On Fri, Sep 03, 2004 at 01:23:35AM -0700, David Syphers wrote: > I recently tried to ssh into my desktop from another machine, and found that > it doesn't work (it times out). I'm not sure what I need to do to make it > work. I'm running 5-CURRENT from August 3 (back when 5 was still -CURRENT). > > I've confirmed that sshd is running (sshd_enable="YES" is in rc.conf). I've > checked /etc/ssh/sshd_config, and I haven't changed any of the defaults. My > firewall should allow this sort of thing, and just to make absolutely sure, I > told my firewall to (temporarily) let in _everything_ from the entire class B > network the remote machine is on. netstat says that my machine is listening > on port 22. And I can 'ssh localhost' from my desktop to itself (though it > does say, "socket: Protocol not supported" before successfully asking for my > password). > > The remote machine in question is running OpenSSH_3.6.1p2, and I'm running > OpenSSH_3.8.1p1. I thought maybe for some odd reason ssh'ing out is blocked > on the remote machine, but then I remembered that a friend tried to ssh in > from his OS X laptop the other day, and that timed out the same way the > current remote machine is. And I don't get a "Permission denied" sort of > error on the remote machine, just a timeout.
One thing to check -- do you have the machine key for the remote machine cached somewhere -- ~/.ssh/known_hosts would be a likely candidate -- and if so, is your cached copy of the key up to date. Similarly does the remote machine have a cached copy of your host's key? Unless you took steps to backup and recover the key, reinstalling your system will generate a whole new key for you. Failing that, try running ssh and/or sshd in debug mode. On the client side you can run: % ssh -v -v -v [EMAIL PROTECTED] which will trace exactly what ssh is trying to do as you log in. Even more useful is to do the equivalent on the server side, if you have access there: # sshd -d -d -d -p 2222 which runs a foreground instance of sshd bound to port 2222 with all the debugging information turned on. Connect to it by: % ssh -p 2222 [EMAIL PROTECTED] That will support one session, and then quit when the remote user logs out. Note that running sshd with maximum debugging can reveal some sensitive information, so avoid achieving the same effect by fibbling with the LogLevel settings in sshd_config. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
Description: PGP signature