> > I've used ssh 1.2.xx for several years now on multiple sites.
> > I have my very first site which is behind a firewall that uses NAT.
> > I can ssh into the host at that site without difficulty, but can not
> > ssh OUT from the host behind the NAT translator.
> >
> > here is the response from the sshd daemon on the other end
> >
> > gins2:~# ssh -v gins1
> > SSH Version 1.2.26 [i686-unknown-linux], protocol version 1.5.
> > Standard version. Does not use RSAREF.
> > gins2: Reading configuration data /etc/ssh_config
> > gins2: ssh_connect: getuid 0 geteuid 0 anon 0
> > gins2: Connecting to gins1 [172.16.1.2] port 22.
> > gins2: Allocated local port 1023.
> > gins2: connect: Connection refused
> > gins2: Connecting to gins1 [63.76.112.2] port 22.
> > gins2: Allocated local port 1023.
> > gins2: connect: Connection refused
> > gins2: Trying again...
> > Secure connection to gins1 refused; reverting to insecure method.
> > Using rsh. WARNING: Connection will not be encrypted.
> > etc.....
> >
> > the ssh_config and sshd_config files are identical on the two
> > machines and on machines at other sites that can successfully connect
> > to both of the hosts above (gins1, gins2). The difficulty appears to
> > be with the client machine going out through NAT and receiving the
> > connection back.
> >
> > Any clues??
>
> I'm not sure this has anything to do with SSH (connect(2) fails).
> I'v got a hunch that it's rather a firewall+TCP problem. Can you
> please try to setup any TCP connection to that host? For example try
> telnet to port 22 on host gins1, if things are working as they
> should you will get back the version string from gins1.
I can ssh IN to the site from outside.
I can telnet in to and out from the site without difficulty.
I can NOT ssh out from the site to anywhere. The response shown above
is repeatable and consistent. I'm really stumped!!
Michael
[EMAIL PROTECTED]
