Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Need SSH help

  1. #1

    Default Need SSH help

    i've got a IPcop firewall at home with two SUSE boxes and one win box. from my win machine at work i can remotely ssh to the IPcop firewall through putty, no prob. just had to create a firewall rule. i've setup ultravnc to view my win box desktop remotely, no prob. i just had to setup a port forward firewall rule on the IPcop.

    im now trying to log into one of my suse boxes through ssh. i created another firewall rule: port forward source port 12345 to the suse box's ip, port 22. i get a connection time out. is there anything i need to setup on the suse box?

  2. #2
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    29,757

    Default Re: Need SSH help

    It sounds a bit ridiculous, but as you do not mention it, I have to ask the question: did you start the SSH daemon on the openSUSE box?
    Henk van Velden

  3. #3

    Default Re: Need SSH help

    do you mean to allow ssh access? on my local network i can putty to the box. from the other suse box i can ssh through the terminal to the box.

  4. #4
    Join Date
    Mar 2009
    Location
    London
    Posts
    426

    Default Re: Need SSH help

    Hi,

    I think he means

    yast->system->system service: click on sshd: click enable

    Regards,
    Barry.

  5. #5
    Join Date
    Mar 2009
    Location
    London
    Posts
    426

    Default Re: Need SSH help

    in the opensuse firewall did you allow ssh from external zones aswell as internal?

    Also if you have a router it should forward port 22 to the local network IP of the suse computer.

    Regards,
    Barry.

  6. #6

    Default Re: Need SSH help

    Still this sounds like a firewalling issue , if the SuSEfirewall2 is still running on the target machine (which will not be needed behind the IPcop), turn it off, also check port forwarding in IPCop.

  7. #7
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    29,757

    Default Re: Need SSH help

    Yes, I meant using YaST to start ssh (now and on every boot) as Barry_Nichols points out.

    But when you are able to use ssh from another system to this system that must be OK.

    And @Barry_Nichols: no he need not to forward port 22 of the router to port 22 of his system, because he forwarded another (less obvious to the outside world) port (represented by 12345 in his first post) to port 22 on his system.

    And at last yes, I support Akoellha advice to doublecheck and switch the SuSEfirewall2 off.
    Henk van Velden

  8. #8
    Join Date
    Jun 2008
    Location
    Groningen, Netherlands
    Posts
    20,925
    Blog Entries
    14

    Default Re: Need SSH help

    Quote Originally Posted by hcvv View Post
    And @Barry_Nichols: no he need not to forward port 22 of the router to port 22 of his system, because he forwarded another (less obvious to the outside world) port (represented by 12345 in his first post) to port 22 on his system.

    And at last yes, I support Akoellha advice to doublecheck and switch the SuSEfirewall2 off.
    Henk, AFAIK :

    port 12345 from the router should be forwarded to the IP of machine 1. On machine 1 in /etc/ssh/sshd_config the line
    # Port 22
    should be changed to
    Port 12345
    Same on machine 2

    Now from 'work' using ssh should look like this:

    ssh homeIP -p 12345

    This would land on machine 1. From machine 1 to machine 2 would be:

    ssh machine2sIP

    That's all. If you mess with portnumbers being different on various stages of the routing that will likely bring you into trouble.

    Mind, if you have the firewall running you'd have to open port 12345.
    ° Appreciate my reply? Click the star and let me know why.

    ° Perfection is not gonna happen. No way.

    http://en.opensuse.org/User:Knurpht
    http://nl.opensuse.org/Gebruiker:Knurpht

  9. #9
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    29,757

    Default Re: Need SSH help

    Hm, I thought port-translation (including NAT: from Internet to port 12345 on router, translate to port 22 on particular-system) is one of the things I have heard more often from. It keeps your internal ports standard. Can't see problems with this principle. You can then even translate 12345 to 22 on system1 and 12346 to 22 on system2.

    Can anyone tell us if this is not only a possible, but also often done, or am I talking nuts?
    Henk van Velden

  10. #10

    Default Re: Need SSH help

    Quote Originally Posted by hcvv View Post
    Can anyone tell us if this is not only a possible, but also often done, or am I talking nuts?
    I am using this (even twice) to make a VM accessible via SSH, although it's more "playing around".

    My VM (openSUSE_Factory in VirtualBox) runs SSH on port 22 via a NATed virtual interface.

    As a normal user can not open ports < 1024 (and I don't want to start the VM as root), I configured VirtualBox to redirect port 22 of the guest to port 12345 (just an example) of the host.

    Locally I can ssh to the VM via port 12345.

    In SuSEfirewall2 I redirect incoming traffic on port 22 to port 12345.

    So if I ssh from outside to port 22, first SuSEfirewall2 (which is iptables "in the background" of course) redirects this to port 12345 and subsequently VirtualBox redirects this to port 22 in the VM.

    Simple, but effective.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •