So I'm on my local machine, and I'm sshing into a google compute server.
From this google compute server, I'm trying to establish an ssh tunnel to a third party server ($host) using the following command:
ssh username#$host -L 3306:127.0.0.1:3306 -N
And after hanging for 20-30 seconds, I get:
ssh: connect to host $host port 22: Connection timed out
I can use the exact same command on my local machinet to the third party server and it works fine.
I've killed anything using the 3306 port on the google compute server.
I've opened port 22 and 3306 on the google server through the interface (through I can't tell if this applies to outbound connections also).
Not sure where to go from here, any help would be appreciated.
Edit1: The google server can successfully ping the third party server.
Edit2: Just tried it from the company server, it doesn't work there either. Both he google-compute and the company server are linux (Deb Wee and Ubuntu respectively) and the local machine is windows. The fact that I'm sshing into them shouldn't make a difference should it?
Edit3: Changed the default SSH port on the google server to 22222 and connected to it using that instead. Trying to connect to third party now with:
sudo ssh -p 22 username#$host -L 3306:127.0.0.1:3306 -N -v -v -v
Debug output is:
OpenSSH_6.6.1, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to $host [$host] port 22.
And after that it just hangs.
Debug output on local machine using same command is is:
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug2: ssh_connect: needpriv 0
debug1: Connecting to $host [$host] port 22.
debug1: Connection established.
*other junk*
Turns out the third party server had ssh blocked from anywhere outside Australia
-_-
Related
I have created a Virtual Machine with multipass, I am trying to connect to this instance over ssh, with the command:
ssh -vvv -i back_key ubuntu#10.136.38.199
At first, I tried to connect to my instance from a Github Action, but I got a timeout error, I thought that it may have been a Github issue.
But with a second computer, I couldn't connect to the VM either.
The error I got:
ubuntu#laptop-number2:~$ ssh -vvv -i back_key ubuntu#10.136.38.199
OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname 10.136.38.199 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.136.38.199 [10.136.38.199] port 22.
debug1: connect to address 10.136.38.199 port 22: Resource temporarily unavailable
ssh: connect to host 10.136.38.199 port 22: Resource temporarily unavailable
Wheither it's from Github Action or from a second computer, I can't connect to the multipass instance over ssh.
But, I can connect to instance with the host computer.
I thought it may be a Firewall issue, so I disabled it with:
sudo systemctl stop ufw
I did this in the VM and the host machine, then I restarted ssh inside the instance.
The reason: I got those issues was the network I was working on. The ssh port for the server couldn't be reached.
I knew that by using nmap:
nmap -Pn -p 22 <IP_OF_SERVER>
The result was: The port is filtered.
Working with a mobile network didn't solve it either, since my ISP block this port. The solution was using the network from my house for the ssh server.
So I've managed to cut off the branch I was standing on so to speak. I was connected to a server and I ran sudo pkill where the PID was a process I thought I wanted to kill and and I think I killed the ssh process that was listening on port 22.
Here is what happens when I try to connect now:
<computer>:~ <user>$ ssh -p 22 -v <user>#<ipaddress>
OpenSSH_8.1p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug1: /etc/ssh/ssh_config line 51: Applying options for *
debug1: Connecting to <ipaddress> [<ipaddress>] port 22.
debug1: connect to address <ipaddress> port 22: Connection refused
ssh: connect to host <ipaddress> port 22: Connection refused
Is there anyway I can connect via SSH? Or am I out of luck until I can login to the machine itself and restart the SSH server?
Try first a curl -v telnet:<user>#<ipaddress>:22
If it does not display a "Connected" message... there is no listener on port 22, which means the SSH daemon has been terminated.
You would then indeed wait for the opportunity to log on again, and restoart the SSH daemon.
I am trying to write script that starts VM, run a command and then stop it.
The code is (the project and zone are omitted for brevity):
gcloud compute instances start instance-1
gcloud compute ssh user#instance-1 --command 'echo check-ssh' -- -vvv
gcloud compute instances stop instance-1
When I run those steps in a terminal everything is going well, but when I run it through a file the ssh command fails fails and I get:
OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname 34.68.81.200 is address
debug2: ssh_connect_direct
debug1: Connecting to 34.68.81.200 [34.68.81.200] port 22.
debug1: connect to address 34.68.81.200 port 22: Connection refused
ssh: connect to host 34.68.81.200 port 22: Connection refused
ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
The instance os is ubuntu 20.4.
something that may connect to this problem, when I try to connect to the root user through the terminal I get the same error.
Someone know what is the difference? how can I solve it?
When you request the gcloud compute instances start of a GCP Compute Instance you are literally requesting that it start and not that it has actually started. If you then turn around and perform an SSH request,the VM may not have reached an internal state where it is ready to receive SSH requests. Try putting a sleep delay between your VM start and SSH access (say ... 5 minutes) ... and see if that changes the story.
See also:
How to ensure Google Cloud Compute instance is up and running
On Centos 7 I am faced with the error below:
ssh -vvv ##.###.###.###
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to ##.###.###.### [##.###.###.###] port 22.
debug1: connect to address ##.###.###.### port 22: Connection refused
ssh: connect to host ##.###.###.### port 22: Connection refused
pool-100-1-1-25:~ studiolaptop1$ ssh -vvv ##.###.###.###
Bizarrely, I have been getting this issue for awhile now when I try to ssh into my server. I have checked iptables looks all fine. Checked the ssh.config file, that is also looking fine, but clearly something is wrong. How can I solve this?
If the connection is refused, it means the sshd daemon/server is not running. Can you login to the server locally or via a console?
Try running the following as root on the target server:
lsof -i :22
or on the source server, see if you can connect to the ssh port:
telnet targethost 22
You should get something like the following:
# telnet localhost 22
Trying ::1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_6.9
Switching from firewallD to iptables had caused this issue. Thus, needed to add relevant rules to the iptable to allow outbound and inbound connection on port 22.
Machine A and B are trying to connect to machine C.
A gets there. When I do ssh -v ip, I get:
OpenSSH_5.1p1, OpenSSL 0.9.8j-fips 07 Jan 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to C.server.ip.addy [C.server.ip.addy] port 22.
debug1: fd 3 clearing O_NONBLOCK
Then there is more debugging that's not important.
B can't get there. When I do ssh -v ip, I get:
OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to C.server.ip.addy [C.server.ip.addy] port 22.
debug1: connect to address C.server.ip.addy port 22: Connection timed out
ssh: connect to host C.server.ip.addy port 22: Connection timed out
The line that is never reached is:
debug1: fd 3 clearing O_NONBLOCK
What would cause this? Please help!
One possible cause may be a Firewall misconfiguration (A=>C on port 443 allowed, B=>C = denied).
In any case, if you have access to the C machine, put a packet sniffer like WireShark and check if the packets originating from B are actually reaching the machine.
I can think of several things that could cause this.
A firewall between B->C could block the connection. Are these machines on the same subnet? Is there a firewall? Such a rule would likely allow you to connect C->B. You can pull your files in this direction using scp. Something like
C$ scp user#B:/path/to/file /local/path/to/file
A tcpwrapper rule may have a similar effect. Do you have a rule in /etc/hosts.deny that blocks SSH from machine B? Check the man pages for hosts.allow and hosts.deny for info on changing tcpwrapper rules.
You should use nmap to check which ports are open and accessible from B and A. Something like the following should give you some good info. If port 22 is open from A but not B then one of the above is likely blocking it.
nmap -T4 -A -P0 -p0-65535 C