On Wednesday 06 October 2004 01:54, Gerhard Magnus wrote: > I have two machines (PuteA and PuteB) sharing an ActionTec DSL modem. The > IP I was using was that of my "Gateway" ISP (64.146.133.1) -- an error. > But when I used the correct, static IP address of the ActionTec > (64.146.133.52) I got this message: > > ssh: connect to host 64.146.133.52 port22: Connection refused > I thought I had port forwarding (for port 22) set correctly on the modem. which internal machine are you forwarding to? (ie see the lower answer about ifconfig) > For troubleshooting, my ISP advised me to run "tcpdump -n host 192.168.0.2" > on PuteA, where 192.168.0.2 is the "internal" IP of PuteA. Then I logged on > to the remote location from PuteB and tried to ssh from there to PuteA > using the static IP address. The ssh from the remote location timed out > with the same "port 22: connection refused" message. The tcpdump on Pute > Here are my replies to the people who responded to my first post: > > (1) "Do you have the firewall configured to deny incoming packets to port > 22?" > How do I check this? service iptables status or iptables -L -v (the v is verbose, which will include the interfaces too) >"service sshd status" gives"sshd (pid 787) is running". so that's not the problem. neither, it would appear is tcp_wrappers (the hosts.allow/deny files) > eth0 Link encap:Ethernet HWaddr 00:40:05:81:60:8E > inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0 > Could this be the problem -- the "inet addr" of 192.168.0.4? As far as I > can tell, the modem is 192.168.0.1, PuteA is 192.168.0.2, and PuteB is > 192.168.0.3. I haven't set anything as 192.168.0.4. This I believe is the issue here. ifconfig does not tell lies. your eth0 device is currently set to 192.168.0.4. Are you by any chance using your modem as a dhcp server? incidentally, try (on your fedora box) nmap -sP 192.168.0.0/24 which will tell you which machines are up with which ip addresses on your local network (it's a ping scan). You may need to install nmap first. try ssh-ing to from your other host you can reconfigure the interface (to what you expected) using netconfig: netconfig -d eth0 set your ip address and the other bits then do a service network restart. then try ssh again. > (9) "nmap 64.146.133.52" > (The 1598 ports scanned but not shown below are in state: closed) > Port State Service > 23/tcp open telnet > 53/tcp open domain > 80/tcp open http > Shouldn't ssh be here? And what's telnet doing open? The books have me > scared to death of this... hackers, crackers, script kiddies, etc. no idea. it's not difficult to turn off, however. See Matthew's post about this. HTH Stuart -- Stuart Sears RHCE, RHCX Quidquid latine dictum sit, altum viditur
