ssh to linux from remote not working

It's a possibility that you haven't given access to root account remotely.
Also it's not very wise to give root access from outside in any case. Try to create a new account and try to access with from network. You can still have root privileges through su or sudo even with other account.

See if the PermitRootLogin option is set to No in /etc/ssh/sshd_config
Change to Yes to allow logins for root from a remote network.

Also restart SSH service once done. service sshd restart

look at /etc/hosts.deny file

see if there is any restriction to access sshd demon to accept connection outside of your network address.

also check /etc/hosts.allow file

I recommend, if root if disabled for remote login, that you do not change that. Setup "sudo" instead and use a regular user for remote access, then switch to root via sudo.

If you are running an SSH server, someone will eventually scan you and try a brute force attack. root is one of the most common accounts used in the attack.

Is it happening only from a particular remote machine or all remote machines ?

This could help you narrow down if the issue is with the ssh connectivity or the firewall policies which block ssh connections from remote machines...

Dabbler

dear legolasthehansy
PermitRootLogin option is set to yes, what could be the issue?

hi fosiul01

 /etc/hosts.allow file is nothing unusual and in the deny file aswell

Hi mishalk,

Have you tried checking the entry in /etc/ssh/sshd_config file for the PermitRootLogin entry? This has to be yes.
It's the source of most common problems for remote SSH not working.

I'm sorry I didn't see your earlier comment. Next will be checking firewalls. Try shutting down the firewall for a moment to check if ssh works.. and turn it back on..

legolasthehansy:,

 i did that . still the same, i disabled the firewall  that didnt help me too

dear dabblerwiz:

this is happening from all remote connections

Is SSH on the default 22 port?

telnet localhost 22 ( on the SSH server)

Since it happens on all remote connections, and it asks for the credentials, it could be a firewall rule on the server which can do it..

Try flushing out the iptable entries using

iptables -F

Do remember to save the settings so that you can reload them later..

If disabling iptables is not possible, try allow incoming traffic on port 22 from the server from any particular remote machine

Remote machine IP is 192.168.0.15, Server IP is 192.168.0.1

iptables -A INPUT -p tcp -s 192.168.0.15 -d 192.168.0.1 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT

if IPtables would of block 22 then he would not see the prompt for username and password at all

since he is seeing the username and password prompt then i belived its not iptables issue

something on the server is blocking outside access..

in sshd_config file, did you check properly, there is not any restriction ???

dear legolasthehansy:

yes it is on the default port 22

fosiul01:
in sshd_config
 port 22 is hashed
#port 22

so i should remove the hash right?

sshd_config file


# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     ..ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication=no
#UsePAM no
UsePAM yes

# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem       sftp    /usr/libexec/openssh/sftp-server
[root@UOBCLSRV ~]#

no no

can you copy and past your sshd_config here

lets have a look

and you said, /etc/hosts.deny is empty
/etc/hosts.allow is empty

right??

Only if you need to use another port..
The hash is OK if you are using the default 22 port

all are ok except this one

Port 22

did you enable this line, or it was enable from before..

its should be like this

#Port 22

is there any kind of service running on the server that could prevent it?? did you install this server or some one else ??

#Port 22
it was like this, and i removed it , i will keep the hash back

dear fosiul01:

someone else did the installation

ok wait what is secure.log file??

when you try to login from remotly
keep on eye on secure.log file

tel me why its rejecting

i meant, in secure.log file it should say for reason

hi
attached the secure.log file
ct 27 15:40:14 UOBCLSRV sshd[4686]: pam_unix(sshd:session): session closed for user root
Oct 28 06:35:27 UOBCLSRV sshd[31413]: Did not receive identification string from 124.162.53.197
Oct 28 08:30:08 UOBCLSRV sshd[9702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.26.71  user=root
Oct 28 08:30:10 UOBCLSRV sshd[9702]: Failed password for root from 192.168.26.71 port 3072 ssh2
Oct 28 08:30:21 UOBCLSRV sshd[9702]: Accepted password for root from 192.168.26.71 port 3072 ssh2
Oct 28 08:30:21 UOBCLSRV sshd[9702]: pam_unix(sshd:session): session opened for user root by (uid=0)
Oct 28 08:30:21 UOBCLSRV sshd[9702]: subsystem request for sftp
Oct 28 08:36:40 UOBCLSRV sshd[10592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.26.71  user=root
Oct 28 08:36:43 UOBCLSRV sshd[10592]: Failed password for root from 192.168.26.71 port 3131 ssh2
Oct 28 08:36:45 UOBCLSRV sshd[10592]: Failed password for root from 192.168.26.71 port 3131 ssh2
Oct 28 08:36:48 UOBCLSRV sshd[10593]: Received disconnect from 192.168.26.71: 13: Unable to authenticate
Oct 28 08:36:48 UOBCLSRV sshd[10592]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.26.71  user=root
Oct 28 08:41:08 UOBCLSRV sshd[9702]: pam_unix(sshd:session): session closed for user root
Oct 28 08:43:36 UOBCLSRV sshd[11085]: Accepted password for root from 192.168.26.71 port 3189 ssh2
Oct 28 08:43:36 UOBCLSRV sshd[11085]: pam_unix(sshd:session): session opened for user root by (uid=0)
Oct 28 08:55:42 UOBCLSRV sshd[12686]: Accepted password for root from 192.168.26.101 port 1493 ssh2
Oct 28 08:55:42 UOBCLSRV sshd[12686]: pam_unix(sshd:session): session opened for user root by (uid=0)
Oct 28 09:24:28 UOBCLSRV sshd[12686]: pam_unix(sshd:session): session closed for user root
Oct 28 20:38:06 UOBCLSRV sshd[15641]: Did not receive identification string from 220.227.238.50
Oct 28 20:49:27 UOBCLSRV sshd[16580]: Did not receive identification string from 128.97.70.201
Oct 29 08:08:09 UOBCLSRV sshd[17059]: Did not receive identification string from 59.52.255.63
Oct 29 12:05:46 UOBCLSRV sshd[8570]: Did not receive identification string from 220.181.21.250
Oct 29 12:17:18 UOBCLSRV sshd[11085]: pam_unix(sshd:session): session closed for user root
Oct 29 12:27:14 UOBCLSRV sshd[10525]: Accepted password for root from 192.168.26.71 port 1139 ssh2
Oct 29 12:27:14 UOBCLSRV sshd[10525]: pam_unix(sshd:session): session opened for user root by (uid=0)
Oct 29 15:32:45 UOBCLSRV sshd[28699]: Did not receive identification string from 88.87.212.214
Oct 29 15:36:59 UOBCLSRV sshd[29180]: Did not receive identification string from 88.87.212.214
Oct 29 16:50:46 UOBCLSRV sshd[3877]: Did not receive identification string from 61.136.60.175
Oct 29 17:19:08 UOBCLSRV sshd[6270]: Did not receive identification string from 61.129.60.23
Oct 29 20:16:59 UOBCLSRV sshd[23548]: Did not receive identification string from 213.184.238.38
Oct 30 11:45:02 UOBCLSRV sshd[15835]: Did not receive identification string from 202.155.229.105
Oct 30 16:45:08 UOBCLSRV sshd[12176]: Did not receive identification string from 208.77.223.10
Oct 30 20:06:30 UOBCLSRV sshd[697]: Did not receive identification string from 201.116.35.190
Oct 30 22:45:16 UOBCLSRV sshd[20811]: Did not receive identification string from 201.116.35.190
Oct 31 13:48:34 UOBCLSRV sshd[14717]: Did not receive identification string from 201.116.35.190
Oct 31 19:17:51 UOBCLSRV sshd[13499]: Did not receive identification string from 210.110.181.56
Oct 31 22:17:36 UOBCLSRV sshd[30642]: Did not receive identification string from 121.15.167.235
Oct 31 22:22:03 UOBCLSRV sshd[31111]: Did not receive identification string from 121.15.167.235

Oct 28 08:55:42 UOBCLSRV sshd[12686]: Accepted password for root from 192.168.26.101 port 1493 ssh2
Oct 28 08:55:42 UOBCLSRV sshd[12686]: pam_unix(sshd:session): session opened for user root by (uid=0)
Oct 28 09:24:28 UOBCLSRV sshd[12686]: pam_unix(sshd:session): session closed for user root

not seeing the problem..?

stephenhoekstra:
that is from internal network

Ah.. I see.  

So when you say remote logins don't work, you mean it doesn't work from anywhere except 192.168.26.0?  Does it work from any other ranges?  Or only local LAN?

It can't be a firewall/wrapper issue as you are able to connect to the port and get a password prompt, so it must be something with SSH.  

What are you using to connect to the host on the local LAN, what are you using to connect from outside the LAN?  You can get that "did not receive identification string" from a version mismatch between SSH client and server.

First thing to do would be to make sure there is no difference whatsoever between where you connect from remotely and local LAN besides the source IP address.  Also look to see if there is an AllowUsers or AllowHosts line in your sshd_config.  

HI good morning

Sorry i was not available to see this question

anyway

look at this log
Did not receive identification string from 201.116.35.190
Oct 31 13:48:34 UOBCLSRV sshd[14717]: Did not receive identification string from 201.116.35.190
Oct 31 19:17:51 UOBCLSRV sshd[13499]: Did not receive identification string from 210.110.181.56
Oct 31 22:17:36 UOBCLSRV sshd[30642]: Did not receive identification string from 121.15.167.235
Oct 31 22:22:03 UOBCLSRV sshd[31111]: Did not receive identification string from 121.15.167.235

so you are trying from 201.116.35.190 ip to your remote server
is that right ??

Seeing that this issue has been going on for days... I would suggest you uninstall SSH and reinstall it again and see if it works..

hi stephenhoekstra:

i can connect from any vlan using ssh. When i try to connect from remote location i am getting this problem. Both location i am using putty to connect. I have posted my sshd_config. I will look that too

hi legolasthehansy:
you mean uninstall putty from  external location and try it

i did a new installation on one linux and try to connect it, i am getting the same errors

i prepared a server using fedora linux, now when i try from remote i am getting a new error
ssh fatal error, network timeout

If you getting that before you get a login prompt it sounds like you have a routing issue.  Can you ping the server?

stephenhoekstra:
we have disabled the ping from outside network

Sounds like a routing/firewall issue if you get a network timeout error.  Generally when I have connectivity problems the first thing I take out is the firewall so it can't be a filtering problem.. that way one can atleast work out if ít's a routing or NAT issue or whatever without it just being a firewall in the way.

Drop the firewalling for that host and see what happens.

i removed the routers, still i am getting the same error