Ubuntu: Cannot SSH from outside LAN despite port forwarding seems fine


Running Ubuntu 12.04, I've set up the OpenSSH server. I can connect from within LAN, but not from outside. I am using the same sshd_config file as on my other Ubuntu 12.04 machines (that sit in a different LAN).

$ ssh

works fine, but

$ ssh

(made up IP address) does not work. Nothing happens. No error message, or anything. The prompt just sits there.

Thanks to comments below, I have managed to verify via websites canyouseeme.org and ShieldsUP that port 22 is indeed open.

Using the option -vvv, I get the following:

$ ssh -vvv  OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012  debug1: Reading configuration data /etc/ssh/ssh_config  debug1: /etc/ssh/ssh_config line 19: Applying options for *  debug2: ssh_connect: needpriv 0  debug1: Connecting to [] port 22.  debug1: Connection established.  debug1: identity file /home/myname/.ssh/id_rsa type -1  debug1: identity file /home/myname/.ssh/id_rsa-cert type -1  debug1: identity file /home/myname/.ssh/id_dsa type -1  debug1: identity file /home/myname/.ssh/id_dsa-cert type -1  debug1: identity file /home/myname/.ssh/id_ecdsa type -1  debug1: identity file /home/myname/.ssh/id_ecdsa-cert type -1  

And then the prompt just sits there.

Further debug information from var/log/auth.log:

$ grep sshd /var/log/auth.log  [cutting old lines...]      Jul  6 10:23:05 mymachine sshd[7871]: Did not receive identification string from  

I am allowing any user to connect, in particular my own username. What confuses me is that I have not had this problem on any other machine, although they are on a different lan. This lan has only one computer attached to it. Any ideas of how to proceed from here?


Need to check that port forwarding is working correctly i usually check by going to https://www.grc.com/shieldsup > Proceed > put your port number in the box and click user specified custom port probe. That should tell you if that TCP port is in fact open to public


Are you declaring a user?

ssh Jimmy@ -p51555

If you gave the code the way you are using it then I believe that it will default to the current user name.

Furthermore, you need to have a user on the TARGET system with permission. in the above example "Jimmy"


A couple of things for you to check.

  1. Check /etc/ssh/sshd_config and make sure that you don't have any funny AllowUsers entries.

  2. Specify the user that you want to connect as:

    ssh USER@SERVER  ssh SERVER -lUSER  
  3. Check your firewall (iptables):

    sudo iptables -L --line-numbers  sudo iptables -L -t nat --line-numbers  


Check your gateway on the SSH server is set to the router doing the port-forwarding.

route -n

The default route should point back to that router, otherwise, you will be able to initiate connections through it, but the ACK's won't go anywhere!

Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Next Post »