Ssh problems with no firewall

[Guest moodyfirebird]

Okay, I;ve got no firewall ( I checked in the Mandrake Control Panel)....and I stilll can't ssh into my machine...it says:

 

Port 22 connection refused

 

Truly odd.

[Guest anon]

This maybe a security problem, but it may also come under networking.

Have you installed and set up ssh for your machine ?

[Guest moodyfirebird]

Ssh is installed, and I can ssh into other machines from my own...I just can't ssh INTO mine.

[Steve Scrimpshire]

Is sshd running on the machine you are trying to ssh into?

 

# ps ax | grep sshd

29423 ?        S      0:00 sshd

 

If it's not, start it, by issuing the command 'sshd' without the quotes as root and then try to ssh into it.

[Guest moodyfirebird]

This is what it told me when I tried to run sshd.

 

 

Could not load host key: /etc/ssh/ssh_host_key

Could not load host key: /etc/ssh/ssh_host_rsa_key

Could not load host key: /etc/ssh/ssh_host_dsa_key

Disabling protocol version 1. Could not load host key

Disabling protocol version 2. Could not load host key

sshd: no hostkeys available -- exiting.

[Steve Scrimpshire]

Try running /usr/bin/ssh-keygen then starting it.

[MottS]

Do you have something under /etc/shorewall? Even if you set 'no firewall' in the mcc that may be a problem ...

 

MOttS

[Guest moodyfirebird]

hmmmmm. This is what I get for ssh-keygen:

 

You must specify a key type (-t).

Usage: ssh-keygen [options]

Options:

-b bits Number of bits in the key to create.

-c Change comment in private and public key files.

-e Convert OpenSSH to IETF SECSH key file.

-f filename Filename of the key file.

-i Convert IETF SECSH to OpenSSH key file.

-l Show fingerprint of key file.

-p Change passphrase of private key file.

-q Quiet.

-y Read private key file and print public key.

-t type Specify type of key to create.

-B Show bubblebabble digest of key file.

-C comment Provide new comment.

-N phrase Provide new passphrase.

-P phrase Provide old passphrase.

 

Which key do I use?

[Guest anon]

ssh-keygen -t rsa

Then copy the public key to you machine.

For more info read our Doc section. http://mandrakeusers.org/docs/secure/sssh2.html

[Relic2K]

Once you have you have both server and client software installed, you have to generate you key pairs for every user you wish to have ssh available for.

 

$user> ssh-keygen -t rsa -b 2048

The -b switch tells SSH how strong the encryption will be.

 

Then check your MCC to ensure that the SSHD services are turned on. Something else you may want to setup is in the /etc/ssh/sshd_conf. Make sure you disable direct logins as root. This way users can only connect as themselves and have to change to ROOT after. This is just a good security practice. I am pretty sure it is in the sshd_conf file, it may be the ssh_conf file.