Discussion:
2010.2 networking issue
David Guntner
2011-11-28 04:11:01 UTC
Permalink
Did a clean install of the 2010 Spring install on a friend's computer,
but now having an really weird networking issue. It won't allow an
incoming ssh connection. From a shell prompt, I can do a "ssh
127.0.0.1" and "ssh 192.168.1.101" (for the internal net IP address) and
it works just fine. However, trying to ssh to the machine from another
machine on the local home network goes nowhere - it just times out. I
can ping the windows box on the network from the Linux box, but can't go
the other direction - again, doing a ping of the Linux box from the
Windows box just times out.

What the heck am I missing? It's clearly able to talk out to the
network, but it doesn't seem to be too interested in listening to the
network. Both /etc/hosts.allow and /etc/hosts.deny are empty, so it's
not that getting in the way....

Any ideas?

--Dave
Phil Savoie
2011-11-28 05:02:55 UTC
Permalink
Post by David Guntner
Did a clean install of the 2010 Spring install on a friend's computer,
but now having an really weird networking issue. It won't allow an
incoming ssh connection. From a shell prompt, I can do a "ssh
127.0.0.1" and "ssh 192.168.1.101" (for the internal net IP address) and
it works just fine. However, trying to ssh to the machine from another
machine on the local home network goes nowhere - it just times out. I
can ping the windows box on the network from the Linux box, but can't go
the other direction - again, doing a ping of the Linux box from the
Windows box just times out.
What the heck am I missing? It's clearly able to talk out to the
network, but it doesn't seem to be too interested in listening to the
network. Both /etc/hosts.allow and /etc/hosts.deny are empty, so it's
not that getting in the way....
Any ideas?
--Dave
Is the firewall turned on by default?

Phil
David Guntner
2011-11-28 13:09:11 UTC
Permalink
Post by Phil Savoie
Post by David Guntner
Did a clean install of the 2010 Spring install on a friend's computer,
but now having an really weird networking issue. It won't allow an
incoming ssh connection. From a shell prompt, I can do a "ssh
127.0.0.1" and "ssh 192.168.1.101" (for the internal net IP address) and
it works just fine. However, trying to ssh to the machine from another
machine on the local home network goes nowhere - it just times out. I
can ping the windows box on the network from the Linux box, but can't go
the other direction - again, doing a ping of the Linux box from the
Windows box just times out.
What the heck am I missing? It's clearly able to talk out to the
network, but it doesn't seem to be too interested in listening to the
network. Both /etc/hosts.allow and /etc/hosts.deny are empty, so it's
not that getting in the way....
Any ideas?
Is the firewall turned on by default?
I'll check that later today when my friend has returned home and can
look for me. I'm pretty sure the firewall would be turned on (be
running) by default, but doesn't it need rules to start blocking someone?

--Dave
Phil Savoie
2011-11-28 13:26:13 UTC
Permalink
Post by David Guntner
Post by Phil Savoie
Post by David Guntner
Did a clean install of the 2010 Spring install on a friend's computer,
but now having an really weird networking issue. It won't allow an
incoming ssh connection. From a shell prompt, I can do a "ssh
127.0.0.1" and "ssh 192.168.1.101" (for the internal net IP address) and
it works just fine. However, trying to ssh to the machine from another
machine on the local home network goes nowhere - it just times out. I
can ping the windows box on the network from the Linux box, but can't go
the other direction - again, doing a ping of the Linux box from the
Windows box just times out.
What the heck am I missing? It's clearly able to talk out to the
network, but it doesn't seem to be too interested in listening to the
network. Both /etc/hosts.allow and /etc/hosts.deny are empty, so it's
not that getting in the way....
Any ideas?
Is the firewall turned on by default?
I'll check that later today when my friend has returned home and can
look for me. I'm pretty sure the firewall would be turned on (be
running) by default, but doesn't it need rules to start blocking someone?
--Dave
Not if it is set to block everything which I think it is set to do by
default
David Guntner
2011-11-28 20:10:35 UTC
Permalink
Post by Phil Savoie
Post by David Guntner
I'll check that later today when my friend has returned home and can
look for me. I'm pretty sure the firewall would be turned on (be
running) by default, but doesn't it need rules to start blocking someone?
Not if it is set to block everything which I think it is set to do by
default.
Hmmm, ok. How do I verify it's blocking everything, and if that's the
case, how do I tell it to allow everything by default?

--Dave
Renaud (Ron) Olgiati
2011-11-28 20:14:33 UTC
Permalink
On Monday 28 Nov 2011 17:10 my mailbox was graced by a message from David
Post by David Guntner
how do I tell it to allow everything by default?
What about:
Echo "sshd:all" >> /etc/hosts.allow

Cheers,

Ron.
--
An age is called Dark not because the light fails to shine,
but because people refuse to see it.
-- James Michener

-- http://www.olgiati-in-paraguay.org --
David Guntner
2011-11-29 13:39:56 UTC
Permalink
Post by Renaud (Ron) Olgiati
On Monday 28 Nov 2011 17:10 my mailbox was graced by a message from David
Post by David Guntner
how do I tell it to allow everything by default?
Echo "sshd:all" >> /etc/hosts.allow
I'll give that a try, even though hosts.{allow|deny} relates to
tcpwrapper and not the firewall. :-)

--Dave

Phil Savoie
2011-11-28 23:21:58 UTC
Permalink
Post by David Guntner
Post by Phil Savoie
Post by David Guntner
I'll check that later today when my friend has returned home and can
look for me. I'm pretty sure the firewall would be turned on (be
running) by default, but doesn't it need rules to start blocking someone?
Not if it is set to block everything which I think it is set to do by
default.
Hmmm, ok. How do I verify it's blocking everything, and if that's the
case, how do I tell it to allow everything by default?
--Dave
Hi Dave,

Run MCC and look for security/firewall and check/uncheck the appropriate
boxes.

Phil
Renaud (Ron) Olgiati
2011-11-28 07:01:21 UTC
Permalink
On Monday 28 Nov 2011 01:11 my mailbox was graced by a message from David
Post by David Guntner
Both /etc/hosts.allow and /etc/hosts.deny are empty, so it's
not that getting in the way....
Dont you need a "sshd:all" in /etc/hosts.allow ?

Cheers,

Ron.
--
The world really isn't any worse.
It's just that the news coverage is so much better.

-- http://www.olgiati-in-paraguay.org --
David Guntner
2011-11-28 13:06:53 UTC
Permalink
Post by Renaud (Ron) Olgiati
On Monday 28 Nov 2011 01:11 my mailbox was graced by a message from David
Post by David Guntner
Both /etc/hosts.allow and /etc/hosts.deny are empty, so it's
not that getting in the way....
Dont you need a "sshd:all" in /etc/hosts.allow ?
I don't think so. At least, my personal system at home doesn't have
that and I have no problems at all contacting the system from on or off
the local home network. On my friend's home network, however, it seems
that nothing is getting in at the moment...

--Dave
Loading...