SSH connection refused

Question

Level 1

0 points

SSH connection refused

Hello everyone. I've seen this topic posted around the web, but there seem to be no answers available. i'm wondering if anyone has solved it.

On 10.5.8, allowing remote network connections should be relatively straightforward.

System Preferences -> Sharing -> Remote Login: On

It has a green light, along with the following underneath it:

"To log in to this computer remotely, type "ssh myname@mycomputer"."

Great. So, I ssh to another machine, and type "ssh myname@mycomputer".

I get the result, "ssh: connect to host mycomputer port 22: Operation timed out".

So what's going on here? I've even tried starting up sshd (ps -ef doesn't show it running), with no luck. Everyone else in the department can connect to their own machines from outside the network (so there doesn't seem to be a firewall blocking the network and restricting incoming connections), but I apparently can't. Has anyone else seen similar behavior and figured out how to solve it? Thanks!

MacBook Pro, Mac OS X (10.5.8)

Posted on Oct 12, 2010 6:14 AM

Reply

Answer 1

BobHarris

Level 9

53,663 points

Oct 12, 2010 9:00 AM in response to obfiscator

You should run 2 tests.

One test to a system where ssh works
One test to your Mac


ssh -v -v -v username@destination.address

Compare the ssh debug output from both connection attempts. Assuming the network paths are very similar, you should be able to see where in the connection sequence things go wrong.

Also do you have an system preferences -> Security -> Firewall settings that might get in the way?

Reply

Answer 2

obfiscator Author

Level 1

0 points

Oct 13, 2010 3:55 AM in response to BobHarris

Hi Bob. Thanks for the comments. I did try disabling the firewall (and even restarting, since some comments suggested that a restart was needed), but nothing changed.

I've done the ssh -v -v -v test, and coming to my Mac the output is very simple. Only three lines, and it stops with the "Connecting to" line (following that line is a timed out line). For the machine where ssh is work, it has those same three lines, and then many more, as the connection proceeds.

I tried doing a port scan, and I found the result:
22/tcp filtered ssh
A similar scan on a working machine found
22/tcp open ssh

That made me think that perhaps there was something upstream doing some filtering (that and the fact that none of my ssh attempts showed up in /var/log/secure.log, whereas that file is full of ssh attempts on the other machine). I went to talk to some other people about it and was informed that the network is closed off from the rest of the world. When everyone else wants to ssh into the network, they go through an intermediate machine that is left exposed. I guess I got some incorrect information when I first asked.

I've tried to ssh from that machine (the one which has access to the network) into my Mac, and it works. Problem solved, although it means that I am condemned to only be able to scp from one direction. 🙂

Reply

Answer 3

obfiscator Author

Level 1

0 points

Oct 13, 2010 4:01 AM in response to obfiscator

Summary: All inbound ssh attempts to the network were dropped upstream. Attempts to ssh into the machine from within the network were successful, which shows that, in the end, it wasn't a problem with the configuration of the Mac.

Reply

Answer 4

BobHarris

Level 9

53,663 points

Oct 13, 2010 7:57 AM in response to obfiscator

I've tried to ssh from that machine (the one which has access to the network) into my Mac, and it works. Problem solved, although it means that I am condemned to only be able to scp from one direction. 🙂

You could create an ssh tunnel through the intermediate system, which allows you to then use scp and other ssh based tools


ssh -L 11122:your.macs.ip.address:22 intermediate.system.address
scp -P 11122 file.to.send username@localhost:/path/where/to/store
scp -P 11122 username@localhost:/path/of/file/to/fetch /where/to/store

You can also make additional ssh connections over that same tunnel


ssh -p 11122 username@localhost echo hi
ssh -p 11122 username@localhost ls -l /path/to/dir
ssh -p 11122 username@localhost script.to.run
ssh -p 11122 username@localhost # interactive login

Reply

Answer 5

bik1906

Level 1

0 points

Jan 8, 2011 10:09 PM in response to obfiscator

I kept having this error (i.e connection refused") when trying to login on winscp with ssh and thought it was my ipod touch giving me the error. However I got around it by putting my ipods IP into a demilitarised zone from my wifi. It connects fine now with win scp.

Reply