Are you using any firewall rules? The phenomenon you describe is very much like a firewall blocking connections to these ports (you can connect out, can't connect in). On Saturday, July 15, 2023 6:00 PM, Roger Price wrote: > I have three Debian machines on a 192.168.1/24 WiFi network. One is debian 11 > and the two others are debian 9. The network is connected, I can ping from any > machine to any other. > > The problem is that I can ssh from the debian 9's to the debian 11, but not to > any debian 9, although all the machines can ssh to themselves: > > Some ascii art for people with fixed width fonts: > > .------OK--->-----debian 11--<--OK------. > | .----<--FAIL---- titan----->--FAIL--. | > | | | | > | v v | > debian 9---------FAIL--->------------debian 9 > maria ---------<---FAIL------------kananga > > # Debian 9 to debian 11: OK > rprice@kananga:~$ ssh rprice@titan > Linux titan 5.10.0-15-amd64 #1 SMP Debian 5.10.120-1 (2022-06-09) x86_64 ... > > # Debian 9 to debian 9: FAIL > rprice@kananga:~$ ssh -v rprice@maria > OpenSSH_7.4p1 Debian-10+deb9u2, OpenSSL 1.0.2l 25 May 2017 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug1: Connecting to maria [192.168.1.13] port 22. > debug1: connect to address 192.168.1.13 port 22: Connection timed out > ssh: connect to host maria port 22: Connection timed out > > The same problem also exists for port 3493 used for UPS management, with the > same pattern of success and failure between the three machines. > > # Debian 9 to debian 11: OK > rprice@kananga:~$ upsc Eaton@titan battery.charge > 100 > # Debian 9 and 11 to debian 9: FAIL > rprice@kananga:~$ upsc Eaton@maria battery.charge > Error: Connection failure: Connection timed out > rprice@titan /mnt/home upsc Eaton@maria battery.charge > Error: Connection failure: Connection timed out > > Any hint or suggestion as to what the problem is would be very welcome, Roger > _________________________________________________________________ > ____________ > > The debian 9 machines are listening on ports 22 and 3493: > > root@maria ~ netstat -pnlt > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program > name > tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN > 822/apache2 > tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 791/sshd > tcp 0 0 0.0.0.0:3493 0.0.0.0:* LISTEN 1919/upsd > tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 666/rsync > > Has systemctl enabled the ssh service? > > rprice@kananga:~$ systemctl status ssh > ● ssh.service - OpenBSD Secure Shell server > Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: > enabled) > Active: active (running) since Fri 2023-07-14 09:35:17 CEST; 3h 45min ago > Process: 2856 ExecReload=/bin/kill -HUP $MAINPID (code=exited, > status=0/SUCCESS) > Process: 2848 ExecReload=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS) > Process: 438 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS) > Main PID: 521 (sshd) > Tasks: 1 (limit: 4915) > CGroup: /system.slice/ssh.service > └─521 /usr/sbin/sshd -D > > Jul 14 09:51:09 kananga sshd[521]: Received SIGHUP; restarting. > Jul 14 09:51:09 kananga systemd[1]: Reloaded OpenBSD Secure Shell server. > Jul 14 09:51:09 kananga sshd[521]: Server listening on 0.0.0.0 port 22. > Jul 14 10:10:43 kananga sshd[2905]: Accepted password for root from 127.0.0.1 > port 50124 ssh2 > Jul 14 10:10:43 kananga sshd[2905]: pam_unix(sshd:session): session opened for > user root by (uid=0) > _________________________________________________________________ > ____________ > > What about ssh from non-Debian? I can ssh to debian 11 from a Samsung > Galaxy Tab S, but not to any debian 9 box.
Attachment:
openpgp-digital-signature.asc
Description: PGP signature