[colug-432] SSH
Steve VanSlyck
s.vanslyck at spamcop.net
Thu Mar 10 08:57:30 EST 2011
The port I've configured is below 6000. I'll change it to 22 and do another
test.
----- Original Message -----
From: Richard Hornsby <richardjhornsby at gmail.com>
To: Central OH Linux User Group - 432xx <colug-432 at colug.net>
Date: Thu, 10 Mar 2011 07:48:21 -0600
Subject: Re: [colug-432] SSH
>
>
> On Mar 10, 2011, at 7:34, "Hal I. Tosis" <dmesg at frontier.com> wrote:
>
> > Have you tried port scanning your public IP address to see if the port
is truly open?
>
> One thing that comes to mind (someone else may have mentioned this) is
that RR might be blocking inbound traffic to high ports on a residential
link/account for security purposes. It doesn't mean there aren't any, but
I can't think offhand of any well-known services running on ports > 9999
and I don't have an /etc/services handy.
>
> If you haven't, I would try putting everything back to port 22 first and
see if that works. Start with the simplest case/setup - usually the
defaults - find success and incrementally build complexity until you
reach your desired & working configuration.
>
> -rj
>
> > Hal
> >
> >
> >
> > On Thu, Mar 10, 2011 at 06:30:05AM -0500, Steve VanSlyck wrote:
> >> I changed the port number from 22 to something else. I'm simply using
> >> 31210 as an example. I did restart ssh. The command was service sshd
> >> restart. (The OS is CentOS 5.5.)
> >>
> >> The changed port number was used in the client. I tested both from
> >> across town (with the updated port number) and from somewhere else on
> >> the planet, via an IRC friend.
> >>
> >> An incorrect port number was the first thing I assumed, so I changed it
> >> back (in ssh_config, sshd_config, on the router, and got the same
> >> result. My initial thinking is to take the router out of the mix since
> >> it's working inside 192.168.X.X but not from outside.
> >>
> >>
> >> On Wed, 2011-03-09 at 20:17 -0600, Richard Hornsby wrote:
> >>> On Mar 9, 2011, at 19:51 , Steve VanSlyck wrote:
> >>>
> >>>> Well, I can ssh from the same box, and ssh from a box on the same
> >>>> network, but cannot ssh from across town. The session times out
> >>>>
> >>>> Port forwarding is set up on the router (Linksys). Using fake port
> >>>> numbers,
> >>>
> >>> "fake port numbers"? port numbers matter, and unlike IP addresses,
don't personally identify your machine. 22 is the normal port for SSH,
it is listed in /etc/services, and is considered "well-known" for SSH.
Are the port numbers in your email fake?
> >>>
> >>> If you wish to change the port, that is your prerogative. There are
a couple of things I can think of off hand:
> >>>
> >>> 1. After changing sshd_config, make sure you restart sshd. IIRC (it
has been a while) on RH variants it is something like
> >>>
> >>> /etc/init.d/rc.d/sshd restart
> >>>
> >>> (oh how I miss the days of sending a process a simple HUP to make it
re-read the config.)
> >>>
> >>> 2. You have to specify a non-standard port in your ssh client. It
might be that you're able to log in locally because your client assumes
22, and you haven't restarted sshd yet. When you try to get in
externally, the port forwarding isn't configured for 22 - it is set up
for 31210 - but again, sshd isn't listening on 31210.
> >>>
> >>>
> >>> These might be obvious, and they're related.
> >>>
> >>> If for some reason you want ssh to be on a non-standard port on the
external facing side, you can always tell your router to port forward
external:31210 to internal:22
> >>>
> >>> I, however, wouldn't go changing it from 22 in the first place. Just
makes things harder on myself and doesn't add any meaningful measure of
security.
> >>>
> >>> -rj
> >>>
> >>>
> >>>
> >>>>
> >>>> I have sshd_config set to port 31210, ssh_config set to the same
thing,
> >>>> and the applications and gaming page on the router forwards port
31210
> >>>> (same number for both start and end of the range) to IP
192.168.1.102,
> >>>> which ifconfig reports as being the box's internal IP address:
> >>>>
> >>>> [steve at localhost ~]$ ifconfig
> >>>> eth0 Link encap:Ethernet HWaddr 00:11:85:65:41:38
> >>>> inet addr:192.168.1.102 Bcast:192.168.1.255
> >>>> Mask:255.255.255.0
> >>>> inet6 addr: fe80::211:85ff:fe65:4138/64 Scope:Link
> >>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> >>>> RX packets:7360 errors:0 dropped:0 overruns:0 frame:0
> >>>> TX packets:9076 errors:0 dropped:0 overruns:0 carrier:0
> >>>> collisions:0 txqueuelen:1000
> >>>> RX bytes:6045785 (5.7 MiB) TX bytes:1255649 (1.1 MiB)
> >>>> Interrupt:177 Memory:f0300000-f0310000
> >>>>
> >>>> lo Link encap:Local Loopback
> >>>> inet addr:127.0.0.1 Mask:255.0.0.0
> >>>> inet6 addr: ::1/128 Scope:Host
> >>>> UP LOOPBACK RUNNING MTU:16436 Metric:1
> >>>> RX packets:1431 errors:0 dropped:0 overruns:0 frame:0
> >>>> TX packets:1431 errors:0 dropped:0 overruns:0 carrier:0
> >>>> collisions:0 txqueuelen:0
> >>>> RX bytes:2303832 (2.1 MiB) TX bytes:2303832 (2.1 MiB)
> >>>>
> >>>> [steve at localhost ~]$
> >>>>
> >>>> Ideas or thoughts?
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> colug-432 mailing list
> >>>> colug-432 at colug.net
> >>>> http://lists.colug.net/mailman/listinfo/colug-432
> >>>
> >>>
> >>> _______________________________________________
> >>> colug-432 mailing list
> >>> colug-432 at colug.net
> >>> http://lists.colug.net/mailman/listinfo/colug-432
> >>
> >> _______________________________________________
> >> colug-432 mailing list
> >> colug-432 at colug.net
> >> http://lists.colug.net/mailman/listinfo/colug-432
> > _______________________________________________
> > colug-432 mailing list
> > colug-432 at colug.net
> > http://lists.colug.net/mailman/listinfo/colug-432
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
>
More information about the colug-432
mailing list