SSH server

Asked by Chris L on 2011-04-13

I am having great difficulty with ssh on my Ubuntu 10.10 server. I can ping the external IP address, however I am unable to ssh into it using putty. I have port forwarding for the port I changed ssh to enabled, so that is not the problem. I also tried adding the computer's external IP address(the computer I'm using to ssh obviously) to the hosts.allow file (sshd: xx.xx.xxx.xx). I still seem to get a request timed out notification. Any ideas to what I'm doing wrong?

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu openssh Edit question
Assignee:
No assignee Edit question
Last query:
2011-04-13
Last reply:
2011-04-13
mycae (mycae) said : #1

is this behind a router or firewall? You may need to reconfigure that to allow the incoming connections, or to forward ports if it is NAT-ed (most home routers use NAT).

did you try rebooting the router after adding the rule?Some homegrade routers need a reboot for the forward to be enabled fully. Also I suggest you set the SSH server as a static IP so that DHCP lease expiration does not sever the link.

Can you also SSH to the localhost from the local machine?

Chris L (racerxpa7777) said : #3

It is behind a firewall in a network, however, as I stated before I set the firewall to allow port forwarding to my ssh port. It also is part of a network so it may be part of a NAT, however, I am using the external IP address of the server, so should that matter? I am also pretty sure that the router was rebooted.

Chris L (racerxpa7777) said : #4

I forgot to mention that within the network I can ssh to the server using the internal IP address xxx.xxx.xx.xxx

The problem is almost certainly with the NAT router then. As others have said, you should make sure the port forwarding is set up correctly, that the correct port is being forwarded, and that it is being forwarded to the correct IP address on your LAN (i.e., the LAN IP of the machine running the SSH server); you should also try rebooting the router (and after you do, you should make sure that it is still configured correctly, both in terms of its settings being retained, and in terms of the IP address of the server possibly being different because rebooting the NAT router restarts the DHCP server that it runs, which assigns IP addresses to computers in your LAN, unless they're using static addresses).

There are various services on the Internet that you can use to scan ranges of ports on your WAN IP -- it is quicker to use such a service than to attempt to SSH in over and over again. I'm not sure what the best service is to use, to scan your machine from over the Internet and tell you if port 22 (or whatever other port you've decided to use for SSH) is accessible over the Internet, but one such service which works quite well is https://www.grc.com/x/ne.dll?bh0bkyd2.

Can you help with this problem?

Provide an answer of your own, or ask Chris L for more information if necessary.

To post a message you must log in.