On Thu, Jan 01, 2004 at 10:02:36PM +0000, Colin Watson wrote: > On Thu, Jan 01, 2004 at 07:30:39PM +0000, Pigeon wrote: > > On the following setup: > > > > Local end Remote end > > Internet LAN > > Local box:ppp0-----------------------ppp0:NAT box:eth0---Other boxes > > > > From the local end, I can ping the remote end OK, but I cannot ssh to it: > > ssh fails with "ssh_exchange_identification: Connection closed by remote > > host". Outgoing connections from the remote end work fine, though. > > Perhaps the remote end is configured with 'ALL: PARANOID' in hosts.deny, Can't check without going there :-) but I'm fairly sure this is the case, from memory. > and your reverse DNS is wrong? That's a common cause of ssh connections > failing in the manner you describe, since tcp-wrappers checks happen at > about that stage. Ah yes, reverse DNS is wrong - on the local end I get: pigeon@droitwichbox:~$ hostname droitwichbox.dyndns.org pigeon@droitwichbox:~$ host droitwichbox.dyndns.org droitwichbox.dyndns.org has address 195.40.200.248 pigeon@droitwichbox:~$ host 195.40.200.248 248.200.40.195.in-addr.arpa domain name pointer tnt-5-248.easynet.co.uk. pigeon@droitwichbox:~$ ...so it looks like I need to temporarily reconfigure the local end's hostname according to the above result, and try again the next time the remote end comes online (it's not on all the time, it has crontab entries to connect/disconnect at certain times). Excellent, thanks! -- Pigeon Be kind to pigeons Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F
Attachment:
pgpde_HkhwffG.pgp
Description: PGP signature