Re: SSH port 22 is invisible from the internet!! :(

To: debian-user@lists.debian.org
Subject: Re: SSH port 22 is invisible from the internet!! :(
From: Franck Joncourt <franck.joncourt@wanadoo.fr>
Date: Mon, 9 Apr 2007 22:12:11 +0200
Message-id: <[🔎] 20070409201210.GL13330@toystory.lan>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20070409173331.GA14316@csanyi-pal.info>
References: <[🔎] 20070409130132.GA11076@csanyi-pal.info> <[🔎] 20070409171858.GJ13330@toystory.lan> <[🔎] 20070409173331.GA14316@csanyi-pal.info>

On Mon, Apr 09, 2007 at 07:33:31PM +0200, csanyipal wrote:
> On Mon, Apr 09, 2007 at 07:18:58PM +0200, Franck Joncourt wrote:
> 
> $ sudo telnet 127.0.0.1 22
> Trying 127.0.0.1...
> Connected to 127.0.0.1.
> Escape character is '^]'.
> SSH-2.0-OpenSSH_4.3p2 Debian-9
> ^]
> Protocol mismatch.
> Connection closed by foreign host.

Good point. At least we know, your ssh server is running on port 22.

> > Afterwards, you could worry a bit more with iptables if it does not work.
> 
> If the present iptables setup don't work, then I have no idea further how to 
> setup iptables to solve this problem?
> 
> Any advices will be appreciated!
> 

Here is a piece of a script, which will allow you to connect through
ssh. (I have not checked out your iptables output)

###
# Flush rules
iptables -F
iptables -F -t nat
iptables -F -t mangle

# Remove user-defined chains
iptables -X
iptables -X -t nat
iptables -X -t mangle

# Reset counters
iptables -Z
iptables -Z -t mangle
iptables -Z -t nat

# Set policy for the filter table
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# Allow ssh clients
iptables -A INPUT -i eth0 -p tcp --syn --dport 22 -m state --state NEW -j ACCEPT
###

Just written. So there may be some mistypes !

Otherwise, have you turned on the debug ?

thialme@sid:~/smhfw$ ssh -v thialme@sid
OpenSSH_4.3p2 Debian-9, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to sid [192.168.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/thialme/.ssh/identity type -1
debug1: identity file /home/thialme/.ssh/id_rsa type -1
debug1: identity file /home/thialme/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_4.3p2 Debian-9
[...]

-- 
Franck Joncourt
http://www.debian.org
http://smhteam.info/wiki/
GPG server : pgpkeys.mit.edu
Fingerprint : C10E D1D0 EF70 0A2A CACF 9A3C C490 534E 75C0 89FE

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- SSH port 22 is invisible from the internet!! :(
  - From: csanyipal <csanyipal@csanyi-pal.info>
- Re: SSH port 22 is invisible from the internet!! :(
  - From: Franck Joncourt <franck.joncourt@wanadoo.fr>
- Re: SSH port 22 is invisible from the internet!! :(
  - From: csanyipal <csanyipal@csanyi-pal.info>

Prev by Date: Re: Sam Hocevar, is this true?
Next by Date: [debian-user] The List Standard
Previous by thread: Re: SSH port 22 is invisible from the internet!! :(
Next by thread: Re: SSH port 22 is invisible from the internet!! :(
Index(es):
- Date
- Thread