Re: possible ssh problem

To: debian-user@lists.debian.org
Subject: Re: possible ssh problem
From: Greg Wooledge <greg@wooledge.org>
Date: Fri, 29 Aug 2025 14:20:55 -0400
Message-id: <[🔎] 20250829182055.GG28172@wooledge.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 1f34eb25-8357-4e1d-9c2c-16936af576f6@aol.com>
References: <89fcd05c-ae05-49dd-a587-8929ed131de2.ref@aol.com> <[🔎] 89fcd05c-ae05-49dd-a587-8929ed131de2@aol.com> <[🔎] 20250828220011.2mu6qb6fey6xztev@randomstring.org> <[🔎] 550a5e13-5017-495a-aecc-af2fc87a4b46@aol.com> <[🔎] 20250829103510.uvhtlbs5vquqvqtz@randomstring.org> <[🔎] 1f34eb25-8357-4e1d-9c2c-16936af576f6@aol.com>

On Fri, Aug 29, 2025 at 10:53:44 -0700, Paul Scott wrote:
> On 8/29/25 3:35 AM, Dan Ritter wrote:

> > > What is "it"? ddclient?
> > That might be the answer to the question "what software is
> > running on your desktop machine in order to notify dyndns?".
> > 
> > Is it?
> > 
> > If so, please post your ddclient.conf after removing any
> > passwords.
> > 
> If ping works doesn't that suggest that ddclient is working?
> 
> You may be asking how I ping. [username].dyndns,org .

The real question is whether your dyndns setup is correct.

You claim ping is "working", which is good, but at least in my mind,
there remains some lingering doubt about whether you're pinging the
correct system.

If your Debian system is on a home Internet connection behind a router,
then there are a few pieces involved:

1) Your Debian system must be running sshd, listening on some port.
   By default this is port 22, but that can be configured.

2) Your router must forward incoming ssh traffic to your Debian system.

   2a) Usually this first means you need to have a static IP address on
       the Debian system.  The router forwards traffic to a given IP
       address within the internal network.  You can either tell the
       router (if it is also your DHCP server, which is normally the
       case) to assign the same IP to the Debian system every time, or
       configure the Debian system with a static IP address locally.

   2b) Once the Debian system is set to have a fixed IP address, the
       router is configured to forward all incoming ssh traffic from
       a given port to the Debian system, on a given port, which may
       be the same port or a different one.

3) The ssh client must be told what the router's external IP address
   is.  This can be done either by you typing it in, or by looking it
   up in an ssh config file, a hosts file, or in DNS.  If you're going
   with DNS, this means the router's external IP address must be stored
   by some DNS server.  If the router's external IP address changes, then
   the router must update the DNS server whenever this change happens.

4) There must be no firewalls blocking the flow of ssh traffic to your
   router, or the response packets back to the ssh client.

All of the questions about your dyndns setup pertain to point 3 above,
in which your home router must continually update DNS whenever its
external IP address changes.  If you're unable to tell us how you've
set this up, then we're going to remain skeptical about whether it has
been done correctly.

If the dyndns setup is correct -- or more precisely, if your ssh client
is getting the correct IP address by whatever means -- then point 4
comes into play.  If there are firewalls preventing ssh traffic or ssh
responses from getting through, then you may need to choose a different
port in order to bypass those roadblocks.

Reply to:

References:
- possible ssh problem
  - From: Paul Scott <waterhorsemusic@aol.com>
- Re: possible ssh problem
  - From: Dan Ritter <dsr@randomstring.org>
- Re: possible ssh problem
  - From: Paul Scott <waterhorsemusic@aol.com>
- Re: possible ssh problem
  - From: Dan Ritter <dsr@randomstring.org>
- Re: possible ssh problem
  - From: Paul Scott <waterhorsemusic@aol.com>

Prev by Date: Re: possible ssh problem
Next by Date: Re: lazy old guy asks question
Previous by thread: Re: possible ssh problem
Next by thread: Re: possible ssh problem
Index(es):
- Date
- Thread