SSH won't Connect

I’m having an issue connecting to my SSH server from my Windows box using Putty. Here’s the scenario:

  1. SSHD is up and running
  2. Firewall is completely disabled
  3. I can SSH into my local machine just fine

When I open Putty, and try to SSH in (with the SSH setting, port 22, the username in the auto-login box, it gives me the error:

Connection refused.

Any suggestions? Thanks!

Oh, and they are both on the same network (subnet).

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If you are getting a connection refused that means your server is not
listening on the port that the windows box reached. Be sure you have the
right IP and port. If nothing else get a LAN trace from both sides
showing the connection attempt. Include the output from the following
commands along with the traces…

ip addr
ip route
cat /etc/resolv.conf

Good luck.

On 04/30/2010 11:56 AM, jmarsz wrote:
>
> I’m having an issue connecting to my SSH server from my Windows box
> using Putty. Here’s the scenario:
>
> 1. SSHD is up and running
> 2. Firewall is completely disabled
> 3. I can SSH into my local machine just fine
>
> When I open Putty, and try to SSH in (with the SSH setting, port 22,
> the username in the auto-login box, it gives me the error:
>
> Connection refused.
>
> Any suggestions? Thanks!
>
> Oh, and they are both on the same network (subnet).
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJL2xtMAAoJEF+XTK08PnB5iqIP/2sxOSALc8ENwvrMyWQWbjpz
A2j8P2DBdKkVlWdhQ9lh9+Pxac6wEYnRGJ2iszyXP2P9R7vo7ueZghQ9+O4PPDpd
cHJAb/4oO2fD9vNmmnP3dxaqdi2zzKlU77jmCZXWTOpxjU2eCSwg3DtYrNhLkEXV
L57qvdedJT4WGW6lspVFR5ug0XG3gX7GOlNnfjLRqOZdt0Mkegc13eo8TJ214kgn
6XjeTkek/UBTfLGA6YMg1sWCvC1WcYGx4LM6Pudxue6vD2+ICmjm6RNVjZRi1Wmb
yHZHatR4fcFE1A/0mAKFdu6yfxlS4ppj+weFnUA+4NmeYKi2+4a1qFkoUiuCHU3j
zDmCOSi0ZVCtVEyyWRHMjjxIcV84r6i2QQ1h8dszcjR1fefolvCIC74f83HGmgSy
dr3RQQaFs5H8dlLY7kRFpJlJY/5eI+SL25J0Umb5KrrTXfURqeSWDJkWpMcagN5d
yc0cN4MVByqSrG+E1j8/P2PlvdchNBtf0JUKp7BjlQpNNgMuWdMJd4Yr7Qqq1WD/
n3BmYHLYJH4xG/RpA1gai9hsq4C2CgHDqRnokDF6T6Px9QdnLGey86C3Ba8c6YO7
4OMIP1v3voomeyPwIDxG+idU35J0ZB5auT+lrHP64fAWngzhYPDF6Y0R1BCKa0sB
ReaICJl6rLvHQMpyKI8G
=/HP+
-----END PGP SIGNATURE-----

Here’s the info from the linux box:

IP Addr -
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet 127.0.0.2/8 brd 127.255.255.255 scope host secondary lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:5b:a4:75 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.6/24 brd 192.168.0.255 scope global eth0
inet6 fe80::20c:29ff:fe5b:a475/64 scope link
valid_lft forever preferred_lft forever

IP Route -
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.6
169.254.0.0/16 dev eth0 scope link
127.0.0.0/8 dev lo scope link
default via 192.168.0.1 dev eth0

Cat /etc/resolv.conf -
search medicine-bow.com
nameserver 192.168.0.1
nameserver 192.168.0.5

Traceroute to Windows box -
traceroute to 192.168.0.187 (192.168.0.187), 30 hops max, 40 byte packets using UDP
1 * 192.168.0.187 (192.168.0.187) 0.759 ms 0.245 ms

And here’s the info from the Windows box:

IPConfig /all:
Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller #2
Physical Address. . . . . . . . . : 00-50-8D-93-05-7D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a080:94a7:ef72:1b44%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.187(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, April 29, 2010 5:02:26 PM
Lease Expires . . . . . . . . . . : Thursday, May 06, 2010 5:02:17 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 302010509
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-B1-B1-25-00-50-8D-93-05-7C

DNS Servers . . . . . . . . . . . : 192.168.0.5
192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Traceroute to linux box -
Tracing route to LINUX [192.168.0.6]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms LINUX [192.168.0.6]

Trace complete.

Thanks for your help, and let me know if you need anything else!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

K, on your Linux box post the output from the following:

netstat -planet

Good luck.

On 04/30/2010 02:06 PM, jmarsz wrote:
>
> Here’s the info from the linux box:
>
> IP Addr -
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
> inet 127.0.0.2/8 brd 127.255.255.255 scope host secondary lo
> inet6 ::1/128 scope host
> valid_lft forever preferred_lft forever
> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
> state UP qlen 1000
> link/ether 00:0c:29:5b:a4:75 brd ff:ff:ff:ff:ff:ff
> inet 192.168.0.6/24 brd 192.168.0.255 scope global eth0
> inet6 fe80::20c:29ff:fe5b:a475/64 scope link
> valid_lft forever preferred_lft forever
>
> IP Route -
> 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.6
> 169.254.0.0/16 dev eth0 scope link
> 127.0.0.0/8 dev lo scope link
> default via 192.168.0.1 dev eth0
>
> Cat /etc/resolv.conf -
> search medicine-bow.com
> nameserver 192.168.0.1
> nameserver 192.168.0.5
>
> Traceroute to Windows box -
> traceroute to 192.168.0.187 (192.168.0.187), 30 hops max, 40 byte
> packets using UDP
> 1 * 192.168.0.187 (192.168.0.187) 0.759 ms 0.245 ms
>
> And here’s the info from the Windows box:
>
> IPConfig /all:
> Ethernet adapter Local Area Connection 2:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : NVIDIA nForce Networking
> Controller #2
> Physical Address. . . . . . . . . : 00-50-8D-93-05-7D
> DHCP Enabled. . . . . . . . . . . : Yes
> Autoconfiguration Enabled . . . . : Yes
> Link-local IPv6 Address . . . . . :
> fe80::a080:94a7:ef72:1b44%13(Preferred)
> IPv4 Address. . . . . . . . . . . : 192.168.0.187(Preferred)
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Lease Obtained. . . . . . . . . . : Thursday, April 29, 2010 5:02:26
> PM
> Lease Expires . . . . . . . . . . : Thursday, May 06, 2010 5:02:17
> PM
> Default Gateway . . . . . . . . . : 192.168.0.1
> DHCP Server . . . . . . . . . . . : 192.168.0.1
> DHCPv6 IAID . . . . . . . . . . . : 302010509
> DHCPv6 Client DUID. . . . . . . . :
> 00-01-00-01-12-B1-B1-25-00-50-8D-93-05-7C
>
> DNS Servers . . . . . . . . . . . : 192.168.0.5
> 192.168.0.1
> NetBIOS over Tcpip. . . . . . . . : Enabled
>
> Traceroute to linux box -
> Tracing route to LINUX [192.168.0.6]
> over a maximum of 30 hops:
>
> 1 <1 ms <1 ms <1 ms LINUX [192.168.0.6]
>
> Trace complete.
>
> Thanks for your help, and let me know if you need anything else!
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIbBAEBAgAGBQJL20HUAAoJEF+XTK08PnB5fesP9jzURRQgnVa9/9XBk5KH0mcy
0n7OpOq08PjFtiiKD/Lz3L6Y2VNaPcbm6yVKWIDhvp4AJ1OOSbDqzX1/CQ77AqSL
GEsippn2wOwsu7P8ynTrpHK0u7ml5HnnNjeG3J/rfm+DKT7+nNxrmWSEejwf9SKi
JCsQzYBNUUKJ8rk51TxgprH6jsk5wGPYCDYbahCQkjQXWTMB92pFaZ9/5P+pOCRg
2EnX//0K28AfP1hCe4a5x2ehsLQQaZfr2fiWs6zuJMqsoy7siV1fQrQ06cCSjdXZ
RdAg0shH8hogkcm8q6EGh9l61VsKadE/p52XoVPJ2MsJUg05RY1e1xsC8dw/Urxa
fH8pAy0ibrm//qaJnHUiiYr74R8Jr+TZDuqiuG3St2csxK2u21f8jEgXY/QTQXxE
bvwkw7QUAbR79itHtN9Anfk9dJPJSwVEqo5ajnqIV/JVJbDdFbZGJJw6bsW8GDhL
dNFr87DVPdSSwLA77FyWI+XelsEQN3mIdMCpFVbOUS3gB0+TQEySGhFGnqQqhSqv
PYC0NoURq4a4rmEA7es6BeQCy+Ion1E+hkL3bpFrL7xvHMVcWVPqQZBC0AV0eG+a
56PCfA4FE8kswx0cO3IJBS7cE1XTOCrZUT1Q/ns/ZkYJbslWseX2WjL58VWLnLEf
jmsoys4ZGqTfm/QVosE=
=r9w5
-----END PGP SIGNATURE-----

Here ya go!

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:901 0.0.0.0:* LISTEN 0 56172 21905/xinetd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 0 9330 2424/rpcbind
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 359777 22943/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 0 9767 2591/cupsd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 10710 2840/master
tcp 0 0 :::139 :::* LISTEN 0 46728 19355/smbd
tcp 0 0 :::111 :::* LISTEN 0 9335 2424/rpcbind
tcp 0 0 :::22 :::* LISTEN 0 359779 22943/sshd
tcp 0 0 ::1:631 :::* LISTEN 0 9766 2591/cupsd
tcp 0 0 :::25 :::* LISTEN 0 10712 2840/master
tcp 0 0 :::445 :::* LISTEN 0 46726 19355/smbd

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

K… more commands.

sudo /usr/sbin/iptables-save #run anytime… verifies the firewall setup
sudo tail -30 /var/log/messages #after trying to connect

Also:

sudo /usr/sbin/tcpdump -n -s 0 -w /tmp/cap0.cap

Try connecting with putty and then hit Ctrl+C (to the above command) after
the test fails and compress/attach the /tmp/cap0.cap file. This is a LAN
trace which will show the traffic on the Linux box which will hopefully
include something from the windows side of things.

Good luck.

On 04/30/2010 03:16 PM, jmarsz wrote:
>
> Here ya go!
>
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address
> State User Inode PID/Program name
> tcp 0 0 0.0.0.0:901 0.0.0.0:*
> LISTEN 0 56172 21905/xinetd
> tcp 0 0 0.0.0.0:111 0.0.0.0:*
> LISTEN 0 9330 2424/rpcbind
> tcp 0 0 0.0.0.0:22 0.0.0.0:*
> LISTEN 0 359777 22943/sshd
> tcp 0 0 127.0.0.1:631 0.0.0.0:*
> LISTEN 0 9767 2591/cupsd
> tcp 0 0 0.0.0.0:25 0.0.0.0:*
> LISTEN 0 10710 2840/master
> tcp 0 0 :::139 :::*
> LISTEN 0 46728 19355/smbd
> tcp 0 0 :::111 :::*
> LISTEN 0 9335 2424/rpcbind
> tcp 0 0 :::22 :::*
> LISTEN 0 359779 22943/sshd
> tcp 0 0 ::1:631 :::*
> LISTEN 0 9766 2591/cupsd
> tcp 0 0 :::25 :::*
> LISTEN 0 10712 2840/master
> tcp 0 0 :::445 :::*
> LISTEN 0 46726 19355/smbd
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJL20q4AAoJEF+XTK08PnB5dwIQAJosSE+PPUMFOWC5GV26TMlv
cg1Ky517NhcRBTNtpyM+AN+sw/aeruZsOQe1TrizKJSsKoEWk47Heg02XgXnxfkF
ul4v6pE56aSo1bfpdgnfYBYSz9vC+iuDQmt9VcWT85IKkJG4cSs9D3MZCCn71cv4
0dVeWYma4cdPXrVtJAqqow4gD650hh0Zv7JEjHRKBj87CNSEgf6bdLKhd/2w7hCP
ei+ulO4UcrLDm04BjFTyIo6uc2xzCTWPIbTs53iivateEFgj93Znhd40mjLQfPg2
OdtHOQWPTvJ91IFVWx70We1EcHw6/SA5GivGcTTawCHmYsh/fbujTCuHfDTb4k3X
LXXkuAI/FvtOv7Lvsa9SK8w+Mx9xH5RvSJgbEYQ8nNqHJlJXVtGqCcuiuF5Q7NfK
Vi52mWO7GwaAW1BagJXjrBPgERfowZsiZW7WnYbulZGR6FeVIVsRH/pYBS0ausdL
NvJRYRSBgeAtwSrXzHj5+NtML5dlopvyie7WhRhKVR3DuOEDZz6RFwTUY7KLRx6I
iy5fRi1+67ihTQhIRqgYIlGfzp8Qx7Gq1E8Hj8gqdf2k7/HBTO9K6Mqd0WtRkA34
0I9z4Bs9WKawq1SBs+bFe2Jf6/67JCgeh95j+MbOrWBiCBRk70fGG9jpPoVICPJF
FJH3AsAR+RO0X2At0U5k
=6xo/
-----END PGP SIGNATURE-----

Here’s the capture file…

File is here

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Well, simple enough… there is not anything SSH-ish getting to your
Linux box. It would appear that for some reason your traffic is going
somewhere else, but who knows where. A LAN trace from windows would be
helpful but it’s not as easy as on Linux (no single built-in command).
All of the traffic in your LAN trace, though, is your windows box talking
out to the world so it appears you’re using a hub or something that shows
all traffic to all systems (the traffic wasn’t all destined for the Linux
box) and also that your Linux box wasn’t doing much. What are you
entering in putty to make the connection? IP address or DNS name or
hostname? Also does your windows box have any strange networking stuff on
it like a VPN client and, if so, have you tried turning that off? Did you
get the output from the iptables command?

Good luck.

On 04/30/2010 03:46 PM, jmarsz wrote:
>
> Here’s the capture file…
>
> ‘File is here’ (http://208.72.156.36/cap0.cap.gz)
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJL213cAAoJEF+XTK08PnB56LcP/30GmCexZ6ksK/k68wvNvx8U
1cpFuEoAOgqjSx0Tq39W+jnetSbU7ts+fqURRRVagEYeqOtJ2oOUOjwKRQaSElrc
8OgLXBmOOL0yk0ohG+qjkJ04dIQR9d5PMjcb8cO6ViAkYr36DEKN9jIQ+DDFpQSo
/vfhK7cdOqYOc12vqjVM6WeuFhTW4KUenB24R3ynslxEnpfoT4MlL6q5Obxl0LQ3
ekSRy2lmQUHRCHHAqvG3BfWrGdIJ8k3vQMrfH6HXU8MlvJViJIxqzKZ7NRVb08A8
o3NdSlLG4yfzdjcsheEax6Cdclu2Gt6gnmxzoSEZYSbH5xC6B3zWnD745XXdfYFl
NsaKwSBmRj9Xl/6FMeYPYmAL1gVwXcV80v8v/rh+GmfriRF71mdzU6I4F857cOtj
pMsJL1SCJVVb+jogBwg0VsRKysix/r6DxFMVNFIRHiqA/BGMPtyAVhIWgw+oeNyH
mObU6vzL1kKV82PoLWGXT4x7JRsNrX0ExPzHdVV91XiD/EnBKFM2wZc4eH7uWyEB
kIWHOISJFPf8ru8y7I5AVh+s2/yD/uGrPKSWFAgbepmkK5z7r0USgt++JAt4je5i
mj+Qqyi0qUKgtTz/6Rml4oOpIbWNczcIdc0Yq6/LfIonNCu5qQ6Z5vnOZaQUJMzr
UaPfgirJNIzgYy5u6MZy
=R4Zk
-----END PGP SIGNATURE-----

Having 2 notebooks , one with o.S.11.2 + windows the other one with
o.S 11.1 + windows.
with o.S.11.1 sshd is running on default, on o.S.11.2 sshd is unused.
Statuschange can be achieved with konsole(root):
/etc/init.d/sshd status, (unused,running,done)
/etc/init.d/ sshd start
/etc/init.d/sshd stop.
After activation ssh is connecting in all directions between linux and windows.
Eb.

Okay, so I found out what the issue was, and got it working.

Here’s the Scenario:

  1. Computer is Running Windows 7
  2. Linux is running in a VM using VMWare Server v2.0
  3. VM is running in “bridge” network mode (where it is connecting directly to your network)
  4. When trying to get into Telnet/FTP/SSH, you can’t connect

There is a bug/feature in Windows 7 that while you can ping and traceroute the IP address that the VM has on the bridged connection, you cannot connect to it. You have to create another connection that is not bridged (either NAT, or HostOnly), and connect to the system that way.

This only happens in Windows 7. Vista, XP, 2003 do not have this issue.

Hope this helps!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thank-you for posting back. What a mess. Next time virtualize the
windows crap on an OpenSUSE system; you’ll be happier.

Good luck.

On 05/03/2010 03:56 PM, jmarsz wrote:
>
> Okay, so I found out what the issue was, and got it working.
>
> Here’s the Scenario:
> 1. Computer is Running Windows 7
> 2. Linux is running in a VM using VMWare Server v2.0
> 3. VM is running in “bridge” network mode (where it is connecting
> directly to your network)
> 4. When trying to get into Telnet/FTP/SSH, you can’t connect
>
> There is a bug/feature in Windows 7 that while you can ping and
> traceroute the IP address that the VM has on the bridged connection, you
> cannot connect to it. You have to create another connection that is not
> bridged (either NAT, or HostOnly), and connect to the system that way.
>
> This only happens in Windows 7. Vista, XP, 2003 do not have this
> issue.
>
> Hope this helps!
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJL31HqAAoJEF+XTK08PnB5TQoQALmnsdHc79zSLukSlvwlLANt
XHh9cTuEPe4ygd7fIQBPal5bTv9l9FvoB8fwOPNT0bGoSandAHxdKbjGCf+Ci2TR
EKM03WyLNTWIDg3DpL0CdsUT5h2/rGjmT+sw+dWOt34dKA6Zja34sHOELZOFKkRt
q8LrsmtXTTDVVZDRmHWGl5dYvG6H+r3WUjWJe98W4CGofn8TzPWy4SshpQg2ijCW
YQEZS2d7BnYuX/CgSPnRggJwlagytlr+AEPJ9+oHTZX1s5WfMDpfxOGj2O2l5VpS
qGGN0AxMJgk3mKteQ2LJPEJZvzMFP7guRc9cox2KwVCTi7Iu5KJFAZQSEIeEsBPJ
LCs49SAkoaUTG9/UVycxpiFef0pqyEkHLJ0q/teFlvnN3rZOa5k/Vt4PTWVc6NGo
X69L0zem0QAxD0Cw3Ti3P0WDY4ClhgHib5oKtp+S0qW1hxTfL/UwjwY1xC+KFXmC
R3Eg6XrfSXoluturxdYo3BOZb2OITOflKd5MxHzMQ6jzRWJ4BxOufoytcLK8A4hL
2IXvR/b7apJ1bhUSfmkjZHnliLdLl0fpfqz2Ffrvupm0Suju4o6cYLZDQ22u8qeU
LAKT0Jf9gH9ggIU76WdSEwisDriMSbWm5mMOfvaPZzd4bvPyl14aBVssQUkxHY0M
3y0QrYmgOhRlqOOAGn6u
=fWo1
-----END PGP SIGNATURE-----

I’d do that, except I play a ton of computer games, and a virtual Windows 7 won’t work too well that way :stuck_out_tongue: