New FC2 not allowing ssh connections
Rick Stevens
rstevens at vitalstream.com
Mon Nov 15 19:32:01 UTC 2004
Mark Knecht wrote:
> On Mon, 15 Nov 2004 12:56:25 -0600, Bob McClure Jr
> <robertmcclure at earthlink.net> wrote:
>
>>On Mon, Nov 15, 2004 at 10:29:20AM -0800, Mark Knecht wrote:
>>
>>
>>
>>>On Mon, 15 Nov 2004 09:21:05 -0800, Rick Stevens
>>><rstevens at vitalstream.com> wrote:
>>>
>>>>Mark Knecht wrote:
>>>>
>>>>
>>>>
>>>>>Hi,
>>>>> I built a new FC2 machine from scratch recently. It's been working
>>>>>fine for outgoing connections. Today I wanted to connect to it but
>>>>>haven't been able to. When I attempt to connect to it from my laptop
>>>>>or another FC2 desktop I get:
>>>>>
>>>>>flash mark $ ssh -X -Y -C -c blowfish -l mark 192.168.10.101
>>>>>ssh: connect to host 192.168.10.101 port 22: No route to host
>>>>>flash mark $
>>>>
>>>>You have a routing issue on flash, Mark. Check "netstat -rn" and verify
>>>>that a) your default route is correct and b) that your netmask is
>>>>correct. 192.168 is a non-internet-routable class B (/16) network, so
>>>>you can safely get by with a "255.255.0.0" netmask.
>>>>
>>>>
>>>>> I've started sshd and looked at /etc/rc.d/init.d/sshd_config. It
>>>>>says it allows X11Forwarding. It has port 22 commented out, but I
>>>>>assume that's OK. Anyway, I tried uncommenting it and restarting sshd
>>>>>but no improvement.
>>>>
>>>>It's not an SSH issue, it's a routing issue. You have no route to the
>>>>192.168.10 network. If you can dump out the results of "ifconfig -a"
>>>>and "netstat -rn", we can help.
>>>
>>>Rick,
>>> This did not seem to be the case, or I am still misunderstanding you.
>>>
>>>Gentoo -> Gentoo - worked
>>>Gentoo - FC2 - failed
>>>FC2 -> Gentoo - worked
>>>FC2 -> FC2 - failed
>>>
>>>Gentoo -> FC2 (with iptables disabled at target) - worked
>>>FC2 -> FC2 (with iptables disabled at target) - worked
>>>
>>>Why is this a routing issue on the Gentoo box?
>>>
>>>Certainly I could have a routing issue on ALL machines I suppose. I
>>>set all machines up the same way, or as close as I could with scripts
>>>all being a bit different, and some boxes are fixed IP and one box was
>>>DHCP from the router. But why should disabling iptables on an FC2 box
>>>have 'fixed' a routing issue on a Gentoo box?
>>>
>>>Thanks!
>>>Mark
>>
>>Mark, Rick may not be aware that you fixed it by turning off IPTABLES
>>on the FC2 box(es). That is true, is it not?
>>
>
>
> Yes, that is true. Gentoo doesn't use IPTABLES by default, so I've
> never used it on that distribution. (It also doesn't automatically
> enable any input ports by default either, so telnet, etc. don't work
> unless you turn it on.)
>
> I'd be happy to post any info that would help folks understand the
> setup better. To my mind FC2 seemed to be acting like it just didn't
> want to accept connections. sshd didn't run by default so I turned
> that on and could see the sshd process running, but I couldn't
> connect.
>
> I did get a couple of messages in the security logs about something
> failing to bind to port 22 since the port was in use. I was unclear
> from the messages what this was - my external machines ssh'ing in, or
> me trying to start sshd and failing, or something else entirely.
>
> For clarity I did not edit any service files or scripts. I just loaded
> FC2 on a clean hard disk on two machines and got this problem.
Ok, dump the iptables on the FC2 and let's see it. If you set a high
security firewall on install, virtually nothing gets through. If you
selected medium, only incoming DNS gets through. You should be able
to just dump /etc/sysconfig/iptables to see what it's doing.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Admitting you have a problem is the first step toward getting -
- medicated for it. -- Jim Evarts (http://www.TopFive.com) -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list