Re: Very trange SSH problem!

  Subject: Re: Very trange SSH problem!
  From: Roy Schestowitz <newsgroups@schestowitz.com>
  Date: Sat, 30 Jul 2005 07:54:01 +0100
MD wrote:

> Hello everybody. I am having a VERY strange problem with secure shell. I
> hope somebody can give some light.
> I used to connect from here (home, ADSL connection) to my office
> (university) via ssh without problems (SuSE 9.1 on both machines).
> Then I installed SuSE Linux Proffesional 9.3 a few days ago only at home
> , and now ssh behaves very strange.I can't connect now from home to my
> office, but I can connect from office to home. But this is not the
> strange thing.
> The really strange thing is that when I am in my office, connected from
> "office" to "home", logged in by ssh in "home", and I initiate in "home"
> a ssh in connection back to "office", it works perfectly!. To make it
> more clear, at office I typed:
> office:> ssh myself@home
> home:> Welcome to home! Have a lot of fun!
> home:> ssh myself@office
> office:> Welcome to office! Have a lot of fun!
> An hour later, I try the same sitting in
> front of my home computer and nothing, this is what I get
> myself@home:~> ssh -vvv myself@office
> OpenSSH_3.9p1, OpenSSL 0.9.7e 25 Oct 2004
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to "office" port 22.
> debug1: connect to address "office" port 22: Connection timed out
> ssh: connect to host "office" port 22: Connection timed out
> I know I do have connection from "home" to "office" because >tarceroute
> office gets thru. However, (and I don't know if this is important), ping
> attempts get filtered by a server at the uni just before reaching
> "office".
> Any idea or advice to find the cause of this??

Before Kevin's advice was posted I had wanted to suggest that you check
support for connections from the outside, e.g. scp and ssh. There is a
daemon that needs to be installed if it is not there by default. I used to
have a similar problem when connecting the work and University machines.
The work machine ran Ubuntu, which by default was not open to connections
from the outside.

Nonethess, I held back when considering this reply because if you
successfully get the 'loopback' ssh connection (connecting to self via
another node), then it pretty much breaks my assumptions above. I can't
think of any logical explanation (can you?) why a visitor should be able to
SSH when a physical user will not be able to do so. It seems like a
paradox. All are points to ponder, so perhaps my rambling will guide you
towards one solution or another...


Roy S. Schestowitz

