Re: Unable to ssh to Debian 9 from 9 or 11
On Sun, 16 Jul 2023, tomas@tuxteam.de wrote:
On Sun, Jul 16, 2023 at 09:39:35AM +0200, Roger Price wrote:
I tried to clear out the existing firewall on a Debian 9 machine with the
commands
This would be a good time to try ssh :-)
But before chasing that culprit it'd be nice to know we are
barking up the right tree: can you ssh after flushing the
firewalls and /before/ rebooting?
On a Debian 9 machine I typed the commands
iptables -F
iptables -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
and then _immediately_ attempted to ssh from Debian 11 to that Debian 9 machine.
rprice@titan ~ ssh rprice@kananga
rprice@kananga's password:
Linux kananga 4.9.0-4-686 #1 SMP Debian 4.9.65-3+deb9u1 (2017-12-23) i686
...
Success! I can ssh 11->9 after flushing the firewall and before rebooting.
I do not know what firewall management tool is in use. The first 4 lines shown
by iptables -L were
Chain INPUT (policy DROP)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 /* "main[2993]-set_basic_rules[971]" */
2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED /* "set_basic_rules[1028]-allow_basic_established[878]" */
3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED /* "set_basic_rules[1028]-allow_basic_established[892]" */
Does the style of comment give a clue to the tool used ?
Roger
Reply to: