cannot login via ssh after installation

And I have rebooted.

 

Hm...
Did you use the local IP address to connect to SSH?

 

If by local address you mean 192.168.2.26, then yes. I tried it from the Windows machine. No luck. If by local address you mean 127.0.0.1. I don't think I've tried that. I will this evening.

 

Yes, I meant that address.
Everything you posted indicates it should work.
Did you switch off the firewall on your Windows system? Maybe that's the problem?

 

The firewall is on on both my home Windows machine (same network where the Linux box is) and here at work.

I'm thinking it has to be something in the encryption, ISPConfig firewall, or host files since it was working fine before the install.

The only other option I can think of in my limited knowledge is that somehow my atheros/madwifi/wireless config is setup incorrectly and will not allow pings, etc, to pass through.

Thoughts?

 

another clue?

This may be another clue. I tried turning off the Windows firewall, I still cannot ping or ssh into the Linux box.

Just for grins. I ssh'd from the Linux box to itself, both through the router (192.168.2.26) and through the localhost (127.0.0.1) both pinged just fine. So I downloaded and installed putty. I can ssh into the box from itself with both IP's. Does that help at all?

thanks again for all of your help.

 

I rebooted and here's the iptables -L readout. They seem the same to me. Yes, I am using putty for ssh on all machines involved.

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere

Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere

Chain PAROLE (9 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain PUB_IN (4 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:http
PAROLE tcp -- anywhere anywhere tcp dpt:81
PAROLE tcp -- anywhere anywhere tcp dptop3
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:10000
ACCEPT udp -- anywhere anywhere udp dpt:domain
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain PUB_OUT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

If it looks the same to you and it is not the Linux server, I would have to guess that I have 2 other places to look, the Atheros/Madwifi/network configuration or the router.

Does the fact that I can ping and ssh the machine from itself, through the router (192.168.2.26), prove that the router is configured properly?

 

Can you switch off the firewall and try again? If it still doesn't work, at least we know it's not the firewall.

 

Falko,

Good call! I turned off the firewall and I can ssh from my windows box on the network. Don't know why I didn't think of that. Now what? Do I have to see how the firwewall is configured for ssh?

Thanks again.

 

Till,

It's the ISPConfig firewall. FC4's forewall is turned off. Actuall was never started.

 

Can you double-check that there's no other firewall interfering with ISPConfig's firewall?
Is SELinux disabled on your system?

 

falko,

Sorry for the previous mispellings. I really need to learn how to type.

Not sure how to check if selinux is enabled. Here's is my /etc/selinux/config file

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
~
~
~
~
~
"config" 10L, 447C

--------------------------
and here is my /etc/sysconfig/system-config-securitylevel file:


# Configuration file for system-config-securitylevel

--disabled
~
~
~
"/etc/sysconfig/system-config-securitylevel" 3L, 65C

----------

I will try to check via the gui when I get home.

I don't know of any other firewall that could be running outside of FC4 and ISPconfig. Not really sure how to check, tho. I followed the perfect setup to the letter.

 

Looks ok.

 

Falko,

Yea, very confusing. Hey, I'd be glad to PM you access info if you want to look around inside the box. Like I said it's a learning machine.

I know this is not your job, but I'm extremely curious as to what I did wrong.

 

Just a thought. Is it possible that there is some sort of possible conflict with the way the madwifi drivers were written? After the ISPConfig install I had to reinstall the drivers for the wireless card. Just spitballing.

 

Till

Yea, I didn't think so. It was a shot in the dark.

One more thing I may not have mentioned. This issue effects the http services as well. I cannot login to the ISPConfig control panel (https://xxx.xx.xxxxx.xxx:81) if the firewall is turned on. So it is not isolated to ssh.

I'm stumped.

 

I think it could be a conflict with your WLAN card.