Author: Imran Chaudhry Date: To: Hampshire LUG Discussion List Subject: Re: [Hampshire] confused ssh newbie
On 24 June 2011 04:03, Mike Burrows <testermike@???> wrote:
> On 6/23/11 11:12 AM, Benjie Gillam wrote:
>
>> Can you ssh -p 2222 from another computer/device on your LAN? (You may
>> need to use your internal IP address to do so.) If so then you at least know
>> SSH is working. If not, then I'd use netcat.
>>
>>
>> No. I have the same problem whether I use the external Dyndns address of
> home network or staying within the LAN and using the ip address of the
> server running ssh.
>
> Cheers
> Mike
>
> PS. I am thinking it would be a whole lot simpler to learn how to do key
> based logins and stick with port 22 :)
>
> Hi Mike, you've got some useful stuff to try from others in the thread.
When you're changing sshd_config you're restarting sshd afterwards?
>From an Internet-based Linux host, does "nc some.dyndns.org 2222" produce an openssh banner?
My next steps would be ssh -v on client side and a simultaneous multitail on
/var/log/auth.log on the server.
When running Internet-facing ssh it would be prudent to look into running
some means of defence against the inevitable intrusion attempts. Look at
DenyHosts and fail2ban - both are packages in Ubuntu/Debian.
Security through obscurity may be scoffed at but imho it's a good way to
counter unstructured attacks.
