Hi StackOverflow members,
I have an issue with ssh connection on my Debian 7 system to a remote OpenSSH server located on the same network. It looks like there is some network configuration problem but I cann't find where it lays. This two debian machines are connect with a switch that is NOT connected to a router. So the two machines have no internet connection.
A-Debian 7
IP: 192.168.1.2
MASK: 255.255.255.0
GW: 192.168.1.1
B-Debian 7
IP: 192.168.1.3
MASK: 255.255.255.0
GW: 192.168.1.1
With that configuration the ssh command prompts my for a password in less then a second. But the with the following network configuration I get the password prompt after a 10+ second delay:
A-Debian 7
IP: 10.10.1.83
MASK: 255.255.255.128
GW: 10.10.1.1
B-Debian 7
IP: 10.10.1.82
MASK: 255.255.255.128
GW: 10.10.1.1
The ssh connection from the server A -> B runs with both configs on custom 1111 port.
The B machine has also a Web server running on port 8080 that has no delays with both net configurations.
Thank you in advance for any clues or tips how to solve that problem.
SOLVED: Removing of the gateway parameter "GW: 10.10.1.1" in the network settings has solved the problem.
The usual culprits here are IPv6 and DNS lookups.
SSH might try to connect via IPv6, first, but the timeout is too low for that. You can see whether IPv6 is enabled with
cat /proc/sys/net/ipv6/conf/eth0/disable_ipv6
To disable:
echo 1 > /proc/sys/net/ipv6/conf/eth0/disable_ipv6
The second culprit is DNS; my guess is that DNS lookups don't work correctly with the second configuration. Try host www.google.com to test this theory.
If that also has a delay, you need to fix your DNS setup.
If that's not it, check the rest of your networking parameters: Gateway, cables, etc.
Start to ping the other host. Is that fast & reliable?
Next, try remote login (ssh, telnet). Note that you can give telnet a port to connect to, so if you have DB server running, you can still use telnet to connect to the server. It will print an error but it allows you to test the TCP/IP connection without any extra error sources.
Related
I am having trouble accessing the weblogic console from a different machine in the same network.
I installed weblogic on a server from a different machine by ssh. The weblogic is up and running, but now I can't access the console on a browser from my machine. Both machines are part of the same network.
I am able to SSH in to the server from my local machine. Ping also works on both machines using each other's IP address.
telnet gives me the following output:
am#Linux-Vostro-3250:~$ telnet 192.x.x.x 7002
Trying 192.x.x.x...
telnet: Unable to connect to remote host: No route to host
This is confusing me, because I am able to access the server using ssh.
I searched everywhere for a possible solution, but I could only find more problems.
In very simple language, how do I resolve this issue or what exactly may the cause be?
There was no firewall cinfigured in the server. I set up a firewall by following the instructions from this site "https://oracle-base.com/articles/linux/linux-firewall"
There are two GUI options but none of them worked for me so better stick to the CLI.
then, using the following command i granted access to my local machine from the server :
# Accept packets from specific host (x.x.x.x).
iptables -A INPUT -s x.x.x.x -j ACCEPT
Now i can access the Weblogic console from my x.x.x.x machine.
I wanted to ssh into Kaa's sandbox using ssh kaa#127.0.0.1 -p 2222 given in the virtual machine to us and also in one of the Data Collection demo where it said that we need to ssh into kaa's sandbox then we can see our mongoDB using our application token of our demo to see data saved into it.
But we do know the password is kaa123. But I tried 4 times, it shows permission denied, please try again until it shows permission denied (publickey,password).
ThusIi would like to seek help. I haven set up anything apart from downloading cmake, gcc. I changed the port on Raspberry pi to port 2222. Raspberry pi is connected to my computer using an Ethernet cable.
Raspberry pi static ip address : 169.254.220.68
Computer static ip address : 169.254.220.135
Kaa's sandbox ssh address is : ssh kaa#127.0.0.1 -p 222
Your answers are really very very important to us as we have been stuck for days for our mini Final Year Project.
As I understood, the situation is next:
Kaa Sandbox is running in VirtualBox image on host 169.254.220.135
Raspberry Pi has IP address 169.254.220.68
You tries to get to Kaa Sandbox by ssh from Raspberry Pi
Kaa Sandbox shows in terminal that you can access its SSH via localhost (127.0.0.1) port 2222
If that is correct, the technical details are as follows:
You should be able (if you didn't change Kaa Sandbox configuration) to access the Kaa Sandbox from your VirtualBox host just as it is shown in the Kaa Sandbox terminal:
ssh kaa#localhost -p 2222
Please try this first. Should this fail you will not be able to pass the further checks below.
The Kaa Sandbox is shiped with NAT networking mode configuration. This means (among other things) that its internal IP addresse(s) (including 10.0.2.15) cannot be reached from outside. That is, you cannot connect to this address from Raspberry Pi and even from your VirtualBox host. NAT hides them under the VirtualBox host IP address.
To enable access to the Kaa Sandbox from outside we pre-configured the Kaa Sandbox VirtualBox image to forward several ports from your host IP address to the internal IP address (10.0.2.15) which is under NAT. The port forwarding configuration is next:
${HostIP}:2222 -> 10.0.2.15:22
This means that all the connections to ${HostIP}:2222 will be forwarded to the Kaa Sandbox's 10.0.2.15:22.
Thus:
You should be able to get Kaa Sandbox SSH locally by kaa#localhost -p 2222 and by host IP: kaa#169.254.220.135 -p 2222
You need to use your host IP from remote: kaa#169.254.220.135 -p 2222
Please let me know if something is unclear here or does not work for you.
127.0.0.1 always points to your own computer. If kaa's sanbox is in your Raspberry Pi, try ssh kaa#169.254.220.68 -p 2222
I set my linux as an access point, and then run simple web-server that print "hello world" at port 3000.
and connect it with my smart phone successfully.
in linux terminal, http://localhost:3000 works well.
But in smart phone,
If I access to http://172.24.1.105:3000, can't connect to it. (172.24... is ap's ip)
the chrome's error message is
This site can't be reached. 172.24.1.105 refused to connect
I searched Google (https://serverfault.com/questions/725262/what-causes-the-connection-refused-message) and I suspicious linux's firewall.
pi#raspberrypi:~/prj/ap_server $ sudo tcpdump -n icmp
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
... when I access to port 3000,
15:07:13.102750 IP 192.168.0.3 > 168.126.63.2: ICMP 192.168.0.3 udp port 42531 unreachable, length 386
the log is above. so I couldn't reach ap's webserver.
so I wonder two things...
1. How can I disable to its port block?
2. in tcpdump log, I access to port 3000 actually, why the log print port 42531?
Plus)
even I type sudo service iptables stop, the problem is not solved
sudo netstat -ntlp | grep 3000 logs:
**tcp6 0 0 :::3000 :::* LISTEN 1999/nodejs**
+I followed this tutorial-> https://frillip.com/using-your-raspberry-pi-3-as-a-wifi-access-point-with-hostapd/ .
and there is ipv4 setting.
If you want to run it on your mobile it will work on Live IP (externel) address
if it is working fine on local address (localhost) and not on live IP then
enable routing from your router
and allow that specific port it will work fine.
I found the issue.
my dhcp set was
interface=wlan0 # Use interface wlan0
listen-address=172.24.1.1 # Explicitly specify the address to listen on
bind-interfaces # Bind to the interface to make sure we aren't sending things elsewhere
server=8.8.8.8 # Forward DNS requests to Google DNS
domain-needed # Don't forward short names
bogus-priv # Never forward addresses in the non-routed address spaces.
dhcp-range=172.24.1.50,172.24.1.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time
like above.
I tried to connect the external ip(172.24.1.105) that I can see on mobile continuously but got failed. but when I tried with 172.24.1.1, then success.
I don't know why. maybe there is accurate ip address and something in mobile is temporal.
See similar topic at Node JS not listening to port 1337 on server
Your web server is not listening remote address.
I have two Machines running in VirtualBox, Ubuntu 12.04 LTS with two network adapters (NAT,Internal Network) and Kali Linux with one adapter (Internal Network). I'm also running tor ( SocksPort 9150, ControlPort 9151 ) in Ubuntu. My goal is to have access on the internet from Kali only through tor. So I used ssh port forwarding from kali to ubuntu and also configured firefox to use proxy( 127.0.0.1 - 9150)
kali~# ssh -N -L 9150:10.0.3.2:9150 root#10.0.3.1
With this command i am trying to forward all the traffic into tor.
The connection is established according to netstat and ping is working but when i try to load a page nothing happens and i keep getting the same error message on Kali's terminal
channel 2: open failed : connect failed : connection refused
Am i missing something? Do i need to open a port?
I also tried to use a SOCKS proxy with
ssh -D 9150 root#10.0.3.1
but it didn't work. Please share your thoughts with me, I am waiting for your insights.Thank you.
Internal Network Configuration:
Ubuntu:
IP:10.0.3.1
Broadcast Address:10.0.3.255
Subnet Mask:255.255.255.0
Default Route:10.0.2.2
Primary DNS:192.168.1.1
Kali:
IP:10.0.3.2
Broadcast Address:10.0.3.255
Subnet Mask:255.255.255.0
NAT Configuration:
Ubuntu
IP:10.0.2.15
Broadcast Address:10.0.2.255
Subnet Mask:255.255.255.0
Default Route:10.0.2.2
Primary DNS:192.168.1.1
I have Two Linux Machine Redhat & Centos Under Window 7(as host) In Vmware Workstation.
I configure DNS server & DHCP Server in Redhat(10.0.0.1).
Client which is Centos is able to get IP(10.0.0.30) from DHCP server but it is not picking up name from DNS Server.
Problem is At server 10.0.0.1 i am able to ping itself by hostname like
root#server->ping server.example.com Ping successfull
But Client is not able to ping Server by Hostname like
root#localhost->ping server.example.com Ping Not Successfull
Client is able to ping Server by its ip like
root#localhost->ping 10.0.0.1 Ping Successfull
Now My questn is that Why Client is not able to ping server by its hostname & why client is not picking up name from DNS server,
Just had similar issue on my Debian VM running on a Win7 host.
Setting up DNS server isn't enough to resolve server name, especially when proxy is used in your network environment.
To solve it, you've to export http_proxy environment variable on command line before calling other executables. For example:
export http_proxy="http://{your proxy ip address here}:{your proxy port here}"
As usual, remember to add it to your profile script so you don't redo it after each boot.