Login

DahRat · 10-04-2018, 07:34 PM

Hello All

I'm having a problem with port 22: no route between a Lenovo Tab4 and ThinkPad T430 running Debian. The odd thing is that I can ssh from my Tab into my Raspberry Pi but no into my ThinkPad. Don't know what to make of it or how to proceed. Any advice?

DahRat

***cleverwise*** · 10-04-2018, 07:37 PM

There are several reasons but for starters are you running a firewall?

wheel · 10-04-2018, 08:11 PM

Have you tried using SSH locally?
Meaning what happens if you sit on your ThinkPad and try to SSH into the ThinkPad itself?
What OS are you running on the ThinkPad? (Is the openssh-server installed?)

DahRat · 10-05-2018, 06:36 AM

Yeah, I'm running the Gufw firewall. As for trying to SSH back into itself I have not trying. Didn't know you could. But I am running Debian Stretch 4.9.110. As for Openssh I have client, server, sftp installed.

***cleverwise*** · 10-05-2018, 11:33 AM

(10-05-2018, 06:36 AM)DahRat Wrote: Yeah, I'm running the Gufw firewall. As for trying to SSH back into itself I have not trying. Didn't know you could. But I am running Debian Stretch 4.9.110. As for Openssh I have client, server, sftp installed.

I would turn off your firewall for a moment and then test. The odds are high it will work fine.

Then you may renabled the firewall and write a rule to allow connections over port 22. Of course you may do this from the start but for troubleshooting this (if you are on a trusted network) disabling the firewall for a few minutes is usually not an issue and removes the firewall from the equation.

From this side of the monitor it sounds like the firewall is blocking the connection.

Cthulhu · (This post was last modified: 10-05-2018, 04:38 PM by Cthulhu.)

Can you ping the box you're trying to shell into? I noticed you mentioned that you got a "no route to host" so there could be a routing issue. If turning off the firewall doesn't work, try installing Nmap (and Zenmap if you prefer a GUI) and running a quick scan to see what ports are open. This is a great opportunity to play with Nmap as well. It's a really useful tool for troubleshooting networking issues and enumerating your network. Be nice with Nmap and only scan networks you are permitted to.

Are you sure you have the SSh service running? Even if you had it running previously it might not be enabled at startup and not be running after a reboot.

If you want to try SSh'ing into your own box all you need to do is run: 'ssh username@127.0.0.1'. You should be prompted to accept the key and asked for a password.

Good luck and please let us know how it works out for you. This would be a good thread for people to find when they have SSh and networking questions.

DahRat · (This post was last modified: 10-05-2018, 06:19 PM by DahRat.)

I took Gufw down and trying ssh into it self, no go(no route to host). I installed nmap and I issue "nmap -Pn" and I got Host is up latency (0.051s), all 1000 scanned ports on IP are filtered. I also tried nmap -r, -sn, -p22 and each give the same no route to host. I guess I am not sure if SSH is running.

I was able to ssh into itself afterall. I got the accept key prompt and the password prompt. I tried logging in from my Android tablet and I get a connection timed out and still the no route to host. So I do not know whats going wrong.

***cleverwise*** · 10-05-2018, 06:22 PM

I would check to see if ssh is running then.

Code:
shell> sudo systemctl status sshd

If not start it:

Code:
shell> sudo systemctl enable sshd && sudo systemctl start sshd

DahRat · (This post was last modified: 10-05-2018, 06:57 PM by DahRat.)

Well, it says active running, listening on port 22. I forgot to mention that I upgraded my router to bonded dsl and my ip changed so the no route to host I think is a wrong issue on my fault. The actual issue I get now using the correct ip is port 22: connection timed out.

Ok ok ok hang on. I turned off Gufw and now I can login to Thinkpad with my Pi. If thats the problem I dont know how to set rules in Gufw to allow login.

wheel · 10-05-2018, 07:14 PM

It seems like you found the issue. Smile

I'm not familiar with ufw, but

Code:
sudo ufw allow 22

should do it. According to this tutorial: https://www.digitalocean.com/community/t...onnections

Please forgive me if this wasn't what you were looking for.

Quote:I forgot to mention that I upgraded my router to bonded dsl and my ip changed so the no route to host I think is a wrong issue on my fault.

Bonded DSL - nice. Just out of curiosity: Does your provider give you public IP address for each device in your network? That would be unusual for a normal consumer plan, therefore I guess that you have one external IP (that probably changed) and a few internal IP's. Therefore, your internal IP's should never change unless you or your DHCP server (probably a software in your router) wants them to change.

Login
Username:
Password:	Lost Password?
	Remember me