About ssh

About ssh

[Javier Vasquez]

Hi,

I'm able to perform:

% ssh localhost

From cygwing.  But I'm unable to perform:

% ssh <IP_addr>

I always get:

--
ssh: connect to host 192.168.2.103 port 22: Connection timed out
--

The client works well hooking to a remote machine:

% ssh <remote_user>@<remote_IP_addr>

Works just fine from cygwin.  But once in the remote machine, I'm
unable to perform:

% ssh <win_user>@<win_IP_addr>

It returns the same time out error, but it lasts a longer to return it.

I've even add c:\cygwing64\usr\bin\sshd as an allowed application on
the windows firewall settings (for private net only).  As that didn't
work, I also added new rules (for both TCP and UDP) to allow incoming
connections on port 22.  That didn't help either.

I've tried as well to set UsePrivilegeSeparation to no.  But that was
of no help either.

I'm totally clueless now.

I've followed several howtos like:

http://docs.oracle.com/cd/E24628_01/install.121/e22624/preinstall_req_cygwin_ssh.htm
http://superuser.com/questions/445237/cygwin-ssh-server-is-not-accepting-connections
http://windows.microsoft.com/is-is/windows7/open-a-port-in-windows-firewall
http://lifehacker.com/205090/geek-to-live--set-up-a-personal-home-ssh-server
http://www.noah.org/ssh/cygwin-sshd.html

The only caveat on the 1st link is that I couldn't remove the
"win_user", and then regenerate it as local user, cause:

--
mkpasswd -l –u <win_user>
--

Returns nothing on me.  So I can't append its output to /etc/passwd

But that didn't seem to prevent being able to connect to localhost any
ways.  So it doesn't seem to be an issue.

BTW, the service is running OK according to windows "local services".

Another caveat is that I didn't install cygwin for all users, just to
the myself (<win_user>).  That didn't prevent the service to run,
neither it prevent me from ssh to localhost.

Any hints on how to enable sshd to receive connections?

--
Javier.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: About ssh

[Robert Klemme]

On Fri, Sep 20, 2013 at 11:36 PM, Javier Vasquez
<j.e.vasquez.v@gmail.com> wrote:
> Hi,
>
> I'm able to perform:
>
> % ssh localhost
>
> From cygwing.  But I'm unable to perform:
>
> % ssh <IP_addr>
>
> I always get:
>
> --
> ssh: connect to host 192.168.2.103 port 22: Connection timed out
> --
>
> The client works well hooking to a remote machine:
>
> % ssh <remote_user>@<remote_IP_addr>
>
> Works just fine from cygwin.  But once in the remote machine, I'm
> unable to perform:
>
> % ssh <win_user>@<win_IP_addr>
>
> It returns the same time out error, but it lasts a longer to return it.
>
> I've even add c:\cygwing64\usr\bin\sshd as an allowed application on
> the windows firewall settings (for private net only).  As that didn't
> work, I also added new rules (for both TCP and UDP) to allow incoming
> connections on port 22.  That didn't help either.
>
> I've tried as well to set UsePrivilegeSeparation to no.  But that was
> of no help either.
>
> I'm totally clueless now.
>
> I've followed several howtos like:
>
> http://docs.oracle.com/cd/E24628_01/install.121/e22624/preinstall_req_cygwin_ssh.htm
> http://superuser.com/questions/445237/cygwin-ssh-server-is-not-accepting-connections
> http://windows.microsoft.com/is-is/windows7/open-a-port-in-windows-firewall
> http://lifehacker.com/205090/geek-to-live--set-up-a-personal-home-ssh-server
> http://www.noah.org/ssh/cygwin-sshd.html
>
> The only caveat on the 1st link is that I couldn't remove the
> "win_user", and then regenerate it as local user, cause:
>
> --
> mkpasswd -l –u <win_user>
> --
>
> Returns nothing on me.  So I can't append its output to /etc/passwd
>
> But that didn't seem to prevent being able to connect to localhost any
> ways.  So it doesn't seem to be an issue.
>
> BTW, the service is running OK according to windows "local services".
>
> Another caveat is that I didn't install cygwin for all users, just to
> the myself (<win_user>).  That didn't prevent the service to run,
> neither it prevent me from ssh to localhost.
>
> Any hints on how to enable sshd to receive connections?

Did you actually start it?  You can verify with "netstat -an" that
something is listening on port 22 as a first quick check.

Kind regards

robert


-- 
remember.guy do |as, often| as.you_can - without end
http://blog.rubybestpractices.com/

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: About ssh

[Javier Vasquez]

> On Sat, Sep 21, 2013 at 9:59 AM, Robert Klemme <shortcutter@googlemail.com> wrote:
>> On Fri, Sep 20, 2013 at 11:36 PM, Javier Vasquez
>> <j.e.vasquez.v@gmail.com> wrote:
>> ...
>
> Did you actually start it?  You can verify with "netstat -an" that
> something is listening on port 22 as a first quick check.
>
> Kind regards
>
> robert

Yes, see:

% netstat -an | 'grep' :22
  TCP    0.0.0.0:22             0.0.0.0:0              LISTENING
  TCP    [::]:22                [::]:0                 LISTENING

Though when attempting "ssh <win_IP>" there's a time out failure, :-(

-- 
Javier.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: About ssh

[bartels]

On 09/22/2013 06:16 PM, Javier Vasquez wrote:
>> On Sat, Sep 21, 2013 at 9:59 AM, Robert Klemme <shortcutter@googlemail.com> wrote:
>>> On Fri, Sep 20, 2013 at 11:36 PM, Javier Vasquez
>>> <j.e.vasquez.v@gmail.com> wrote:
>>> ...
>> Did you actually start it?  You can verify with "netstat -an" that
>> something is listening on port 22 as a first quick check.
>>
>> Kind regards
>>
>> robert
> Yes, see:
>
> % netstat -an | 'grep' :22
>    TCP    0.0.0.0:22             0.0.0.0:0              LISTENING
>    TCP    [::]:22                [::]:0                 LISTENING
>
> Though when attempting "ssh <win_IP>" there's a time out failure, :-(
>

It looks like you have no routing to that port.
What happens when you turn off the windoze firewall completely?

To see if there is routing, I find it easier to use netcat
Install netcat, disable sshd server, then run this:
   $ nc -lp 22

On your client, you run
   $ echo blah | nc <host> 22

If you have routing, then your problem is in sshd

- bartels

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: About ssh

[Javier Vasquez]

> It looks like you have no routing to that port.
> What happens when you turn off the windoze firewall completely?

I have no clue.  Though I'm using windows 8, the following seems to apply:

http://windows.microsoft.com/en-us/windows/turn-windows-firewall-on-off#turn-windows-firewall-on-off=windows-vista

But, at any rate, though the indication to turn on/off firewall is
there, it's not actionable.  Meaning, the options don't seem to be
enabled.

> To see if there is routing, I find it easier to use netcat
> Install netcat, disable sshd server, then run this:
>   $ nc -lp 22

OK, done on windows with "ncat -lp 22".  The application keeps there
listening I'd guess.

> On your client, you run
>   $ echo blah | nc <host> 22

This on the remote box just hangs, and nothing happens.  Apparently it
happens the same as with ssh.

Thanks,

-- 
Javier.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: About ssh

[Javier Vasquez]

| On Mon, Sep 23, 2013 at 6:30 AM, Ghislain Gadbois
<Ghislain.Gadbois@acceo.com> wrote:
| Hi,
|
| Have you tried  connecting to your Windows SSH server from your
Windows server?
| This would tell you if your SSH service is working properly.

I'm not aware of having a windows server.  The one I'm trying to use
is the cygwin sshd one.

| From your remote host, have you tried to ping the Windows host?
|  Maybe your Windows host is not reacheable from your remote host?

Ping works.

BTW, I solved the issue already.

I was trying to unblock ssh connections on the windows firewall,
without noticing the windows firewall was not used, but instead a
McAffe one is in use (host intrusion prevention).  Once I unblocked
sshd connections there, I can "ssh" from remote machines, and with the
local assigned IP as well.

Thanks all,

Javier.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple