Solved

SSH Stopped working

Posted on 2011-09-08
54
407 Views
Last Modified: 2012-06-27
I've got an Ubuntu (latest version) install, I thought I might beef up the spec, so I just switched the HDD into a newer PC, which is booting ok, but...the ssh, which was working has just stopped working?? If I run ps -A I can see a process 'sshd' running, which I guess is it, but I don't know where to get from here?
0
Comment
Question by:Silas2
  • 23
  • 17
  • 14
54 Comments
 
LVL 38

Assisted Solution

by:wesly_chen
wesly_chen earned 167 total points
ID: 36503435
Where do you ssh from? Windows PC (putty) or ?
what is the ip address on Ubuntu (run /sbin/ifconfig)?
can you ssh to the Ip address?   If not, please provide the error message.
0
 

Author Comment

by:Silas2
ID: 36504098
Yes windows putty, ip address is pinging.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36504206
What is the error message when you SSH into Ubuntu?
0
 

Author Comment

by:Silas2
ID: 36504469
I'm using the Putty front end, it just hangs until it times out. Blank screen, no "sign in as.."
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36504494
Directly login Ubuntu and open a Terminal, then type
ssh  localhost -l  "username"
  and password for that username to see if you can ssh login?

If not, please do  (verbose for more debug message)
ssh -vv  localhost -l "username"

   And password then post the full message on the screen here for debug.
0
 

Author Comment

by:Silas2
ID: 36504553
Right, I seem to be able to login that way (ssh  localhost -l  "username")
0
 

Author Comment

by:Silas2
ID: 36504613
Well, I say that, it doesn't complain, says "Welcome to Ubuntu, last login..." then takes me back to my prompt where I started, but it looks the same as when it was working remotely with Putty.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36504762
On Windows PC, run (clos  Putty first)
regedit and go to
HKEY_CURRENT_USER\Software\SimonTatham\PuTTY
  delete "SshHostKeys" and "Sessions"

Restart Windows  and run Putty again.
0
 

Author Comment

by:Silas2
ID: 36504919
I've just done that, and still same screen hanging. I took out my settings with the reg deletes, some I'm not 100% I've got the same login details in the Putty UI, is it just IP address and port (22 default)? Nothing else?
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36504936
On Ubuntu machine, do
sudo /sbin/ifconfig eth0 |grep inet
sudo netstat -lpn |  egrep '22|ssh'
sudp  iptables  -L
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 83 total points
ID: 36504971
Do you have a static IP configured on Ubuntu box?
do 'ifconfig -a'
then
'ssh user@ip.address' on the Ubuntu box.

This will do 2 things -- it will make you double check what IP(s) is/are actually configured on the Ubuntu box so you can reference it against what you are putting into putty, and secondly it will test if sshd is listening on those interfaces.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505000

Or the netstat command to check if it's listening, that's almost just as good (still could be an issue with sshd even if it's bound to the port.. unlikely but can't rule it out).

do 'ifconfig -a' instead of 'ifconfig eth0', unless you are certain you have only a single NIC in the Ubuntu box.

wesly's comment on checking iptables is a great idea too.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505013
Woo, typo
sudo  iptables  -L
0
 

Author Comment

by:Silas2
ID: 36505085
Yes, Papertrip, its static ip.
Wesly: I've just run this line:
sudo /sbin/ifconfig eth0 |grep inet
but its throwing an error:
"eth0: error fetching interface information: Device not found"????? It is a fresh (not quite new) PC out of the cupboard and its on the web so there must be some network interface card there, surely?
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505103
sudo /sbin/ifconfig   | grep inet

How about
sudo netstat -lpn |  egrep '22|ssh'
sudp  iptables  -L
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505111
Also
sudo  netstat -nr    (routing table and default gateway)
0
 

Author Comment

by:Silas2
ID: 36505137
This is the console when I run sudo netstat -lpn ...
silas@silas-Asterisk:~$ sudo netstat -lpn |  egrep '22|ssh'
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      450/sshd        
tcp6       0      0 :::22                   :::*                    LISTEN      450/sshd        
unix  2      [ ACC ]     STREAM     LISTENING     9286     992/ssh-agent       /tmp/ssh-GvaACiHwj959/agent.959
unix  2      [ ACC ]     STREAM     LISTENING     9731     1010/gnome-keyring- /tmp/keyring-qEy9Gk/ssh
unix  2      [ ACC ]     STREAM     LISTENING     8220     780/acpid           /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     11165    1418/e-calendar-fac /tmp/orbit-silas/linc-58a-0-5020b8fb122c3
unix  2      [ ACC ]     STREAM     LISTENING     8622     1129/master         private/rewrite
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505177
Waiting for
sudo /sbin/ifconfig   | grep inet
sudp  iptables  -L
sudo  netstat -nr    (routing table and default gateway)
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505179
@Silas2

do:
ifconfig -a

Open in new window


Don't just grep for inet, there is a bunch of other handy info to be found in the complete output, including what your interface device name is, which is apparently not eth0.  Just do the full ifconfig -a...
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505195
From my previous post:

do 'ifconfig -a'
then
'ssh user@ip.address' on the Ubuntu box.
0
 

Author Comment

by:Silas2
ID: 36505242
this is ifconfig -a:
silas@silas-Asterisk:~$ ifconfig -a
eth1      Link encap:Ethernet  HWaddr 00:13:72:e9:55:21  
          inet addr:192.168.1.64  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::213:72ff:fee9:5521/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14443 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10522 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4626869 (4.6 MB)  TX bytes:4475229 (4.4 MB)
          Interrupt:16

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:373 errors:0 dropped:0 overruns:0 frame:0
          TX packets:373 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:38822 (38.8 KB)  TX bytes:38822 (38.8 KB)


The ssh silas@213.123.235.183 is just hanging
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505258
Are you trying to ssh to that 213.x IP from putty too?

Should be ssh'ing to 192.168.1.64
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505268
Sound like you putty to the wrong ip address.
0
 

Author Comment

by:Silas2
ID: 36505289
that IP address 213.xxx is the static remote, the 192. is behind the router isn't it, I'm not going to get there from the remote windows PC am I?
Wesley, re iptables
silas@silas-Asterisk:~$ sudo  iptables  -L
[sudo] password for silas:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        
silas@silas-Asterisk:~$
I guess this is the firewalls, it's kinda in a DMZ so there should be nothing set up.
0
 

Author Comment

by:Silas2
ID: 36505299
I've got port forwarding set up on the router for ssh to go to this pc/hdd, or at least it was...
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505304
Wait these machines aren't on the same LAN / network?

If they are, just ssh to 192.168.1.64
0
 

Author Comment

by:Silas2
ID: 36505314
Ah, is that what it is, have I got to re-configure the port forwarding in the wireless router? Does it use the NIC to identify the PC? So it can't forward properly?
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:Silas2
ID: 36505326
Papertrip, no they're remote on different networks.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505341
Well that is a pretty important chunk of info you thus far left out ;)

Go double check your port forwarding settings, make sure the IP is correct and that there is no MAC address cached for it.

Better yet just delete the old rule and create a new one.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505350
1. Test ssh working or not
ssh from any machine in 192.168.1.x network  to 192.168.1.64

If it works, then sshd is ok on your Ubuntu machine

2. check routing table (still waiting....)
sudo  netstat -nr    (routing table and default gateway)

3. Check the router setting for port forwarding (tied to MAC address?)
You change to the different hardware with different NIC card (MAC address is different).
0
 

Author Comment

by:Silas2
ID: 36505384
I've just looked at the wireless router setup (Its a BT Business Hub if that means anything to you), this is the setting:
"
Allow all applications (DMZplus mode) - Set the selected computer in DMZplus mode. All inbound traffic, except traffic which has been specifically assigned to another computer using the "Allow individual applications" feature, will automatically be directed to this computer. The DMZplus-enabled computer is less secure because all unassigned firewall ports are opened for that computer.
"
Now, I don't know when is says "..to this computer..." is it identifying it by its Identity or its MAC address?
0
 

Author Comment

by:Silas2
ID: 36505419
Wesley: this is  sudo  netstat -nr
silas@silas-Asterisk:~$ sudo  netstat -nr
[sudo] password for silas:
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth1
0.0.0.0         192.168.1.254   0.0.0.0         UG        0 0          0 eth1
silas@silas-Asterisk:~$
The ssh is working directly from the Ubuntu machine, shall I try by putting another PC on its network (it on its own at the moment)?
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505425
Um I don't think you want DMZplus mode.

What is this "allow individual applications" feature?  that sounds like what you want...
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505440
>shall I try by putting another PC on its network (it on its own at the moment)?
Yes. Please do it.

> Allow all applications (DMZplus mode)
Delete the previous one and re-add one. Then reboot the router.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505456
Check this out.

If you can't find 'ssh' or 'sshd' or 'secure shell' or something like that in the applications they list, then follow the instructions to add your own.

I'm not sure what your Ubuntu box is going to show up as on the router, but if you can't figure it out, paste them here and I can probably do it.
0
 

Author Comment

by:Silas2
ID: 36505481
Actually, this might be germane to it, I've just found in the router setup, its listing the Ubuntu box twice, once with the static IP, and again with the 192.xxx private IP, I've got a 'Clear List' option, I don't know whether to press it....what do you think?
Re DMZplus, this is a special case with the Ubuntu/Asterisk plugged straight into the wall as a dedicated PBX and a dedicated IP so I just don't want the hassle of any firewall/port forwarding probs...especially with my level of proficiency with this stuff.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505492
Allow all applications (DMZplus mode) - Set the selected computer in DMZplus mode. All inbound traffic, except traffic which has been specifically assigned to another computer using the "Allow individual applications" feature, will automatically be directed to this computer.

From that description right there, I would not put the Ubuntu box in DMZplus or you could be asking for trouble.  However if you were to setup a firewall like iptables on the Ubuntu box, then it won't be nearly as dangerous.  That would be good practice if you want to learn about iptables, but technically unnecessary since the router provides firewalling for you.
0
 

Author Comment

by:Silas2
ID: 36505495
+ the two listings different MAC addresses.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505526
> I've got a 'Clear List' option, I don't know whether to press it
Just clear them all and recreate new one.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505531
Re DMZplus, this is a special case with the Ubuntu/Asterisk plugged straight into the wall as a dedicated PBX and a dedicated IP so I just don't want the hassle of any firewall/port forwarding probs...especially with my level of proficiency with this stuff.

OK I can kinda understand why you would do that, but you really should be protecting your network with a firewall, either on the Ubuntu box or through the router.
0
 

Author Comment

by:Silas2
ID: 36505537
I do stress this was working tickety boo with the previous hardware, so the only thing which has changed apart from memory/processor is the MAC/NIC .
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505566
> + the two listings different MAC addresses.
Then the problem is on router side. Working on it (clear them all and re-create one.....)
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505576
If it's showing 2 MAC addresses just clear the list and start over.
0
 

Author Comment

by:Silas2
ID: 36505696
Hmmmm...sorry about this, its still getting the problem. Do you think it might be worth re-installing ssh? Maybe that somehow binds to the NIC?
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505718
Don't reinstall ssh.

Paste your sshd_config file, probalby in /etc/ssh/ but not totally certain on ubuntu

And do what wesly suggested and put another box on the network.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505750
Did you reboot the router after the change?
0
 

Author Comment

by:Silas2
ID: 36505846
I've just noticed the apache has gone as well, it was serving up request before...blimey, all this for just switching a hard disk. That'll teach me to tight with my iniital configuration!
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36505885
You are lucky to be able to boot up by swapping the hard disk. Sometimes it ends up with re-installation.
For your case, the complicated portion is not swapping the hard disk, it is your network environment (infrastructure).
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36505889
Don't look at it as switching a hard drive, look at it as keeping the hard drive and replacing the rest of the computer.

If apache is working properly on the Ubuntu box, and sshd seems to be responding and netstat looks good, then this sounds like it's still a problem on the router.

Try to remove any and all references to Ubuntu in your router.  Then instead of doing dmzplus, just port forward 22 and test ssh again.  Need to start looking at dmzplus as a possible issue.

Reboot the router as Wesly suggested, it won't hurt.
0
 

Author Comment

by:Silas2
ID: 36505907
Sorry guys, I've got to go now, I really appreciate your help. Back tomorrow..? (he said pleadingly) What I might do is phone BT as they charge thru the nose for broadband and try and get some help with the router setup, as the setup app has so many screens + other services (http+ rtp ) are throwing issues so the ssh might be all the same thing.
0
 

Author Comment

by:Silas2
ID: 36510479
Sorry again, still got the problem and BT won't help. I'm starting to think its not a linux/ssh problem at all, but a BT router issue.
Mystery, it DOES work as you (Wesley) asked inside/on private IP so...it sounds 100% like router firewall/port forwarding, but that is set to "no firewall, forward everything to correct PC", i've even unset that, reboot, reset reboot. Any suggestions?
0
 

Author Comment

by:Silas2
ID: 36510493
I'll try that last point Papertrip, explicitly forwarding of port 22
0
 
LVL 38

Accepted Solution

by:
wesly_chen earned 167 total points
ID: 36510951
> reset reboot.
After reset, did you see any MAC address? Does the MAC address match your new NIC card (HWaddr 00:13:72:e9:55:21 )?
0
 

Author Comment

by:Silas2
ID: 36517160
Thanks guys for all your help, this is one of those really agonising problems in that i just did the crude way out, rebuilt the server (i needed to anyway replace an IDE drive with SATA) and new Ubuntu install, reset the router, got new user passwords from BT, and now its working. so I don't know specifically what it was. I suspect it was something to do with my static ip address getting lost by the router on a power down (maybe???)
Thanks for your help in my time of need...
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

This is the error message I got (CODE) Error caused by incompatible libmp3lame 3.98-2 with ffmpeg I've googled this error message and found out sometimes it attaches this note "can be treated with downgrade libmp3lame to version 3.97 or 3.98" …
Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now