Re: SSH port 22 is invisible from the internet!! :(

To: debian-user@lists.debian.org
Subject: Re: SSH port 22 is invisible from the internet!! :(
From: csanyipal <csanyipal@csanyi-pal.info>
Date: Mon, 9 Apr 2007 18:12:06 +0200
Message-id: <[🔎] 20070409161206.GC11300@csanyi-pal.info>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20070409135323.GH10335@wasteland.homelinux.net>
References: <[🔎] 20070409130132.GA11076@csanyi-pal.info> <[🔎] 20070409135323.GH10335@wasteland.homelinux.net>

On Mon, Apr 09, 2007 at 03:53:24PM +0200, Jochen Schulz wrote:

> > I use iptables as a firewall and have added a rule to open the port 22:
> 
> That probably means you are blocking any traffic not explicitly allowed,
> correct? Maybe it would help to show us your complete iptables script.

I attach the iptables script to this mail.

> And you are connected directly to the internet, right? No NAT?

It's a long story. :(
My ISP use PPTP VPN to share the internet amongs clients.
So everybody are happy because they use Windows, but I must to setup my 
Etch to:
1. use dhcp on eth0
2. setup pptplinux to bring up ppp0 interface so to can to connect to 
the internet.
3. I asked and get from my ISP a public IP address that I used to to
others can from internet reach my apache2 www server and I to can to use 
exim4 for the mailing, because the mail system of my ISP have bad 
setup.

> > I use a website 
> > http://wigwam.sztaki.hu:8080/varazslatok/tuzfalteszt.php
> > to see whethear is my port 22 visible and the test says that that the 
> > port 22 is invisible.
> 
> I can only see a tux logo on that page.

Sorry! Try this:
http://wigwam.sztaki.hu:8080/varazslatok/port_teszt.shtml

and click to the "WIGWAM - gyors tűzfalteszt" button! :)
(WIGWAM - quick firewall testing)

> > The remote user can't to login with ssh too on to my system.
> > My system has a FQDN csanyi-pal.info and a public IP: 85.222.164.132
> 
> I can confirm that your port 22 is not reachable. It appears that some
> system (not necessarily yours) is dropping packets, since I only get a
> timeout, not a REJECT message:
> 
> | $ nmap 85.222.164.132 -p 22
> | Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-04-09 15:47 CEST
> | Interesting ports on ipv132.sksyu.net (85.222.164.132):
> | PORT   STATE    SERVICE
> | 22/tcp filtered ssh
> 
> To debug it a little bit more, you could use tcpdump to see whether you
> can see packets coming on port 22/tcp at all (tcpdump -i $dev "port
> 22"). If you do, you have a problem with outgoing packages which would
> explain the timeouts.

I do:
$ sudo tcpdump -vv -i ppp0 "port 22"
tcpdump: listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 96 bytes

so if you could, please try to connect with ssh to my system!

You could to use "sshuser" username and "1234qwer" password to this. :)

-- 
Regards, Paul Csányi

Reply to:

Follow-Ups:
- Re: SSH port 22 is invisible from the internet!! :( - Sorry, the Attachment..
  - From: csanyipal <csanyipal@csanyi-pal.info>
- Re: SSH port 22 is invisible from the internet!! :(
  - From: Jochen Schulz <ml@well-adjusted.de>

References:
- SSH port 22 is invisible from the internet!! :(
  - From: csanyipal <csanyipal@csanyi-pal.info>
- Re: SSH port 22 is invisible from the internet!! :(
  - From: Jochen Schulz <ml@well-adjusted.de>

Prev by Date: RE: etch upgrade problem (SOLVED)
Next by Date: could you help with c++ ? (HW)
Previous by thread: Re: SSH port 22 is invisible from the internet!! :(
Next by thread: Re: SSH port 22 is invisible from the internet!! :( - Sorry, the Attachment..
Index(es):
- Date
- Thread