PDA

View Full Version : [ubuntu] SSH server randomely stops accepting connections



chadjohnson
April 30th, 2009, 06:34 AM
I have a Hardy server on my home network, and about once a week for the last few weeks I have been unable to connect to the thing via SSH. Here is some output:



chad@calypso ~ $ ssh -vvv zeus
OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to zeus [192.168.1.74] port 22.
debug1: connect to address 192.168.1.74 port 22: Connection timed out
ssh: connect to host zeus port 22: Connection timed out


I get this when trying to connect from my laptop and my phone.

I tried rebooting my DD-WRT WRT54GL router to no avail. And just for kicks, I restarted my cable modem as well, but the problem persists.

Any ideas? I can't recall making any changes to the server's config.

Note that I CAN connect most of the time (but when I actually NEED to connect, it of course does not work!). Most of the time if I reboot, the problem goes away, for a while. Also note that I can always connect via FTP with no problem.

renkinjutsu
April 30th, 2009, 07:47 AM
same thing..
check this thread for updates
http://ubuntuforums.org/showthread.php?t=1139268

sahabcse
April 30th, 2009, 07:50 AM
paste the o/p of

nmap localhost and

nmap youripaddress (From other system)

chadjohnson
April 30th, 2009, 08:04 AM
After rebooting the server, I can now connect again via SSH...

nmap localhost (on the server):


Starting Nmap 4.53 ( http://insecure.org ) at 2009-04-30 00:01 PDT
Interesting ports on chadjohnson.webhop.net (127.0.0.1):
Not shown: 1706 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3128/tcp open squid-http
3306/tcp open mysql

Nmap done: 1 IP address (1 host up) scanned in 0.135 seconds


nmap 192.168.1.74 (from laptop):


Starting Nmap 4.53 ( http://insecure.org ) at 2009-04-30 00:04 PDT
Interesting ports on zeus (192.168.1.74):
Not shown: 1707 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
80/tcp open http
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3128/tcp open squid-http
3306/tcp open mysql

Nmap done: 1 IP address (1 host up) scanned in 1.230 seconds


Forgot to mention: FTP always works.

I DID have the following iptable rules in place, but I just disabled them, so I'll see what happens.



# Generated by iptables-save v1.3.8 on Sun Feb 22 23:44:46 2009
*filter
:INPUT ACCEPT [102307:23512839]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [101706:60387908]
:SSH_CHECK - [0:0]
-A INPUT -s 208.89.209.168 -j DROP
-A INPUT -s 66.201.249.250 -j DROP
-A INPUT -s 200.30.68.150 -j DROP
-A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/min --limit-burst 4 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j SSH_CHECK
-A INPUT -s 124.160.33.162 -j DROP
-A SSH_CHECK -m recent --set --name SSH --rsource
-A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP
COMMIT
# Completed on Sun Feb 22 23:44:46 2009

sahabcse
April 30th, 2009, 09:03 AM
I think Iptables firewall denying the ssh connection