Want to highlight a helpful answer? Upvote!

Did someone help you, or did an answer or User Tip resolve your issue? Upvote by selecting the upvote arrow. Your feedback helps others! Learn more about when to upvote >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Jeff Bowden1
Jeff Bowden1 Author
User level: Level 1
8 points

SSH permission denied.

Since the last system update, I cannot log into my home computer via SSH. All of my firewall settings are correct, my dynamic dns is corrrect, etc. When I go to my computer address via the web, I see my Apache screen, so I know my router is correctly forwarding (I have 80, 20-23 all forwarded to my computer through my router).

All I get is a message "ssh: connect to host jtbowden.dyndns.org port 22: Permission denied". FTP seems to be similarly affected. "ftp: connect: Permission denied"

I can ssh in locally, or from any machine on my local network, but nothing outside. Any ideas?

I am pretty ignorant when it comes to sshd_config settings, etc, so any help is appreciated.

17" Aluminum Powerbook, Mac OS X (10.4.3)

Posted on Jan 7, 2006 12:56 PM

Reply
10 replies
User profile for user: Tim Haigh
Tim Haigh
User level: Level 7
24,198 points

Jan 9, 2006 4:01 AM in response to Jeff Bowden1

Hello Jeff,

One of the recent updates did install new version of SSL so this may have altered your setup slightly.

You may want to look at the following howtoin order to get SSH configured to use public keys and it will also show you how to configure /etc/sshd_config

Then when you initiate the SSH connection use the Verbose option this will help you see what is causing the problem.

ssh -v user@server





However as you say you can ssh locally but not from outside your network you need to confirm that your router is port forwarding correctly. You could try using netcat to portscan your network to see if port 22 is open.

The easiest way to install netcat is via darwinports or fink.

once netcat is installed from outside your network use the command

nc -vvn -z serveraddress 21-23



This will check to see if your ftp and ssh ports are open.
Reply
User profile for user: chairman rod
chairman rod
User level: Level 2
490 points

Jan 9, 2006 8:11 AM in response to Tim Haigh

The easiest way to install netcat is via darwinports
or fink.


tiger has netcat included
$ find /usr -name nc
/usr/bin/nc

once netcat is installed from outside your network
use the command

nc -vvn -z serveraddress
21-23



This will check to see if your ftp and ssh ports are
open.


He wouldn't be getting a permission denied message if the port was closed.
Reply
User profile for user: Jeff Bowden1
Jeff Bowden1 Author
User level: Level 1
8 points

Jan 10, 2006 7:17 PM in response to chairman rod

I used netcat to scan my ports and from my local machine I got open on 21-23 and 80 as expected and "Connection Refused" on all other ports.

From outside, I get "Permission denied" on ALL ports. It seems to me that this would be my router, but all settings seem to be correct. I upgraded the firmware and reset it to factory settings, turned on port forwarding, and got the same messages.

Any ideas?
Reply
User profile for user: Jeff Bowden1
Jeff Bowden1 Author
User level: Level 1
8 points

Jan 11, 2006 3:29 PM in response to Tim Haigh

I have a dynamic IP, but I use a dynamic forwarding service. I know I am hitting my network, this is not the issue.

My router is a linksys WRT45G if I remember correctly.

I can access my web directory if I go to my address through a web page, so port 80 is somehow making it through, but 20-23 are not.

So the next question is whether OS X still allows SSH with username/password. Do you have to authenticate with public/private keys?
Reply

SSH permission denied.

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up