Ubuntu: Cannot SSH from outside LAN despite port forwarding seems fine



Question:

Running Ubuntu 12.04, I've set up the OpenSSH server. I can connect from within LAN, but not from outside. I am using the same sshd_config file as on my other Ubuntu 12.04 machines (that sit in a different LAN).

$ ssh 192.168.0.2

works fine, but

$ ssh 65.76.97.222

(made up IP address) does not work. Nothing happens. No error message, or anything. The prompt just sits there.

Thanks to comments below, I have managed to verify via websites canyouseeme.org and ShieldsUP that port 22 is indeed open.

Using the option -vvv, I get the following:

$ ssh -vvv 65.76.97.222  OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012  debug1: Reading configuration data /etc/ssh/ssh_config  debug1: /etc/ssh/ssh_config line 19: Applying options for *  debug2: ssh_connect: needpriv 0  debug1: Connecting to 65.76.97.222 [65.76.97.222] port 22.  debug1: Connection established.  debug1: identity file /home/myname/.ssh/id_rsa type -1  debug1: identity file /home/myname/.ssh/id_rsa-cert type -1  debug1: identity file /home/myname/.ssh/id_dsa type -1  debug1: identity file /home/myname/.ssh/id_dsa-cert type -1  debug1: identity file /home/myname/.ssh/id_ecdsa type -1  debug1: identity file /home/myname/.ssh/id_ecdsa-cert type -1  

And then the prompt just sits there.

Further debug information from var/log/auth.log:

$ grep sshd /var/log/auth.log  [cutting old lines...]      Jul  6 10:23:05 mymachine sshd[7871]: Did not receive identification string from 65.76.97.222  

I am allowing any user to connect, in particular my own username. What confuses me is that I have not had this problem on any other machine, although they are on a different lan. This lan has only one computer attached to it. Any ideas of how to proceed from here?


Solution:1

Need to check that port forwarding is working correctly i usually check by going to https://www.grc.com/shieldsup > Proceed > put your port number in the box and click user specified custom port probe. That should tell you if that TCP port is in fact open to public


Solution:2

Are you declaring a user?

ssh Jimmy@65.76.97.222 -p51555

If you gave the code the way you are using it then I believe that it will default to the current user name.

Furthermore, you need to have a user on the TARGET system with permission. in the above example "Jimmy"


Solution:3

A couple of things for you to check.

  1. Check /etc/ssh/sshd_config and make sure that you don't have any funny AllowUsers entries.

  2. Specify the user that you want to connect as:

    ssh USER@SERVER  ssh SERVER -lUSER  
  3. Check your firewall (iptables):

    sudo iptables -L --line-numbers  sudo iptables -L -t nat --line-numbers  


Solution:4

Check your gateway on the SSH server is set to the router doing the port-forwarding.

route -n

The default route should point back to that router, otherwise, you will be able to initiate connections through it, but the ACK's won't go anywhere!


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »