top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Accessing CENTOS machine using SSH

+2 votes
802 views

I have a CENTOS 5 box that can reach the internet and can ping to/from all windows system on my home network. The catch is that I can not connect to the box using SSH from any windows machine, though they can easily ping the linux box and vice-versa.

posted Oct 1, 2013 by Jagan Mishra

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button
Is there a firewall running on the Linux machine, and if so, is it  allowing tcp port 22 through? Are you able to ssh from other Linux  systems on your home network (if there are any) or have you only tried  sshing from Windows systems? Is sshd running?
I will check on firewall, though I have not deliberately activated one. This machine has run for several years without this occurrence. I will check on port 22. All other machnes on the LAN are Windows.
Surprisingly (to me, anyway), the SSH daemon is off by default in CentOS; you need to 'chkconfig sshd on' and 'service sshd start' as root in order to be able to ssh in.

2 Answers

+1 vote
 
Best answer

Others have mentioned it as well, it sounds to me like there's a local firewall (probably iptables) running on the linux box. Although I thought the default in the 5 series of redhat/centos was to leave port 22 open. it could also be that you don't have the ssh daemon turned on/possibly even installed (?)

I'd make sure you have ssh turned on (from the linux machine, ssh to localhost, telnet localhost 22, ps -ef | grep sshd, service sshd status, chkconfig --list | grep ssh ) if all that works and looks OK, then try turning off firewall (service iptables stop) then try to ssh in from your other machines if that's ok, then back to the linux machine's console and do

service iptables start
iptables -I INPUT -s ${cdir of your lan[1]} -p tcp --dport 22 -j ACCEPT
service iptables save

and I'd think you should be set.

[1] if your LAN is 192.168.0.0 with a netmask of 255.255.255.0 the CDIR would be 192.168.0.0/24, not sure how much you've dealt with that. Google will be your friend if you have an odd netmask.

some of these options may be off, I don't use centos 5 much these days and all I'm putting in here is from memory, so I might be missing some stuff, but I think it's reasonably close.

answer Oct 1, 2013 by anonymous
+1 vote

The catch is that I can not connect to the box using SSH

That's obviously not true or just half of the story. Did you actually try *sshing* in? Your title mentions sftp, not ssh. So, what software are you using to connect? I would normally recommend using SCP (and not sftp) with WinSCP. If you do that you can have the sftp subsystem of OpenSSH shut off.

answer Oct 1, 2013 by Seema Siddique
Similar Questions
+5 votes

We access our Subversion repositories mainly via svn+ssh:// on a central server. We limit access to the repos using Unix group membership. For example, the repo for ProjectA has 770 permissions and belongs to GroupA and ProjectB also has 770 permission and belongs to GroupB. So users who are in GroupA can access ProjectA and users in GroupB can access ProjectB. The file permissions look like this:

 drwxrws--- 7 svn GroupA 4096 Dec 27 2009 ProjectA
 drwxrws--- 7 svn GroupB 4096 Dec 27 2009 ProjectB

Everything is working as expected so far. Users in each group can only access their respective projects, and users in both groups can access both projects. But now we want to prevent a subset of users in GroupB from accessing certain subtrees of ProjectB. Can this be done when using svn+ssh:// access? If so, how?

+2 votes

I have function in python,(Assume that i have imported all necessary module),

 def DL_Iperf(args):
        ssh=paramiko.SSHClient()
        ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
        ssh.connect(server_ip,username="root",password=Password)
some_code

This function is actually a thread and it will be created as many no of UE i have, (Ex: if i have 1 UE than 1 Thread will be created),

So, if i have 1 UE/ 2 UE than its working but if i have 3 UE then it is failing, with error "Paramiko : Error reading SSH protocol banner",

Below is the stderr of the script,

    No handlers could be found for logger "paramiko.transport"

    Unhandled exception in thread started by <function DL_Iperf at 0x02B8ACF0>
    Traceback (most recent call last):

    File "C:\Users\qxdm-5\Desktop\Chirag\LTE_11_Perfect_Working\TCP_Latest_2\Windo
    ws_UE\slave.py", line 379, in DL_Iperf

    ssh.connect(ServerIp,username="root",password=Pwd)

    File "build\bdist.win32\egg\paramiko\client.py", line 295, in connect

    File "build\bdist.win32\egg\paramiko\transport.py", line 451, in start_client

paramiko.SSHException: Error reading SSH protocol banner

From some reference i found that this is because of some network related issue, but my question is if it network related then why everytime in 3rd call of the function i am getting this error? And how do i resolve it?

+2 votes

Is there way to use two different keys for ssh authentication on one machine for the same user to login the same server? I need one key for svn+ssh to run command on remote server and the other key to login and work from shell on that same server.

+3 votes

Trying to see if ssh/port forwarding can be used to solve a prob. I want to have multiple clients connected to a single master server

The masterServer/app is providing data on port X
The clientNodes/apps should then listen on port X

ssh allows for port forwarding, but I can't figure out how to accomplish this using ssh/port forwarding.

I've tried using :
ssh -L 8000:localhost:8000 bob@foo.com -p abc
as foo.com:abc is the vm ip/port that's the server app

I then did a test using nc where on the serverside, I did a nc -l 8000, and got an err msg indicating the port was already in use

Port 8000 is the port the server app sends data on, and is the port I'd like to listen on on the clientnodes/apps..

...