Re: SSH: remote login returns "invalid user"
Morgan Gangwere <0.fractalus@gmail.com> writes:
> on Sat, 11 Sep 2010 15:38:04 -0400, brownh
> <[🔎] 871v90ax5v.fsf@teufel.historicalMaterialism.info> attacked their
> terminal with [snip]
>
> Random Blithering Curiosity... Is the gateway a NAPT?
NAT loopback is not enabled on my router. Not sure this answers your
question.
> I had this problem for a while where I would be fine on the inside, then as
> soon as I went to the outside, I'd get the same problem you're experiencing.
My googling suggests a lot of people have the problem, but the reasons
seem different.
> Checking the following fixed my problems:
>
> 1) don't ssh as root unless you /have/ to.
> 2) Check that your NA(P)T allows port 22 on TCP *and* UDP, incoming and
> outgoing.
> 3) try using an SSH key. This occasionally fixes things.
I don't ssh as root; NAT is disabled in my router. As for SSH key,
I'll give that a try, but too little time before I fly out of here.
> I have a Lenny box sitting on my desk that I SSH to all the time
> with the default configuration. Nothing special, just the default
> OpenSSH-server configuration.
Good to know. I've mailed a query to the ssh list.
> For those who were confused:
> The setup as it looks like to me is this:
>
> (Internets)----[Gateway/router]--,---[server]
> `--[laptop]
> this configuration /works/.
> [laptop]---(??)--(internets)--[gateway]---[server]
> This does not.
Now I am confused ;-(. What I'm trying to do is:
laptop client -> internet/nameserver -> router -> server on LAN
Your first line looks like what I have now; the second line looks like
where I'm trying to get.
> This leads me to beg that there is either a configuration issue that
> says "Dont let anyone who's not on my local network talk to me" or a
> configuration issue with port translation.
The first problem sounds like it would involve my router, but I've
enabled ssh services in it. I don't know if I should enable NAT (my
rough impression is that NAT is best avoided). I should think my name
server would be able to use port info to send signals to the right
place, but I know nothing about it this "translation".
Haines Brown
Reply to: