Cannot SSH from outside LAN despite port forwarding seems fine
Running Ubuntu 12.04, I've set up the OpenSSH server. I can connect from within LAN, but not from outside. I am using the same sshd_config
file as on my other Ubuntu 12.04 machines (that sit in a different LAN).
$ ssh 192.168.0.2
works fine, but
$ ssh 65.76.97.222
(made up IP address) does not work. Nothing happens. No error message, or anything. The prompt just sits there.
Thanks to comments below, I have managed to verify via websites canyouseeme.org and ShieldsUP that port 22 is indeed open.
Using the option -vvv
, I get the following:
$ ssh -vvv 65.76.97.222
OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 65.76.97.222 [65.76.97.222] port 22.
debug1: Connection established.
debug1: identity file /home/myname/.ssh/id_rsa type -1
debug1: identity file /home/myname/.ssh/id_rsa-cert type -1
debug1: identity file /home/myname/.ssh/id_dsa type -1
debug1: identity file /home/myname/.ssh/id_dsa-cert type -1
debug1: identity file /home/myname/.ssh/id_ecdsa type -1
debug1: identity file /home/myname/.ssh/id_ecdsa-cert type -1
And then the prompt just sits there.
Further debug information from var/log/auth.log
:
$ grep sshd /var/log/auth.log
[cutting old lines...]
Jul 6 10:23:05 mymachine sshd[7871]: Did not receive identification string from 65.76.97.222
I am allowing any user to connect, in particular my own username. What confuses me is that I have not had this problem on any other machine, although they are on a different lan. This lan has only one computer attached to it. Any ideas of how to proceed from here?
Check your gateway on the SSH server is set to the router doing the port-forwarding.
route -n
The default route should point back to that router, otherwise, you will be able to initiate connections through it, but the ACK's won't go anywhere!
A couple of things for you to check.
Check
/etc/ssh/sshd_config
and make sure that you don't have any funnyAllowUsers
entries.-
Specify the user that you want to connect as:
ssh USER@SERVER ssh SERVER -lUSER
-
Check your firewall (
iptables
):sudo iptables -L --line-numbers sudo iptables -L -t nat --line-numbers