I’m trying to ssh from my mac to my pc running opensuse and vice versa. I’ve checked my firewall settings on both machines to make sure that ssh is allowed.
When I try to ssh from my mac, it works sometimes, but the rest of the time I get the message: “Could not resolve hostname … nodename nor servname provided, or not known.” It works when the opesuse pc has just booted and is at the login screen, when I turn the firewall off, a little while after I turn the firewall back on, and after I change my domain name in yast network settings. ‘Secure Shell Server’ is listed under allowed services in my firewall settings, so I really can’t see why the firewall should be the problem.
I can’t ssh onto my mac at all. I can access it from any other mac on the network with “ssh stew@hostname.local”. I was recently running ubuntu and was able to ssh onto my mac out of the box, so I know this shouldn’t be too difficult to set up.
Post the IP information from both machines. On Linux these commands are best:
ip addr
ip route
grep -v ‘^#’ /etc/resolv.conf
sudo /usr/sbin/iptables-save
Good luck.
On 06/19/2011 05:06 AM, stewSquared wrote:
>
> I’m trying to ssh from my mac to my pc running opensuse and vice versa.
> I’ve checked my firewall settings on both machines to make sure that ssh
> is allowed.
>
> When I try to ssh from my mac, it works sometimes, but the rest of the
> time I get the message: “Could not resolve hostname … nodename nor
> servname provided, or not known.” It works when the opesuse pc has just
> booted and is at the login screen, when I turn the firewall off, a
> little while after I turn the firewall back on, and after I change my
> domain name in yast network settings. ‘Secure Shell Server’ is listed
> under allowed services in my firewall settings, so I really can’t see
> why the firewall should be the problem.
>
> I can’t ssh onto my mac at all. I can access it from any other mac on
> the network with “ssh stew@hostname.local”. I was recently running
> ubuntu and was able to ssh onto my mac out of the box, so I know this
> shouldn’t be too difficult to set up.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
I think I’ve figured it out, but I need to make sure my firewall is still secure.
With the firewall on, I was only able to ssh using a machine’s ip address, but I was at least able to do it both ways.
With the firewall turned off, I was able to ssh both ways using user@hotname.local, so I figured something must be screwed up with my firewall.
In YaST firewall settings, under Interface, I have eth0 configured int internal zone.
Under Allowed Services, Secure Shell Server is allowed for External and demilitarized zone, and ‘Protect Firewall from internal Zone is unchecked’. Are these settings safe?
@ab I’m sorry I didn’t end up posting the information you asked for, but thanks for offering the help anyway!
Just to be clear, you should never use ‘local’ as your DNS domain since it
is “special” per other RFCs. If you are using local your system will try
to use mDNS (not the same as DNS) and that can cause issues since in most
cases that is not what you intend.
Good luck.
On 06/19/2011 01:36 PM, stewSquared wrote:
>
> I think I’ve figured it out, but I need to make sure my firewall is
> still secure.
>
> With the firewall on, I was only able to ssh using a machine’s ip
> address, but I was at least able to do it both ways.
> With the firewall turned off, I was able to ssh both ways using
> user@hotname.local, so I figured something must be screwed up with my
> firewall.
>
> In YaST firewall settings, under Interface, I have eth0 configured int
> internal zone.
> Under Allowed Services, Secure Shell Server is allowed for External and
> demilitarized zone, and ‘Protect Firewall from internal Zone is
> unchecked’. Are these settings safe?
>
> @ab I’m sorry I didn’t end up posting the information you asked for,
> but thanks for offering the help anyway!
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
Thanks, though I didn’t use ‘local’ – I just left it blank. Apple uses local to specify the local area network, so I use .local whenever I’m ssh-ing to or from a mac. It seems like just using the host name, with no domain, works otherwise.
Use a properly configured DNS in your lan or put all your computers’ ips, fullnames and aliases in the file /etc/hosts on each computer (Linux and Mac OSX). See man hosts. You should set up your lan yourself (in case you didn’t) , not let a router do it for you.