Re: ssh-ing in inside private network

To: debian-user@lists.debian.org
Subject: Re: ssh-ing in inside private network
From: Joe <joe@jretrading.com>
Date: Tue, 31 May 2016 21:51:30 +0100
Message-id: <[🔎] 20160531215130.7aceff0f@jresid.jretrading.com>
In-reply-to: <[🔎] 201605312031.32141.lisi.reisz@gmail.com>
References: <201603311243.49293.lisi.reisz@gmail.com> <201603311327.35142.lisi.reisz@gmail.com> <31032016145431.051394e52403@desktop.copernicus.demon.co.uk> <[🔎] 201605312031.32141.lisi.reisz@gmail.com>

On Tue, 31 May 2016 20:31:32 +0100
Lisi Reisz <lisi.reisz@gmail.com> wrote:

> -----------------------------------------------
> Now to do what I really wanted to do all along, and ssh in to run
> level one as root:
> 
> lisi@Tux-II:~$ ssh root@192.168.0.5
> ssh: connect to host 192.168.0.5 port 22: No route to host
> lisi@Tux-II:~$ ssh lisi@192.168.0.5
> -------------------------------------------------------
> 
> Help!!  This was the point of the whole exercise.  I want CLI only
> (no X running) access to the Ubuntu installation on Hermes.
> 
> Where next?????
> 

Sorry, I delete blocks of messages now and then and I don't have any of
this thread. 

The 'No route to host' for root only looks odd. This is of course a
routing message. If I try to login as root on a server where root isn't
permitted to login, I get a straightforward 'Permission denied' message.

Can you try nmap 192.168.0.5 -p 22 both as lisi and as root? This will
test both routing and firewall rules of client and server, and the
correct answer should be approximately:

$ nmap 192.168.101.3 -p 22

Starting Nmap 7.12 ( https://nmap.org ) at 2016-05-31 21:09 BST
Nmap scan report for server.jretrading.com (192.168.101.3)
Host is up (0.00045s latency).
PORT   STATE SERVICE
22/tcp open  ssh

Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds

and really ought to be pretty much the same for root and non-root
users, except that root is also given the MAC address of the machine. If
there is another difference, and there must be, then we can go from
there. With out-of-the-box Debian machines, this should all Just Work,
but it may be that Ubuntu is being 'helpful'.

nmap is not of course attempting to login, so the only part of the
server sshd_config which is being tested is the interface and port
specification. There are other configurations of both client and server
which can interfere, and we hope to identify any such problems arising.

But can you really not use a non-root user for ssh? I don't have root
ssh access to my (no X) server, but it doesn't stop me doing things to
it.

-- 
Joe

Reply to:

Follow-Ups:
- Re: ssh-ing in inside private network
  - From: Lisi Reisz <lisi.reisz@gmail.com>

References:
- Re: ssh-ing in inside private network
  - From: Lisi Reisz <lisi.reisz@gmail.com>

Prev by Date: Re: google-chrome-stable on Wheezy
Next by Date: Re: ssh-ing in inside private network
Previous by thread: Re: ssh-ing in inside private network
Next by thread: Re: ssh-ing in inside private network
Index(es):
- Date
- Thread