Ssh – Binding to 0.0.0.0 only picked up local addresses

arch-linuxnetworkingssh

I'm not a server guy, and my network skills are a little rusty, so this may be a simple question. On a brand-new archlinux machine, I setup sshd, and told it to bind to 0.0.0.0:9223. Once it was running, I used netstat to confirm that it was listening on *:9223.

Running "ssh -p 9223 localhost" connected fine, but remote connections failed. I then tried "ssh -p 9223 [REMOTE_IP]" on the server, and this failed.

After trying to find the source of the problem, and failing, I set sshd to bind to [REMOTE_IP], and suddenly everything worked.

So my question is, what would cause a socket bound to 0.0.0.0 to ignore connections from the ip address of the eth0 interface?

Best Answer

The case might be that your eth0 interface is using IPv6 protocol. When you configure ssh server with ListenAddress 0.0.0.0 in /etc/ssh/sshd_config you turned off IPv6 protocol. netstat then have only one entry for ssh starting with tcp. Add a line ListenAddress :: to also listen on tcp6. netstat should report you two entries for ssh server one on tcp6 :::9223 and one on tcp 0.0.0.0:9223

Related Solutions

Ubuntu SSH Login – Permission Denied, Please Try Again

Are you certain that the user account you're attempting to access is correctly configured? If you log in as root on the system, can you su to the user account?

# su - username

What do you see in your logs after a failed connection attempt? On many systems, sshd will log to something /var/log/secure or /var/log/auth.log. Also, I note that you have PasswordAuthentication enabled but ChallengeResponseAuthentication disabled. Do you see the same behavior if you enable ChallengeResponseAuthentication?

Here are some general diagnostic steps to use when you have ssh problems:

Enable verbose diagnostics in ssh:
```
ssh -v host.example.com
```
This will cause the client to output a variety of diagnostic messages as it negotiates the connection. This will often provide a clue to the problem.
Run the server in debug mode.

On your server, stop sshd, then run it from the command line like this:
```
/usr/sbin/sshd -d
```
This will produce verbose debug logging on stderr that will very often contain useful information.

If neither of these helps you figure out what's going on, would you add the output to your question?

SSH Reverse Port Forward Bind to address

I hate when this happens, but after a little more research, I'm able to answer my own question.

It seems that sshd_config needed to have GatewayPorts yes to bind to external addresses. I must have missed this when porting over the configurations.

Best Answer

Related Solutions

Ubuntu SSH Login – Permission Denied, Please Try Again

SSH Reverse Port Forward Bind to address

Related Topic