is connected, I can ping from any
machine to any other.
The problem is that I can ssh from the debian 9's to the debian 11, but not to
any debian 9, although all the
36 matches
Mail list logo