Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 429
  • Last Modified:

SSH Stopped working

I've got an Ubuntu (latest version) install, I thought I might beef up the spec, so I just switched the HDD into a newer PC, which is booting ok, but...the ssh, which was working has just stopped working?? If I run ps -A I can see a process 'sshd' running, which I guess is it, but I don't know where to get from here?
0
Silas2
Asked:
Silas2
  • 23
  • 17
  • 14
3 Solutions
 
wesly_chenCommented:
Where do you ssh from? Windows PC (putty) or ?
what is the ip address on Ubuntu (run /sbin/ifconfig)?
can you ssh to the Ip address?   If not, please provide the error message.
0
 
Silas2Author Commented:
Yes windows putty, ip address is pinging.
0
 
wesly_chenCommented:
What is the error message when you SSH into Ubuntu?
0
Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

 
Silas2Author Commented:
I'm using the Putty front end, it just hangs until it times out. Blank screen, no "sign in as.."
0
 
wesly_chenCommented:
Directly login Ubuntu and open a Terminal, then type
ssh  localhost -l  "username"
  and password for that username to see if you can ssh login?

If not, please do  (verbose for more debug message)
ssh -vv  localhost -l "username"

   And password then post the full message on the screen here for debug.
0
 
Silas2Author Commented:
Right, I seem to be able to login that way (ssh  localhost -l  "username")
0
 
Silas2Author Commented:
Well, I say that, it doesn't complain, says "Welcome to Ubuntu, last login..." then takes me back to my prompt where I started, but it looks the same as when it was working remotely with Putty.
0
 
wesly_chenCommented:
On Windows PC, run (clos  Putty first)
regedit and go to
HKEY_CURRENT_USER\Software\SimonTatham\PuTTY
  delete "SshHostKeys" and "Sessions"

Restart Windows  and run Putty again.
0
 
Silas2Author Commented:
I've just done that, and still same screen hanging. I took out my settings with the reg deletes, some I'm not 100% I've got the same login details in the Putty UI, is it just IP address and port (22 default)? Nothing else?
0
 
wesly_chenCommented:
On Ubuntu machine, do
sudo /sbin/ifconfig eth0 |grep inet
sudo netstat -lpn |  egrep '22|ssh'
sudp  iptables  -L
0
 
PapertripCommented:
Do you have a static IP configured on Ubuntu box?
do 'ifconfig -a'
then
'ssh user@ip.address' on the Ubuntu box.

This will do 2 things -- it will make you double check what IP(s) is/are actually configured on the Ubuntu box so you can reference it against what you are putting into putty, and secondly it will test if sshd is listening on those interfaces.
0
 
PapertripCommented:

Or the netstat command to check if it's listening, that's almost just as good (still could be an issue with sshd even if it's bound to the port.. unlikely but can't rule it out).

do 'ifconfig -a' instead of 'ifconfig eth0', unless you are certain you have only a single NIC in the Ubuntu box.

wesly's comment on checking iptables is a great idea too.
0
 
wesly_chenCommented:
Woo, typo
sudo  iptables  -L
0
 
Silas2Author Commented:
Yes, Papertrip, its static ip.
Wesly: I've just run this line:
sudo /sbin/ifconfig eth0 |grep inet
but its throwing an error:
"eth0: error fetching interface information: Device not found"????? It is a fresh (not quite new) PC out of the cupboard and its on the web so there must be some network interface card there, surely?
0
 
wesly_chenCommented:
sudo /sbin/ifconfig   | grep inet

How about
sudo netstat -lpn |  egrep '22|ssh'
sudp  iptables  -L
0
 
wesly_chenCommented:
Also
sudo  netstat -nr    (routing table and default gateway)
0
 
Silas2Author Commented:
This is the console when I run sudo netstat -lpn ...
silas@silas-Asterisk:~$ sudo netstat -lpn |  egrep '22|ssh'
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      450/sshd        
tcp6       0      0 :::22                   :::*                    LISTEN      450/sshd        
unix  2      [ ACC ]     STREAM     LISTENING     9286     992/ssh-agent       /tmp/ssh-GvaACiHwj959/agent.959
unix  2      [ ACC ]     STREAM     LISTENING     9731     1010/gnome-keyring- /tmp/keyring-qEy9Gk/ssh
unix  2      [ ACC ]     STREAM     LISTENING     8220     780/acpid           /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     11165    1418/e-calendar-fac /tmp/orbit-silas/linc-58a-0-5020b8fb122c3
unix  2      [ ACC ]     STREAM     LISTENING     8622     1129/master         private/rewrite
0
 
wesly_chenCommented:
Waiting for
sudo /sbin/ifconfig   | grep inet
sudp  iptables  -L
sudo  netstat -nr    (routing table and default gateway)
0
 
PapertripCommented:
@Silas2

do:
ifconfig -a

Open in new window


Don't just grep for inet, there is a bunch of other handy info to be found in the complete output, including what your interface device name is, which is apparently not eth0.  Just do the full ifconfig -a...
0
 
PapertripCommented:
From my previous post:

do 'ifconfig -a'
then
'ssh user@ip.address' on the Ubuntu box.
0
 
Silas2Author Commented:
this is ifconfig -a:
silas@silas-Asterisk:~$ ifconfig -a
eth1      Link encap:Ethernet  HWaddr 00:13:72:e9:55:21  
          inet addr:192.168.1.64  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::213:72ff:fee9:5521/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14443 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10522 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4626869 (4.6 MB)  TX bytes:4475229 (4.4 MB)
          Interrupt:16

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:373 errors:0 dropped:0 overruns:0 frame:0
          TX packets:373 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:38822 (38.8 KB)  TX bytes:38822 (38.8 KB)


The ssh silas@213.123.235.183 is just hanging
0
 
PapertripCommented:
Are you trying to ssh to that 213.x IP from putty too?

Should be ssh'ing to 192.168.1.64
0
 
wesly_chenCommented:
Sound like you putty to the wrong ip address.
0
 
Silas2Author Commented:
that IP address 213.xxx is the static remote, the 192. is behind the router isn't it, I'm not going to get there from the remote windows PC am I?
Wesley, re iptables
silas@silas-Asterisk:~$ sudo  iptables  -L
[sudo] password for silas:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        
silas@silas-Asterisk:~$
I guess this is the firewalls, it's kinda in a DMZ so there should be nothing set up.
0
 
Silas2Author Commented:
I've got port forwarding set up on the router for ssh to go to this pc/hdd, or at least it was...
0
 
PapertripCommented:
Wait these machines aren't on the same LAN / network?

If they are, just ssh to 192.168.1.64
0
 
Silas2Author Commented:
Ah, is that what it is, have I got to re-configure the port forwarding in the wireless router? Does it use the NIC to identify the PC? So it can't forward properly?
0
 
Silas2Author Commented:
Papertrip, no they're remote on different networks.
0
 
PapertripCommented:
Well that is a pretty important chunk of info you thus far left out ;)

Go double check your port forwarding settings, make sure the IP is correct and that there is no MAC address cached for it.

Better yet just delete the old rule and create a new one.
0
 
wesly_chenCommented:
1. Test ssh working or not
ssh from any machine in 192.168.1.x network  to 192.168.1.64

If it works, then sshd is ok on your Ubuntu machine

2. check routing table (still waiting....)
sudo  netstat -nr    (routing table and default gateway)

3. Check the router setting for port forwarding (tied to MAC address?)
You change to the different hardware with different NIC card (MAC address is different).
0
 
Silas2Author Commented:
I've just looked at the wireless router setup (Its a BT Business Hub if that means anything to you), this is the setting:
"
Allow all applications (DMZplus mode) - Set the selected computer in DMZplus mode. All inbound traffic, except traffic which has been specifically assigned to another computer using the "Allow individual applications" feature, will automatically be directed to this computer. The DMZplus-enabled computer is less secure because all unassigned firewall ports are opened for that computer.
"
Now, I don't know when is says "..to this computer..." is it identifying it by its Identity or its MAC address?
0
 
Silas2Author Commented:
Wesley: this is  sudo  netstat -nr
silas@silas-Asterisk:~$ sudo  netstat -nr
[sudo] password for silas:
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
0.0.0.0         192.168.1.254   0.0.0.0         UG        0 0          0 eth1
silas@silas-Asterisk:~$
The ssh is working directly from the Ubuntu machine, shall I try by putting another PC on its network (it on its own at the moment)?
0
 
PapertripCommented:
Um I don't think you want DMZplus mode.

What is this "allow individual applications" feature?  that sounds like what you want...
0
 
wesly_chenCommented:
>shall I try by putting another PC on its network (it on its own at the moment)?
Yes. Please do it.

> Allow all applications (DMZplus mode)
Delete the previous one and re-add one. Then reboot the router.
0
 
PapertripCommented:
Check this out.

If you can't find 'ssh' or 'sshd' or 'secure shell' or something like that in the applications they list, then follow the instructions to add your own.

I'm not sure what your Ubuntu box is going to show up as on the router, but if you can't figure it out, paste them here and I can probably do it.
0
 
Silas2Author Commented:
Actually, this might be germane to it, I've just found in the router setup, its listing the Ubuntu box twice, once with the static IP, and again with the 192.xxx private IP, I've got a 'Clear List' option, I don't know whether to press it....what do you think?
Re DMZplus, this is a special case with the Ubuntu/Asterisk plugged straight into the wall as a dedicated PBX and a dedicated IP so I just don't want the hassle of any firewall/port forwarding probs...especially with my level of proficiency with this stuff.
0
 
PapertripCommented:
Allow all applications (DMZplus mode) - Set the selected computer in DMZplus mode. All inbound traffic, except traffic which has been specifically assigned to another computer using the "Allow individual applications" feature, will automatically be directed to this computer.

From that description right there, I would not put the Ubuntu box in DMZplus or you could be asking for trouble.  However if you were to setup a firewall like iptables on the Ubuntu box, then it won't be nearly as dangerous.  That would be good practice if you want to learn about iptables, but technically unnecessary since the router provides firewalling for you.
0
 
Silas2Author Commented:
+ the two listings different MAC addresses.
0
 
wesly_chenCommented:
> I've got a 'Clear List' option, I don't know whether to press it
Just clear them all and recreate new one.
0
 
PapertripCommented:
Re DMZplus, this is a special case with the Ubuntu/Asterisk plugged straight into the wall as a dedicated PBX and a dedicated IP so I just don't want the hassle of any firewall/port forwarding probs...especially with my level of proficiency with this stuff.

OK I can kinda understand why you would do that, but you really should be protecting your network with a firewall, either on the Ubuntu box or through the router.
0
 
Silas2Author Commented:
I do stress this was working tickety boo with the previous hardware, so the only thing which has changed apart from memory/processor is the MAC/NIC .
0
 
wesly_chenCommented:
> + the two listings different MAC addresses.
Then the problem is on router side. Working on it (clear them all and re-create one.....)
0
 
PapertripCommented:
If it's showing 2 MAC addresses just clear the list and start over.
0
 
Silas2Author Commented:
Hmmmm...sorry about this, its still getting the problem. Do you think it might be worth re-installing ssh? Maybe that somehow binds to the NIC?
0
 
PapertripCommented:
Don't reinstall ssh.

Paste your sshd_config file, probalby in /etc/ssh/ but not totally certain on ubuntu

And do what wesly suggested and put another box on the network.
0
 
wesly_chenCommented:
Did you reboot the router after the change?
0
 
Silas2Author Commented:
I've just noticed the apache has gone as well, it was serving up request before...blimey, all this for just switching a hard disk. That'll teach me to tight with my iniital configuration!
0
 
wesly_chenCommented:
You are lucky to be able to boot up by swapping the hard disk. Sometimes it ends up with re-installation.
For your case, the complicated portion is not swapping the hard disk, it is your network environment (infrastructure).
0
 
PapertripCommented:
Don't look at it as switching a hard drive, look at it as keeping the hard drive and replacing the rest of the computer.

If apache is working properly on the Ubuntu box, and sshd seems to be responding and netstat looks good, then this sounds like it's still a problem on the router.

Try to remove any and all references to Ubuntu in your router.  Then instead of doing dmzplus, just port forward 22 and test ssh again.  Need to start looking at dmzplus as a possible issue.

Reboot the router as Wesly suggested, it won't hurt.
0
 
Silas2Author Commented:
Sorry guys, I've got to go now, I really appreciate your help. Back tomorrow..? (he said pleadingly) What I might do is phone BT as they charge thru the nose for broadband and try and get some help with the router setup, as the setup app has so many screens + other services (http+ rtp ) are throwing issues so the ssh might be all the same thing.
0
 
Silas2Author Commented:
Sorry again, still got the problem and BT won't help. I'm starting to think its not a linux/ssh problem at all, but a BT router issue.
Mystery, it DOES work as you (Wesley) asked inside/on private IP so...it sounds 100% like router firewall/port forwarding, but that is set to "no firewall, forward everything to correct PC", i've even unset that, reboot, reset reboot. Any suggestions?
0
 
Silas2Author Commented:
I'll try that last point Papertrip, explicitly forwarding of port 22
0
 
wesly_chenCommented:
> reset reboot.
After reset, did you see any MAC address? Does the MAC address match your new NIC card (HWaddr 00:13:72:e9:55:21 )?
0
 
Silas2Author Commented:
Thanks guys for all your help, this is one of those really agonising problems in that i just did the crude way out, rebuilt the server (i needed to anyway replace an IDE drive with SATA) and new Ubuntu install, reset the router, got new user passwords from BT, and now its working. so I don't know specifically what it was. I suspect it was something to do with my static ip address getting lost by the router on a power down (maybe???)
Thanks for your help in my time of need...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 23
  • 17
  • 14
Tackle projects and never again get stuck behind a technical roadblock.
Join Now