[opensuse] ssh: Connection refused
Recently I have installed Leap 15.1 on a new computer which I have given the internal address 192.168.2.13 (wicked service, no DHCP). Everything works fine, but the computer is not reachable by ssh. /home/wolfgang> ssh 192.168.2.13 ssh: connect to host 192.168.2.13 port 22: Connection refused How can I make it reachable by ssh? Thanks in advance and best regards, Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Recently I have installed Leap 15.1 on a new computer which I have given the internal address 192.168.2.13 (wicked service, no DHCP). Everything works fine, but the computer is not reachable by ssh.
/home/wolfgang> ssh 192.168.2.13 ssh: connect to host 192.168.2.13 port 22: Connection refused
How can I make it reachable by ssh?
Thanks in advance and best regards, Wolfgang You have to use YaST's Firewall module to open port 22 for the ssh service on
Op dinsdag 26 november 2019 17:39:48 CET schreef Wolfgang Mueller: the public zone. -- Gertjan Lettink a.k.a. Knurpht openSUSE Board Member openSUSE Forums Team -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Wolfgang Mueller <wm@ariannuccia.de> [11-26-19 11:42]:
Recently I have installed Leap 15.1 on a new computer which I have given the internal address 192.168.2.13 (wicked service, no DHCP). Everything works fine, but the computer is not reachable by ssh.
/home/wolfgang> ssh 192.168.2.13 ssh: connect to host 192.168.2.13 port 22: Connection refused
How can I make it reachable by ssh?
as root: firewall-cmd --zone=public --add-port=22/tcp --permanent firewall-cmd --reload then check: iptables-save | grep 22 should provide something similar to: -A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate -NEW,UNTRACKED -j ACCEPT -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 26 Nov 2019 17:59:20 +0100, Patrick Shanahan wrote:
Wolfgang Mueller <wm@ariannuccia.de> [11-26-19 11:42]:
Recently I have installed Leap 15.1 on a new computer which I have given the internal address 192.168.2.13 (wicked service, no DHCP). Everything works fine, but the computer is not reachable by ssh.
/home/wolfgang> ssh 192.168.2.13 ssh: connect to host 192.168.2.13 port 22: Connection refused
How can I make it reachable by ssh?
as root: firewall-cmd --zone=public --add-port=22/tcp --permanent firewall-cmd --reload
then check: iptables-save | grep 22
should provide something similar to: -A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate -NEW,UNTRACKED -j ACCEPT
Since I have switched off firewall from the beginning on, the responses are a little bit different: firewall-cmd --zone=public --add-port=22/tcp --permanent FirewallD is not running firewall-cmd --reload FirewallD is not running iptables-save | grep 22 [no response at all] Regards, Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 26/11/2019 à 18:44, Wolfgang Mueller a écrit :
Since I have switched off firewall from the beginning on, the responses are a little bit different:
did you start sshd?? jdd -- http://dodin.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Martedì 26 novembre 2019 alle 18:51:47 +0100 jdd ha scritto:
Le 26/11/2019 à 18:44, Wolfgang Mueller a écrit :
[...]
did you start sshd??
Oops, I forgot that. Now, with sshd running, the computer accepts ssh from outside without any groans. Thanks a lot, Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Wolfgang Mueller <wm@ariannuccia.de> [11-26-19 13:47]:
Martedì 26 novembre 2019 alle 18:51:47 +0100 jdd ha scritto:
Le 26/11/2019 à 18:44, Wolfgang Mueller a écrit :
[...]
did you start sshd??
Oops, I forgot that. Now, with sshd running, the computer accepts ssh from outside without any groans.
but will fail with firewalld active unless you allow the port 22 passage. and for some unknown reason, you did fail to mention you had stopped firewalld. -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 11/26/2019 12:42 PM, Wolfgang Mueller wrote:
Oops, I forgot that. Now, with sshd running, the computer accepts ssh from outside without any groans.
The infallible fallibility of humans :) -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Wolfgang Mueller <wm@ariannuccia.de> [11-26-19 12:45]:
On Tue, 26 Nov 2019 17:59:20 +0100, Patrick Shanahan wrote:
Wolfgang Mueller <wm@ariannuccia.de> [11-26-19 11:42]:
Recently I have installed Leap 15.1 on a new computer which I have given the internal address 192.168.2.13 (wicked service, no DHCP). Everything works fine, but the computer is not reachable by ssh.
/home/wolfgang> ssh 192.168.2.13 ssh: connect to host 192.168.2.13 port 22: Connection refused
How can I make it reachable by ssh?
as root: firewall-cmd --zone=public --add-port=22/tcp --permanent firewall-cmd --reload
then check: iptables-save | grep 22
should provide something similar to: -A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate -NEW,UNTRACKED -j ACCEPT
Since I have switched off firewall from the beginning on, the responses are a little bit different:
firewall-cmd --zone=public --add-port=22/tcp --permanent FirewallD is not running firewall-cmd --reload FirewallD is not running iptables-save | grep 22 [no response at all]
well, you really have to start firewalld in order to have the functions. and: systemctl start sshd -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Wolfgang Mueller wrote:
Recently I have installed Leap 15.1 on a new computer which I have given the internal address 192.168.2.13 (wicked service, no DHCP). Everything works fine, but the computer is not reachable by ssh.
/home/wolfgang> ssh 192.168.2.13 ssh: connect to host 192.168.2.13 port 22: Connection refused
How can I make it reachable by ssh?
You said later you had disabled the firewall, so the only thing that remains is to start sshd, but that should have happened automatically. I assume you can ping the new machine? Is it a remote box or do you have local access? -- Per Jessen, Zürich (7.1°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 26/11/2019 à 19:08, Per Jessen a écrit :
You said later you had disabled the firewall, so the only thing that remains is to start sshd, but that should have happened automatically.
no, on new install sshd is disabled by default jdd -- http://dodin.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
jdd@dodin.org wrote:
Le 26/11/2019 à 19:08, Per Jessen a écrit :
You said later you had disabled the firewall, so the only thing that remains is to start sshd, but that should have happened automatically.
no, on new install sshd is disabled by default
Not on any of my systems, that would have been a disaster on any remote install. Maybe because I always install over ssh? -- Per Jessen, Zürich (6.8°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Le 26/11/2019 à 19:31, Per Jessen a écrit :
jdd@dodin.org wrote:
Le 26/11/2019 à 19:08, Per Jessen a écrit :
You said later you had disabled the firewall, so the only thing that remains is to start sshd, but that should have happened automatically.
no, on new install sshd is disabled by default
Not on any of my systems, that would have been a disaster on any remote install. Maybe because I always install over ssh?
it's the default since a lot of time... I sometime get confused and forget to enable it and have to reset in remote servers. There is an install summary just before starting downloading where one can enable sshd jdd -- http://dodin.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 26/11/2019 19.31, Per Jessen wrote:
jdd@dodin.org wrote:
Le 26/11/2019 à 19:08, Per Jessen a écrit :
You said later you had disabled the firewall, so the only thing that remains is to start sshd, but that should have happened automatically.
no, on new install sshd is disabled by default
Not on any of my systems, that would have been a disaster on any remote install. Maybe because I always install over ssh?
Yes, it is the default since some years. There was a long discussion, and in the end an entry (two entries, actually) was added to the YaST summary to a) start ssh daemon b) enable ssh in the firewall. Certainly, logic dictates that if you are installing over ssh, the port should be automatically open and daemon started :-) - -- Cheers / Saludos, Carlos E. R. (from 15.1 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXd2AOwAKCRC1MxgcbY1H 1YPYAKCGdOe5dU4TPxoqR5C+L6H3fMd6xgCfXpZH+5mLLzZMKYDanJQ+hsouYJk= =ijVq -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
jdd@dodin.org wrote:
Le 26/11/2019 à 19:08, Per Jessen a écrit :
You said later you had disabled the firewall, so the only thing that remains is to start sshd, but that should have happened automatically.
no, on new install sshd is disabled by default
So maybe that is Wolfgang's problem - need to start sshd. systemctl start sshd systemctl enable sshd -- Per Jessen, Zürich (6.2°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, 26 Nov 2019 at 19:36:37 +0100, Per Jessen wrote:
jdd@dodin.org wrote:
Le 26/11/2019 à 19:08, Per Jessen a écrit :
You said later you had disabled the firewall, so the only thing that remains is to start sshd, but that should have happened automatically.
no, on new install sshd is disabled by default
So maybe that is Wolfgang's problem - need to start sshd.
You are completely right (see my answer to Jean-Daniel).
systemctl start sshd systemctl enable sshd
I did it in Yast because I was not sure how to program starting a daemon at boot time. Anyway, thanks a lot for your help. Wolfgang -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 26/11/2019 11:39, Wolfgang Mueller wrote:
Recently I have installed Leap 15.1 on a new computer which I have given the internal address 192.168.2.13 (wicked service, no DHCP). Everything works fine, but the computer is not reachable by ssh.
/home/wolfgang> ssh 192.168.2.13 ssh: connect to host 192.168.2.13 port 22: Connection refused
How can I make it reachable by ssh?
Just to confirm the obvious: You ARE running sshd on the target machine and it IS configured to listen on port 22 using the protocol and handshake your source is using? You can also try, variously ssh -v 192.168.2.13 ssh -vv 192.168.2.13 and ssh -vvv 192.168.2.13 to see more and more, progressively, about what is going on and where, and possibly why, the connection is refused. Is it at the TCP level, the protocol level or the authentication level? -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (8)
-
Anton Aylward -
Carlos E. R. -
David C. Rankin -
jdd@dodin.org -
Knurpht-openSUSE -
Patrick Shanahan -
Per Jessen -
Wolfgang Mueller