I'm running a raspberry pi in a remote location, so I setup a reverse ssh tunnel to one of my servers (CentOS 7) using autossh. All works fine, I can use this reverse ssh to login to the Raspberry from the server, but I can't get the server to forward the ssh, so I can not connect to the Raspberry via the server from the laptop, I always get Connection Refused.
Firewall on the server has been shut down the GatewayPorts yes has been added to the sshd_config and sshd restarted.
Details:
On the Raspberry I'm opening the reverse SSh tunnel:
autossh -fNC -g -M 0 -R 2223:localhost:22 [serveruser]#[server] -p2002
From the server I can ssh into the Raspberry with no problem:
ssh [raspberryuser]#localhost -p2223
I have added the next to /etc/ssh/sshd_config and restarted sshd service after:
GatewayPorts yes
I can successfully ssh into the Raspberry from the server:
ssh [raspberryuser]#localhost -p2223
But when I'm trying to connect from my laptop to the Raspberry through this server:
ssh [raspberryuser]#[server] -p2223
ssh: connect to host [server] port 2223: Connection refused
The firewall on the server has been stopped
SELinux is disabled on the server
I ran out of ideas, so I'm open to suggestions
This isn't really an answer, but after restarting the server (CentOS 7), now I can connect to the Raspberry from my laptop via the server, don't receive "connection refused" anymore.
The only explanation what I have that the SSHD did not restart when I tried to restart it, although the 'messages' logs clearly shows that it was restarted repeatedly:
Dec 4 08:54:54 xxx systemd: Stopping OpenSSH server daemon...
Dec 4 08:54:54 xxx systemd: Starting OpenSSH server daemon...
In any way, the full reboot of the server has resolved it.
Related
I have 3 computers 2 Linux and 1 Windows.
Windows PC and Linux server (A) are on the same network (1).
The linux server (B) is on another network (2).
I want to make an SSH tunnel between the 2 linux servers to allow the Windows PC to access an HTTP page of the Linux server (B), which is therefore on another network.
With this command on the linux server (A) the tunnel works fine but only locally in linux.
ssh -R 8080:localhost:80 linuxa.internet.com
But from Windows PC I cannot access port 8080 on linux (A). http://linuxa.local:8080 does not work.
So I tried these two commands to open access to my PC but it doesn't work either.
ssh -R 0.0.0.0:8080:localhost:80 linuxa.internet.com
ssh -R ipwindows:8080:localhost:80 linuxa.internet.com
Can you help me ?
Thank you
From a comment, I conclude that you might have problem with the firewall. Suppose you can reach the tunnel from the host that is "proxy" (with curl,wget,ncat etc. on localhost). You should check what block traffic. In most cases, it is a firewall. Depending on your Linux distro you might have different backends and frontends for a firewall. If you have firewall-cmd command installed it's very likely that firewalld is one.
But before blaming the firewall, you should check if a port is open/closed. I prefer netcat:
HOST_THAT_SHOULD_HAVE_OPEN_PORT # nc -l 8080
HOST_THAT_SHOULD_BE_ABLE_TO_CONNECT # nc HOST_THAT_SHOULD_HAVE_OPEN_PORT 8080
If there is no connection or connection is refused, it's extremely likely that the firewall is the problem.
You can check if firewalld is running with systemctl:
# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2021-02-08 21:42:29 CET; 13h ago
Then you might add traffic on port 8080:
# firewall-cmd --add-port 8080/tcp
success
It will temporarily open network traffic on 8080. Then you should be able to use port 8080 and your ssh tunnel.
Thank you for your answer but I don't think I have a firewall installed
systemctl status firewalld
return
Unit firewalld.service could not be found.
and
firewall-cmd --add-port 8080/tcp
-bash: firewall-cmd: command not found
I have to tunnel the VNC server(tightvnc-server) running on my local machine to a remote server, so at remote server can access my local machine without port forwarding on router(at local machine network).
Right now I am using the following command
ssh -R 5950:localhost:5900 user#remote.ddns.net
Where 5900 the vnc server port on my local machine. And I have to access the machine from remote server using the command localhost:5950. And when I try to connect using vnc viewer I am getting the error connection closed unexpectedly. Normally if no connection exist I was getting connection refused error. But here something is missing in tunneling. Can any please tell me what could be the reason.
You need to activate the remote desktop, running:
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart \ -activate -configure -access -on \ -restart -agent -privs -all
Then you can connected using VNC Viewer
I am connecting to CentOS7 minimal installation machine in a LAN (192.168.1.33).
I have changed the ssh port vi /etc/ssh/sshd_config line 17 Port 1234
after restarting the sshd service the connection is refused
ssh demo#192.168.1.33 -p 1234
ssh: connect to host 192.168.1.33 port 1234: Connection refused
I have disabled SELinux and router-firewall but still having problem.
Though if I change back to port 22 I can login again.
Is there any other configuration to be changed?
Can you remotely connect to the server another way? If so, once you get in, run sudo netstat -plutn.
You should see at least one entry for sshd. If you don't, sshd isn't running. You can install it via sudo apt-get install openssh-server.
If you do, is the port under 'Local Address' for the sshd line 1234? This will tell you if you successfully changed the port configuration.
Hope that helps!
I set up SSH on my Ubuntu server (running XMonad) and generated a key for my laptop that I used to connect to my home server with. I also went on my wireless router and forward port 22 for SSH use. I can SSH fine when I'm at home using the standard:
ssh user#ipaddress
However when I'm outside of my local network I get this error:
ssh: connect to host xxx.xx.xx.xxx port 22: Connection refused
Everything I read says I need to either a) check that my port 22 is forward (which it is) or b) check that sshd is actually running on my Ubuntu server (which it is).
Any ideas what is preventing my SSH from working when I'm remote?
Add the following line your ssh user config file if it doesn't exits You can create the config file as shown below.
vi ~/.ssh/config
Host *
ServerAliveInterval 300
Change the permission as below:
chmod 600 ~/.ssh/config
Restart the daemon. Hope this helps.
https://serverfault.com/a/371563/617303
For me this was the cause.
In your /etc/ssh/sshd_config or /etc/ssh_ssh_config check to make sure GSSAPI Auth is disabled (set to no).
GSSAPIAuthentication no
Then restart the service or machine.
I am running on Mac OS X 10.7.4.
I am unable to ssh to a remote computer, but when I do ssh user#localhost, it works fine.
The error displayed is
OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug1: Connecting to web.iiit.ac.in [14.139.82.8] port 22.
debug1: connect to address 14.139.82.8 port 22: Connection refused
ssh: connect to host web.iiit.ac.in port 22: Connection refused
I have enabled the root login in System Preferences and disabled firewall.
Also, ps aux | grep ssh shows ssh-agent, contains /usr/bin/ssh-agent -l and grep ssh in the output.
On doing sudo launchctl list|grep ssh it shows:
0 com.openssh.sshd
After this, sudo launchctl start com.openssh.sshd ; sudo launchctl list|grep ssh gives
45973 - com.openssh.sshd
Again, after checking sudo launchctl list|grep ssh after sometime, it again shows :
- 0 com.openssh.sshd
In system preferences -> sharing->enable remote login. It will fix it.
Wireless connections has well know problems with the SSH strict package receiving algorithm. I have the same problem with a WiMax connection. It would turn good if you can establish a VPN or any kind of tunnel to the server.
see also
this thread
Your remote host probably doesn't have an SSH server running (or, if it does, it's not listening on port 22).
Your tests (ps aux, launchctl etc) won't help - the issue is on the remote host, not the local (you've got an SSH client, because you can connect to localhost, but the remote host 14.139.82.8 isn't allowing connections on port 22).
When I ran in to this problem, I found that OpenSSH was not completely installed. Install it by typing into Terminal: sudo apt-get install openssh-client openssh-server
Also, check your firewall. The default SSH port is 22. Open that port.
clean known_hosts file and try again. Worked for me.