[opensuse] SSH Over LAN Problem
My problem is that I don't know how to do that. I have ssh (OpenSuSE 11.0) working over the Internet so the installation appears to be ok. I've gone to several SSH howto sites but come out more confused than I went in. It seems to me that there should be a simple ssh command to allow me to connect to another machine on my LAN, something like: ssh -l alice Venus-ws.homeoffice Am I essentially correct or way off? Any pointers appreciated. -- Don Henson
Donald D Henson wrote:
My problem is that I don't know how to do that. I have ssh (OpenSuSE 11.0) working over the Internet so the installation appears to be ok. I've gone to several SSH howto sites but come out more confused than I went in. It seems to me that there should be a simple ssh command to allow me to connect to another machine on my LAN, something like:
ssh -l alice Venus-ws.homeoffice
Am I essentially correct or way off? Any pointers appreciated.
I find the ssh command works well. Do you have openssh installed? -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
Donald D Henson wrote:
My problem is that I don't know how to do that. I have ssh (OpenSuSE 11.0) working over the Internet so the installation appears to be ok. I've gone to several SSH howto sites but come out more confused than I went in. It seems to me that there should be a simple ssh command to allow me to connect to another machine on my LAN, something like:
ssh -l alice Venus-ws.homeoffice
Am I essentially correct or way off? Any pointers appreciated.
I find the ssh command works well. Do you have openssh installed?
Yes, I have OpenSSH installed. -- Don Henson
Donald D Henson wrote:
My problem is that I don't know how to do that. I have ssh (OpenSuSE 11.0) working over the Internet so the installation appears to be ok. I've gone to several SSH howto sites but come out more confused than I went in. It seems to me that there should be a simple ssh command to allow me to connect to another machine on my LAN, something like:
ssh -l alice Venus-ws.homeoffice
Am I essentially correct or way off? Any pointers appreciated.
You are entirely correct.
I never use the '-l' option, I just do "ssh <user>@
Per Jessen wrote:
Donald D Henson wrote:
My problem is that I don't know how to do that. I have ssh (OpenSuSE 11.0) working over the Internet so the installation appears to be ok. I've gone to several SSH howto sites but come out more confused than I went in. It seems to me that there should be a simple ssh command to allow me to connect to another machine on my LAN, something like:
ssh -l alice Venus-ws.homeoffice
Am I essentially correct or way off? Any pointers appreciated.
You are entirely correct. I never use the '-l' option, I just do "ssh <user>@
What sort of errors are you seeing?
/Per Jessen, Zürich
No error messages at first. When I enter the command, the cursor goes to the next line and just sits there until time out. Here's the command and result: dhenson@Earth-svr:~/Desktop> ssh dhenson@Venus-ws ssh: connect to host Venus-ws port 22: Connection timed out dhenson@Earth-svr:~/Desktop> -- Don Henson
On 08/04/2008 07:37 AM, Donald D Henson wrote:
No error messages at first. When I enter the command, the cursor goes to the next line and just sits there until time out. Here's the command and result:
dhenson@Earth-svr:~/Desktop> ssh dhenson@Venus-ws ssh: connect to host Venus-ws port 22: Connection timed out dhenson@Earth-svr:~/Desktop>
Is it a DNS problem? Try the local IP, i.e. ssh dhenson@192.168.x.x -- Joe Morris Registered Linux user 231871 running openSUSE 10.3 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Joe Morris wrote:
On 08/04/2008 07:37 AM, Donald D Henson wrote:
No error messages at first. When I enter the command, the cursor goes to the next line and just sits there until time out. Here's the command and result:
dhenson@Earth-svr:~/Desktop> ssh dhenson@Venus-ws ssh: connect to host Venus-ws port 22: Connection timed out dhenson@Earth-svr:~/Desktop>
Is it a DNS problem? Try the local IP, i.e. ssh dhenson@192.168.x.x
If it's not DNS, then check if 1) the firewall on the target machine accepts port 22 traffic and 2) if sshd is running on the target machine. /Per Jessen, Zürich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Per Jessen wrote:
Joe Morris wrote:
On 08/04/2008 07:37 AM, Donald D Henson wrote:
No error messages at first. When I enter the command, the cursor goes to the next line and just sits there until time out. Here's the command and result:
dhenson@Earth-svr:~/Desktop> ssh dhenson@Venus-ws ssh: connect to host Venus-ws port 22: Connection timed out dhenson@Earth-svr:~/Desktop>
Is it a DNS problem? Try the local IP, i.e. ssh dhenson@192.168.x.x
If it's not DNS, then check if
1) the firewall on the target machine accepts port 22 traffic and 2) if sshd is running on the target machine.
/Per Jessen, Zürich
My firewall is my router. Both source and target machines are on the same side of the firewall. sshd appears to be running on both machines. -- Don Henson
Joe Morris wrote:
On 08/04/2008 07:37 AM, Donald D Henson wrote:
No error messages at first. When I enter the command, the cursor goes to the next line and just sits there until time out. Here's the command and result:
dhenson@Earth-svr:~/Desktop> ssh dhenson@Venus-ws ssh: connect to host Venus-ws port 22: Connection timed out dhenson@Earth-svr:~/Desktop>
Is it a DNS problem? Try the local IP, i.e. ssh dhenson@192.168.x.x
This is weird. I did a ping Venus-ws (to find the current IP address) and ping reported that the current address is 24.28.193.9. I checked my DHCP server (the one in my Linksys router) and it is set up with a starting address of 192.168.1.100 with a maximum of 50 DHCP users. Any ideas on how this could happen? -- Don Henson
On Monday 04 August 2008 15:49:47 Donald D Henson wrote:
Joe Morris wrote:
On 08/04/2008 07:37 AM, Donald D Henson wrote:
No error messages at first. When I enter the command, the cursor goes to the next line and just sits there until time out. Here's the command and result:
dhenson@Earth-svr:~/Desktop> ssh dhenson@Venus-ws ssh: connect to host Venus-ws port 22: Connection timed out dhenson@Earth-svr:~/Desktop>
Is it a DNS problem? Try the local IP, i.e. ssh dhenson@192.168.x.x
This is weird. I did a ping Venus-ws (to find the current IP address) and ping reported that the current address is 24.28.193.9. I checked my DHCP server (the one in my Linksys router) and it is set up with a starting address of 192.168.1.100 with a maximum of 50 DHCP users. Any ideas on how this could happen?
Be sure there is only one DHCP server on your LAN -- Bogdan Cristea -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Bogdan Cristea wrote:
Be sure there is only one DHCP server on your LAN
Actually, there's nothing wrong with multiple DHCP servers, so long as they don't try to hand out the same addresses. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-08-04 at 09:20 -0400, James Knott wrote:
Bogdan Cristea wrote:
Be sure there is only one DHCP server on your LAN
Actually, there's nothing wrong with multiple DHCP servers, so long as they don't try to hand out the same addresses.
Not only that. They may give addresses on different nets, with different routing data, in a way that two computers on the same table and switch do not see each other. Once I saw such a problem in a class room with two dhcp servers; one of them giving bad data. It turned out that, when the students where trying vmware setups one of them installed the suse dhcp server in the guest linux, without knowing or forgetting it was there. The entire net (all classrooms and administrations pcs) were having very weird problems. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIlwqxtTMYHG2NR9URAgCrAJ9U0NCTej5YDrmDaUikoh4sCyn91QCePi31 E02Ag5gNM6KTAtQpm819YxA= =QUvy -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The Monday 2008-08-04 at 09:20 -0400, James Knott wrote:
Bogdan Cristea wrote:
Be sure there is only one DHCP server on your LAN
Actually, there's nothing wrong with multiple DHCP servers, so long as they don't try to hand out the same addresses.
Not only that. They may give addresses on different nets, with different routing data, in a way that two computers on the same table and switch do not see each other.
Once I saw such a problem in a class room with two dhcp servers; one of them giving bad data. It turned out that, when the students where trying vmware setups one of them installed the suse dhcp server in the guest linux, without knowing or forgetting it was there. The entire net (all classrooms and administrations pcs) were having very weird problems.
Well, if you mis-configure something, anything can happen. However, I recently set up a system where there were multiple DHCP ranges, depending on which VLAN you were on. This was a VoIP network, where the user's computer plugged into the phone (many IP phones have an ethernet switch built in) and from there was connected to the switches. The computers, on one VLAN, would talk to a different DHCP server than the phone, on a different VLAN, even though both connected to the switch via the same cable. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
Once I saw such a problem in a class room with two dhcp servers; one of them giving bad data. It turned out that, when the students where trying vmware setups one of them installed the suse dhcp server in the guest linux, without knowing or forgetting it was there. The entire net (all classrooms and administrations pcs) were having very weird problems.
This reminded me of a similar incident, when I was taking a class at IBM for (IIRC) Warp Server. The classroom lan was supposed to be isolated from the main lan, but someone had connected them and all the "servers" in the classroom were appearing on the corporate lan and causing lots of problems. -- Use OpenOffice.org http://www.openoffice.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Bogdan Cristea wrote:
On Monday 04 August 2008 15:49:47 Donald D Henson wrote:
Joe Morris wrote:
On 08/04/2008 07:37 AM, Donald D Henson wrote:
No error messages at first. When I enter the command, the cursor goes to the next line and just sits there until time out. Here's the command and result:
dhenson@Earth-svr:~/Desktop> ssh dhenson@Venus-ws ssh: connect to host Venus-ws port 22: Connection timed out dhenson@Earth-svr:~/Desktop> Is it a DNS problem? Try the local IP, i.e. ssh dhenson@192.168.x.x This is weird. I did a ping Venus-ws (to find the current IP address) and ping reported that the current address is 24.28.193.9. I checked my DHCP server (the one in my Linksys router) and it is set up with a starting address of 192.168.1.100 with a maximum of 50 DHCP users. Any ideas on how this could happen?
Be sure there is only one DHCP server on your LAN
Confirmed -- Don Henson
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-08-04 at 06:49 -0600, Donald D Henson wrote:
Is it a DNS problem? Try the local IP, i.e. ssh dhenson@192.168.x.x
This is weird. I did a ping Venus-ws (to find the current IP address) and ping reported that the current address is 24.28.193.9.
That's your ISP, probably your outside IP. Certainly not your LAN. I'd guess you have a bad routing table, or DNS. Try several local addresses with traceroute. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIlwbotTMYHG2NR9URAsHPAJ97j3kByOio2MtaoJZhomoAOI128QCgi2eX 3cA/8C/8M29nrEY1J8+Ocjk= =dj1s -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The Monday 2008-08-04 at 06:49 -0600, Donald D Henson wrote:
Is it a DNS problem? Try the local IP, i.e. ssh dhenson@192.168.x.x
This is weird. I did a ping Venus-ws (to find the current IP address) and ping reported that the current address is 24.28.193.9.
That's your ISP, probably your outside IP. Certainly not your LAN.
I'd guess you have a bad routing table, or DNS.
Try several local addresses with traceroute.
-- Cheers, Carlos E. R.
Hard to do several. Only two machines on the network. I've attached a traceroute. Shouldn't local traffic stay local? I'm not all that comfortable with routing tables and DNS, so that's a good place to find errors. -- Don Henson
On Mon, Aug 4, 2008 at 10:21 AM, Donald D Henson
Carlos E. R. wrote:
The Monday 2008-08-04 at 06:49 -0600, Donald D Henson wrote:
Is it a DNS problem? Try the local IP, i.e. ssh dhenson@192.168.x.x
This is weird. I did a ping Venus-ws (to find the current IP address) and ping reported that the current address is 24.28.193.9.
That's your ISP, probably your outside IP. Certainly not your LAN.
I'd guess you have a bad routing table, or DNS.
Try several local addresses with traceroute.
-- Cheers, Carlos E. R.
Hard to do several. Only two machines on the network. I've attached a traceroute. Shouldn't local traffic stay local? I'm not all that comfortable with routing tables and DNS, so that's a good place to find errors. -- Don Henson
Ok, look, this is not that big of a mystery. It seems that you are using your ISP's dns server (your firewall gateway/router thingie is forwarding dns requests to your isp). Since you tracerouted (and pinged) a not complete name (Venus-ws) the request was modified by your ISP's DNS server to add the default domain hrndava.rr.com and just happened to come up with something. Maybe it comes up with something always (like a honeypot). Who knows. Until you run bind on your server (inside your network) you have to put up with the flaky way that firewalls do dns forwarding. It seems you are trying to ping a Windows name (Venus-ws). From a windows machine that might work, but not from a linux machine. (You can add entries to your hosts file to make it work). You've gotten side tracked from your original problem of ssh. Just see if ssh works using numeric IPs. Then, you can go on to getting DNS working on your lan, if that is what you want to do. Opensuse makes it fairly easy to do this using yast. You then just have to set your firewall/router up to hand out the IP of your IN house dns server rather than the firewall/router device's ip. That may be more trouble than its worth to you, once you understand that linux can not ping a windows netbios name. -- ----------JSA--------- There are 10 kinds of people in this world, those that can read binary and those that can't. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-08-04 at 11:21 -0600, Donald D Henson wrote:
Hard to do several. Only two machines on the network. I've attached a traceroute. Shouldn't local traffic stay local? I'm not all that comfortable with routing tables and DNS, so that's a good place to find errors.
It would be preferable traceroute as a command line, text. But it is enough. The name "Venus-ws" resolves to an external IP, so either you create a proper DNS server that knows where that machine is, or modify your hosts file, or use IP numbers, not names. Meaning you also need to use fixed IPs, not automatic IPs given by a dhcp server. Or use a dns/dhcp combined server. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIl3uOtTMYHG2NR9URAtNmAJ96501kYHpVTOV8wMYH6wZjzg5DHgCfYzFA 6Wjwly7uZ0sSZZQSu6YfKhA= =YFQW -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Donald D Henson wrote:
My problem is that I don't know how to do that. I have ssh (OpenSuSE 11.0) working over the Internet so the installation appears to be ok. I've gone to several SSH howto sites but come out more confused than I went in. It seems to me that there should be a simple ssh command to allow me to connect to another machine on my LAN, something like:
ssh -l alice Venus-ws.homeoffice
Am I essentially correct or way off? Any pointers appreciated.
if this is what I'm thinking, on 11.0 ssh is enabled by default, but the default config for SuSEfirewall2 blocks ssh. If I recall from an earlier thread, you need to specifically configure the firewall to allow ssh, or if the machine isn't your router, the just disable the firewall. As long as you don't use passwords like "spot" or "admin" you will be fine. As a test for the current problem, just issues the rcSuSEfirewall2 stop command and then test your ssh connections. I bet they work.... -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
David C. Rankin wrote:
Donald D Henson wrote:
My problem is that I don't know how to do that. I have ssh (OpenSuSE 11.0) working over the Internet so the installation appears to be ok. I've gone to several SSH howto sites but come out more confused than I went in. It seems to me that there should be a simple ssh command to allow me to connect to another machine on my LAN, something like:
ssh -l alice Venus-ws.homeoffice
Am I essentially correct or way off? Any pointers appreciated.
if this is what I'm thinking, on 11.0 ssh is enabled by default, but the default config for SuSEfirewall2 blocks ssh. If I recall from an earlier thread, you need to specifically configure the firewall to allow ssh, or if the machine isn't your router, the just disable the firewall. As long as you don't use passwords like "spot" or "admin" you will be fine.
As a test for the current problem, just issues the rcSuSEfirewall2 stop command and then test your ssh connections. I bet they work....
I'm not using SuSEfirewall. I use the firewall that's part of my Linksys router. I'd rather not turn that one off. :-) -- Don Henson
Donald D Henson wrote:
David C. Rankin wrote:
Donald D Henson wrote:
My problem is that I don't know how to do that. I have ssh (OpenSuSE 11.0) working over the Internet so the installation appears to be ok. I've gone to several SSH howto sites but come out more confused than I went in. It seems to me that there should be a simple ssh command to allow me to connect to another machine on my LAN, something like:
ssh -l alice Venus-ws.homeoffice
Am I essentially correct or way off? Any pointers appreciated.
if this is what I'm thinking, on 11.0 ssh is enabled by default, but the default config for SuSEfirewall2 blocks ssh. If I recall from an earlier thread, you need to specifically configure the firewall to allow ssh, or if the machine isn't your router, the just disable the firewall. As long as you don't use passwords like "spot" or "admin" you will be fine.
As a test for the current problem, just issues the rcSuSEfirewall2 stop command and then test your ssh connections. I bet they work....
I'm not using SuSEfirewall. I use the firewall that's part of my Linksys router. I'd rather not turn that one off. :-)
Your config mirrors mine exactly. Though others raise their nose at the capabilities of the built-in router on the Linksys cable/dsl products, I have been very pleased with them. I supplement the linksys port blocking with a health /etc/hosts.deny for normal services, and online blacklists, HELO and recipients checks configuration for postfix. So far all works well. -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (8)
-
Bogdan Cristea
-
Carlos E. R.
-
David C. Rankin
-
Donald D Henson
-
James Knott
-
Joe Morris
-
John Andersen
-
Per Jessen