linux - outgoing ssh fails from only one machine on lan to outside network
2014-07
rwilson04
I have multiple servers in my LAN (which I'll refer to as Box1), and they are all able to make outgoing SSH connections, except one that stopped recently, which I'll refer to as Box2 (actually, I'm not 100% sure it ever worked, but I think I would have run into this before now if it didn't). They are all running Centos 6.3, with openssh on non-standard ports. Box2 is the entry point for the LAN from the outside world, and I am able to successfully ssh to it, so I know the port isn't blocked. Port forwarding works for either the non-standard port or 22, both forward to Box2. Box2 can ssh into Box1, but for every attempt to ssh to the outside world, I get 'connection refused', which makes me think firewall or something?
I'll try to attempt a summary here:
cloud->box2: works
box1->box2: works
box2->box1: works
box2->box2: works
box1->cloud: works
box2(ftp/ping/etc)->cloud: works
box2(ssh)->cloud: "connection refused"
I think I successfully disabled iptables and selinux. What else should I check?
Batibot323
Try checking the settings in Box 2. How are you using ssh? Is it like this:
[root@Box2 ~]# ssh -XC root@Cloud
Make sure that the hostname Cloud is properly defined in /etc/hosts or better yet use the ssh command with the IP address of the Cloud.
AlexiusFlavius
In this case I would try to check the network settings, Check /etc/hosts, as already stated, or /etc/resolv.conf Be sure that you have correct route to host,
traceroute Cloud
On all cases, try to check logs on the Cloud side, tailf /var/log/secure or auth.log
rwilson04
I hate restarting, but it seems to have been the solution in this case. Ruined a 405 day uptime, and now I'll never know what was wrong, but at least it works.
elmimmo
My company has an intranet web server, only accessible from the LAN, used for web development as an integration server. Users in the LAN set their /etc/hosts to use the same Virtual Hosts defined in the integration server's Apache config, and so be able to connect to it using the standard port 80.
I work remotely sometimes, and can access the server through SSH using a custom port.
If I set my /etc/hosts to the public IP of that server, is there any way I could use the SSH connection with that custom port so that my browser connection is tunneled through it gets pages from that web server?
Community
I haven't quite understood your configuration but when you ssh to the company server you should be able to set up a ssh tunnel so that you can use browser to access company webserver.
You do not need to set up /etc/hosts on your local machine. Using the ssh parameter
-L port:host:hostport
All traffic to port on localhost is tunnelled to host/hostport on the remote. So, when you do
ssh -L 80:web-server:80 user@ssh-server -p 22
http://localhost will be redirected to the web-server:80. Note that the hostport is translated on the remote server, i.e. the ssh server.
-p 22 is not needed if the ssh server uses the default port, but the question does say that the SSH server goes through a custom port. In that case, change 22 for the custom port.
If the system complains that Privileged ports can only be forwarded by root, run it as superuser:
sudo ssh -L 80:web-server:80 user@ssh-server -p 12345
or log as root.
sjbotha
I do the exact opposite. When at a customer I set up a secure ssh tunnel through tunnelier on my laptop to point to an external server with ssh server installed. Then I setup switchy in google chrome to enable forwarded traffic from my browser to the external server routed through ssh.
So,
- Install switchy in your chrome browser (You could set up a proxy in ff/ie - switchy lets you easily switch between proxy configurations). Set SOCKS Host to 127.0.0.1 and port to 1080.
- Setup Tunnelier client on your remote machine ie. your laptop / home computer and connect it to the company ssh server. Use port 1080 with "SOCKS / HTTP Proxy Forwarding" enabled.
Hope this helps.