> Can anyone give me helping hand? I'm trying to connect to a remote machine
> "C", that is hosted on the internet from my local machine "A" that is behind
> our corporate firewall on machine "B". Machines "A" and "C" are linux boxes,
> and machine "B" is a Windoze NT Server box.
Can you see connect attempts on "C" from "A" in the log (syslog or authlog or where
ever
Linux logs such things)?
Can you ping "C" from "A"?
Is "B" running some version of SOCKS (or whatever it's called on NT)?
Try running sshd on machine "C" at some non-privledged port ("-P 22222" for instance)
and remember to initiate the ssh session from "A" specifying the same port.
> "A" <-----> "B" <------> "C"
>
> I CAN connect to machine "C" from my home machine "D" through my dialup ISP,
> by simply typing in: slogin my-user-name@C
>
> "D" <-----> ISP <------> "C" Works!!!
>
>
> I CAN'T connect to machine "C" from machine "A", however, and I suspect that
> it is our corporate firewall that is to blame ... here is a transcript of the
> failed session:
>
> $ slogin -v my-user-name@C
> SSH Version OpenSSH-1.2.2, protocol version 1.5.
> Compiled with SSL.
> debug: Reading configuration data /etc/ssh/ssh_config
> debug: Applying options for *
> debug: ssh_connect: getuid 525 geteuid 0 anon 0
> debug: Connecting to C [xxx.xxx.xxx.xxx] port 22.
> debug: Allocated local port 832.
This could be a problem? "B" could be filtering out low numbered ports? You could try
fixing ssh to select higher level port numbers (over 2000).
> debug: connect: Connection refused
> debug: Trying again...
> debug: Connecting to C [xxx.xxx.xxx.xxx] port 22.
> debug: Allocated local port 856.
> debug: connect: Connection refused
> debug: Trying again...
> debug: Connecting to C [xxx.xxx.xxx.xxx] port 22.
> debug: Allocated local port 928.
> debug: connect: Connection refused
> debug: Trying again...
> debug: Connecting to C [xxx.xxx.xxx.xxx] port 22.
> debug: Allocated local port 621.
> debug: connect: Connection refused
> Secure connection to C refused.
>
>
> I suspect that port 22 is closed on machine "B" which is our corporate
> firewall machine (Windoze NT Server) :
"B" may block all port 22 traffic to/from any host but, port 22 on "B" should be of
no
consequence.
> $ telnet B
> Trying xxx.xxx.xxx.xxx...
> Connected to B.our-corporate-domain
> Escape character is '^]'.
> hhhhh telnet proxy (Version 5.5) ready:
> tn-gw-> close
> Connection closed by foreign host.
>
> [tom@id tom]$ telnet B 22
> Trying xxx.xxx.xxx.xxx...
> telnet: Unable to connect to remote host: Connection refused
>
>
> I have read and re-read the manpages and have tried various incarnations
> of the port forwarding switches, using the nonpriveleged -P switch, etc.
> with no luck.
Ok, forget my suggestion above ;). Hmmm, are you running a web server on "C"?
You could try using port 80 instead of 22 if you aren't. I'll bet they didn't block
the web from being passed out. ;)))
> Here are the versions of ssh used on each side:
> on machine "A":
> $ ssh -V
> SSH Version OpenSSH-1.2.2, protocol version 1.5.
> Compiled with SSL.
>
> on machine "C":
> $ ssh -V
> SSH Version 1.2.27 [i686-unknown-linux], protocol version 1.5.
> Standard version. Does not use RSAREF.
Have you tried ssh-1.2.27 on "A"? (Isn't 1.2.29 available?)
Good luck,
Paul
