You are not logged in.
- Topics: Active | Unanswered
Announcement
#1 2012-05-26 00:38:27
- mastis
- ArchBanger
- From: Finland
- Registered: 2011-10-02
- Posts: 126
[SOLVED] SSHD - unable to connect from external network
My ssh server works great when i use it from internal network, but i cant connect to it from outside. I have been hard googling for a few days now but no solutions.
I have port 22 open from my adsl-box/router, i have confirmed this with online port check tools.
ssh_config: http://pastebin.com/WfREevXP
sshd_config: http://pastebin.com/mxrd8qKC
Another maybe useful information:
-Iptables is not installed.
-Didn't have hosts.allow & hosts.deny file, i made those and tryed them but no help. After trying i removed files.
Please help me, I'm running out of ideas.
Last edited by mastis (2012-05-26 06:04:35)
Offline
#2 2012-05-26 00:46:28
- Mr Green
- Iso Developer
- Registered: 2010-11-07
- Posts: 3,742
Re: [SOLVED] SSHD - unable to connect from external network
How are you connecting to your router from outside? I use no-ip service to get a ip address [web] then forward requests to lan
Offline
#3 2012-05-26 00:53:54
- mastis
- ArchBanger
- From: Finland
- Registered: 2011-10-02
- Posts: 126
Re: [SOLVED] SSHD - unable to connect from external network
I use ipaddress directly, i dont have domain name yet. ssh mastis@85.xxx.xx.xxx
Offline
#4 2012-05-26 00:57:12
- Mr Green
- Iso Developer
- Registered: 2010-11-07
- Posts: 3,742
Re: [SOLVED] SSHD - unable to connect from external network
Does your router forward requests on 85.x.x.x. to internal ip address?
Can you see my server?
Offline
#5 2012-05-26 01:04:55
- mastis
- ArchBanger
- From: Finland
- Registered: 2011-10-02
- Posts: 126
Re: [SOLVED] SSHD - unable to connect from external network
Yes i can see your server. My router forwards requests to 192.168.11.4 (my server).
edit: I bet something in the router is blocking the traffic, tcpdump doesn't give any information when i try connect to my ssh.
edit2: nvm, even when i successfully connect from internal network tcpdump doesn't give any information.
Last edited by mastis (2012-05-26 01:15:05)
Offline
#6 2012-05-26 01:23:03
- Mr Green
- Iso Developer
- Registered: 2010-11-07
- Posts: 3,742
Re: [SOLVED] SSHD - unable to connect from external network
Try a different port for ssh connection, something a lot higher say 8000+
I can only access ssh locally which is by choice...
Offline
#7 2012-05-26 06:02:20
- mastis
- ArchBanger
- From: Finland
- Registered: 2011-10-02
- Posts: 126
Re: [SOLVED] SSHD - unable to connect from external network
Solved: Because i have Buffalo WBMR-HP-G300H, i get connection refused if i try 'ssh mastis@external_ip', if i test same outside..say at work..The forward goes through.
Offline
#8 2012-05-26 07:12:23
- Mr Green
- Iso Developer
- Registered: 2010-11-07
- Posts: 3,742
Re: [SOLVED] SSHD - unable to connect from external network
Let me know if you want me to ssh in 
Offline
#9 2012-05-26 07:28:07
- mastis
- ArchBanger
- From: Finland
- Registered: 2011-10-02
- Posts: 126
Re: [SOLVED] SSHD - unable to connect from external network
No need but thanks anyway
Offline
#10 2012-05-26 17:41:00
- oliver
- Administrator
- Registered: 2010-11-04
- Posts: 1,516
Re: [SOLVED] SSHD - unable to connect from external network
Just a small point, but /etc/hosts.deny and /etc/hosts.allow was deprecated a while back. Any references you see to them are out of date (as far as Arch(Bang) is concerned)
Welly, welly, welly, welly, welly, welly, well. To what do I owe the extreme pleasure of this surprising visit?
Offline
#11 2012-05-27 01:32:09
- mastis
- ArchBanger
- From: Finland
- Registered: 2011-10-02
- Posts: 126
Re: [SOLVED] SSHD - unable to connect from external network
Yeah i noticed that, what is the proper way these days?
Offline
#12 2012-05-27 05:16:00
- oliver
- Administrator
- Registered: 2010-11-04
- Posts: 1,516
Re: [SOLVED] SSHD - unable to connect from external network
Yeah i noticed that, what is the proper way these days?
It's app specific - which is the reason hosts.allow and hosts.deny was deprecated. People were frustrated at not knowing what apps supported it (sshd *did* but apache didn't for example)
For sshd, you need to edit /etc/sshd/sshd_config and add an "AllowUsers" entry
AllowUsers
This keyword can be followed by a list of user name patterns,
separated by spaces. If specified, login is allowed only for
user names that match one of the patterns. '*' and '?' can be
used as wildcards in the patterns. Only user names are valid; a
numerical user ID is not recognized. By default, login is
allowed for all users. If the pattern takes the form USER@HOST
then USER and HOST are separately checked, restricting logins to
particular users from particular hosts.For example, this would allow anyone from a private 192. address to connect but only you from (the resolvable) public.domain:
AllowUsers *@192.* mastis@public.domainObviously, the public side can take some tweaking because it might not be obvious where you're coming from.
Edit the file, restart sshd and it should work.
There are a lot of nice options in sshd. If you keep it running all the time, it's a nice idea to turn off password access and only use SSH keys for extra security
Welly, welly, welly, welly, welly, welly, well. To what do I owe the extreme pleasure of this surprising visit?
Offline
#13 2012-05-28 03:37:32
- mastis
- ArchBanger
- From: Finland
- Registered: 2011-10-02
- Posts: 126
Re: [SOLVED] SSHD - unable to connect from external network
Thanks for the information.
Offline