Re: connecting with SSh through public IP ?

From: Richard E. Silverman (slade@shore.net)
Date: 03/07/03


From: slade@shore.net (Richard E. Silverman)
Date: 06 Mar 2003 22:26:55 -0500


>
> "charly" <kanari667is6@yahoo.fr> wrote in message
> news:b48ebf$p36$1@news-reader11.wanadoo.fr...
> > mikepb@hoplite.org wrote:
> > > charly <kanari667is6@yahoo.fr> wrote:
> > >
> > >>Greetings,
> > >
> > >
> > >>I' ve got a problem with my SSH :
> > >>Linux Box, mandrake9 . firewall : shorewall.
> > >
> > >
> > >>My Lan has 2 machines :
> > >>I can ssh from B to A (A runs the sshd server) using the ips of my
> > >>network : client does this :ssh 10.0.0.1 (1 is linux, of course)
> > >
> > >
> > >>Now let's say that my linux box is connected to the web and have the
> > >>following ip : 154.12.65.45.
> > >
> > >
> > >>If B tries ssh 154.12.65.45
> > >>154.12.65.45 port 22: Connection refused

Check that sshd is actually listening on that address -- for instance, you
might have a ListenAddress statement in sshd_config telling it to listen
only on the private side. Also check your firewall packet filtering
rules; perhaps it is refusing the connection attemtps, and you need a rule
which permits traffic to the router's external which originates from the
internal network.

Joshua> From my undestanding, you either need an internal DNS server
Joshua> running for internal lookups, or another instance of nat running
Joshua> on the inside interface, which I've heard is hairy. I just use
Joshua> IPs and/or an updated /etc/hosts to contact other machines inside
Joshua> the LAN. I don't think B can access A by external IP in this case
Joshua> because it's not approaching A from outside, but from inside. I
Joshua> hope this makes sense...

It doesn't, because this is all either irrelevant or false. The poster
did not ask anything about naming, so DNS is irrelevant, and inbound
address translation has nothing to do with connectivity among addresses
inside the NAT boundary.

-- 
  Richard Silverman
  slade@shore.net


Relevant Pages

  • Re: Incredible
    ... listening to choral evensong, well the radio was on anyway and the ... Apparently Yahweh told Joshua to slaughter every man, ... PS 'elvira' is spamtrapped - please reply to 'elviraspam' at cockaigne dot org dot uk if you ...
    (uk.media.radio.archers)
  • Re: Incredible
    ... listening to choral evensong, well the radio was on anyway and the ... though it was Joshua chapter 8 - later than Jericho, ... I love this except from Richard Dawkins in the God Delusion. ...
    (uk.media.radio.archers)
  • Re: Incredible
    ... listening to choral evensong, well the radio was on anyway and the ... Apparently Yahweh told Joshua to slaughter every man, ... I love this except from Richard Dawkins in the God Delusion. ... "The God of the Old Testament is arguably the most unpleasant character ...
    (uk.media.radio.archers)
  • Re: Incredible
    ... listening to choral evensong, well the radio was on anyway and the ... Apparently Yahweh told Joshua to slaughter every man, ... I love this except from Richard Dawkins in the God Delusion. ...
    (uk.media.radio.archers)
  • Re: Incredible
    ... listening to choral evensong, well the radio was on anyway and the ... let alone being read out in a modern church service on national radio. ... Apparently Yahweh told Joshua to slaughter every man, ... I don't know why it's part of the holy book, except that it's part of the ...
    (uk.media.radio.archers)