Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Unable to ssh between two opensuse machines

  1. #1

    Default Unable to ssh between two opensuse machines

    I'm trying to ssh between my laptop and desktop but I keep getting connection refused.


    1. I opened port 22 (TCP) in both firewalls (source and destination)
    2. I also tried with both firewalls turned off
    3. I checked and openssh is installed


    I won't even ask for a password. What could be wrong?

  2. #2
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,630
    Blog Entries
    3

    Default Re: Unable to ssh between two opensuse machines

    No problem here.

    Is the ssh server running?
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

  3. #3

    Default Re: Unable to ssh between two opensuse machines

    Quote Originally Posted by nrickert View Post
    No problem here.

    Is the ssh server running?
    It is running and I now have it working with the firewall off, but with the firewall on it doesn't work!

    In the firewall GUI, I went to "Custom Rules" and added the following rules (none work) for Internal network:

    #The actual laptop ip
    192.168.1.126 destination port: 22
    192.168.1.126 destination port: 22 source port 22

    #Router IP
    192.168.1.1 destination port: 22
    192.168.1.1 destination port: 22 source port: 22

    #allow everything
    0/0 destination port: 22
    0/0 destination port: 22 source port: 22

    #all in my network
    192.168.1.0/24 destination port: 22
    192.168.1.0/24 destination port: 22 source port: 22

    NONE of these rules has allowed ssh through!

  4. #4
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,630
    Blog Entries
    3

    Default Re: Unable to ssh between two opensuse machines

    Those rules are surely wrong. The source port and destination port won't both be 22.

    You should just be able to go into Yast Firewall

    Select "Allowed Services"
    Select the appropriate zone (it should be the zone that your network card is in (the network card that you expect to use for ssh). I think the external zone covers unassigned network cards.

    Select "Secure Shell Server" in service to allow. Click "Add".

    I usually configure this during install. With the DVD installer (and, I think, the NET installer), the summary page has place to click to enable ssh and to open the firewall. But I occasionally forget to do it there, and do it in firewall settings as described above.
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

  5. #5
    Join Date
    Jun 2008
    Location
    Podunk
    Posts
    26,846
    Blog Entries
    15

    Default Re: Unable to ssh between two opensuse machines

    Quote Originally Posted by nrickert View Post
    Those rules are surely wrong. The source port and destination port won't both be 22.

    You should just be able to go into Yast Firewall

    Select "Allowed Services"
    Select the appropriate zone (it should be the zone that your network card is in (the network card that you expect to use for ssh). I think the external zone covers unassigned network cards.

    Select "Secure Shell Server" in service to allow. Click "Add".

    I usually configure this during install. With the DVD installer (and, I think, the NET installer), the summary page has place to click to enable ssh and to open the firewall. But I occasionally forget to do it there, and do it in firewall settings as described above.
    Hi
    Also using the -vvv option will add more info on what's happening...

    Code:
    ssh -vvv <host>
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    SUSE SLE, openSUSE Leap/Tumbleweed (x86_64) | GNOME DE
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!

  6. #6

    Default Re: Unable to ssh between two opensuse machines

    Quote Originally Posted by nrickert View Post
    Those rules are surely wrong. The source port and destination port won't both be 22.

    You should just be able to go into Yast Firewall
    I first tried with just destination as port 22 and it didn't work so i also tried the other way. Those are all the separate rules I tried since nothing worked.

    Quote Originally Posted by nrickert View Post
    Select "Allowed Services"
    Select the appropriate zone (it should be the zone that your network card is in (the network card that you expect to use for ssh). I think the external zone covers unassigned network cards.

    Select "Secure Shell Server" in service to allow. Click "Add".

    I usually configure this during install. With the DVD installer (and, I think, the NET installer), the summary page has place to click to enable ssh and to open the firewall. But I occasionally forget to do it there, and do it in firewall settings as described above.
    No, this doesn't work for internal netowrk. They're all greyed out (and already under the "add" section, but greyed out). You can only do what you suggest for external.

  7. #7
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,630
    Blog Entries
    3

    Default Re: Unable to ssh between two opensuse machines

    Quote Originally Posted by 6tr6tr View Post
    No, this doesn't work for internal netowrk. They're all greyed out (and already under the "add" section, but greyed out). You can only do what you suggest for external.
    Toward the bottom of that Yast firewall settings page, there is a box "Protect from internal zone". You have to check that box before you can set anything. That's probably why it is greyed out.

    The default is no firewall protection.

    It seems to follow that you are not actually using the internal zone. It is probably the external zone that matters.

    The term "internal zone" is confusing. It is not referring to your LAN. Rather, it is referring to network connections received on an interface that is considered external. You cannot separate connections from the internet from connections from your LAN via internal/external, unless you have two interfaces.

    If you are behind a NAT router and do not use IPv6, then you can probably just disable the firewall and depend on your NAT router to protect from the Internet. But that's risky with IPv6, since NAT protection doesn't work there.
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

  8. #8

    Default Re: Unable to ssh between two opensuse machines

    Quote Originally Posted by nrickert View Post
    Toward the bottom of that Yast firewall settings page, there is a box "Protect from internal zone". You have to check that box before you can set anything. That's probably why it is greyed out.

    The default is no firewall protection.

    It seems to follow that you are not actually using the internal zone. It is probably the external zone that matters.

    The term "internal zone" is confusing. It is not referring to your LAN. Rather, it is referring to network connections received on an interface that is considered external. You cannot separate connections from the internet from connections from your LAN via internal/external, unless you have two interfaces.

    If you are behind a NAT router and do not use IPv6, then you can probably just disable the firewall and depend on your NAT router to protect from the Internet. But that's risky with IPv6, since NAT protection doesn't work there.
    I guess but in external, there's no way (that i could see) to turn on sshf for just one ip or just the 192.168.1.x network. I don't want it turned on for anyone else

  9. #9
    Join Date
    Mar 2011
    Location
    Sauerland
    Posts
    3,979

    Default AW: Unable to ssh between two opensuse machines

    The Firewall is blocking on Traffic on your Netcard, the Netcard has an IP.........

    So Firewall is on on 192.168.1.126 (Laptop)

  10. #10

    Default Re: AW: Unable to ssh between two opensuse machines

    Quote Originally Posted by Sauerland View Post
    The Firewall is blocking on Traffic on your Netcard, the Netcard has an IP.........

    So Firewall is on on 192.168.1.126 (Laptop)
    Not sure what you're referring to with netcard, what do you mean?

    It's not the laptop's firewall. If I turn off the desktop firewall, everything works.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •