RESOLVED: SSH "party did not proplerly respond ...."

General support questions
doulos
Posts: 29
Joined: 2015/11/07 17:55:32

RESOLVED: SSH "party did not proplerly respond ...."

Post by doulos » 2018/01/14 23:58:01

Hi, I have recently been unable to connect via SSH to my server from outside the network. I have been able to connect to this server for a couple years. I cannot figure it out. I can connect to the server from with the same network using the same URL/USER/PASSWD/PORT. Firewall is disabled on my modem, I have made sure the router forwarded the port to the server. Check and double checked to make sure DNS is correct (in fact I use the same URL with which I can connect locally)I have whitelisted my IP address in firewalld, made sure there was not rich rule blocking my home IP address, etc.

It seems that my IP address must somehow be blocked, but I am stumped. Any help would be greatly appreciated.

Edit: I've just confirmed that I cannot connect from other outside IP address'.
Last edited by doulos on 2018/01/18 20:02:12, edited 2 times in total.

tunk
Posts: 424
Joined: 2017/02/22 15:08:17

Re: SSH "party did not proplerly respond ...."

Post by tunk » 2018/01/15 10:45:53

You could use nmap from the outside to see which ports are let through.
You could also try to setup sshd to listen to eg. port 443 (https); that is, you don't use it as a web-server with https.

doulos
Posts: 29
Joined: 2015/11/07 17:55:32

Re: SSH "party did not proplerly respond ...."

Post by doulos » 2018/01/15 17:51:33

I am using port 2201 for SSH. It has worked fine for over a year. nmap does not show port 2201 even though the port is forwarded to that computer and firewall-cmd --list-all shows it is allowing 2201 through.

User avatar
TrevorH
Forum Moderator
Posts: 23678
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SSH "party did not proplerly respond ...."

Post by TrevorH » 2018/01/15 17:54:44

Can you get to the server by another method? If you can then run e.g. tcpdump port 2201 -l -n -nn -i any and then go and try to connect to it from outside. If your tcpdump then sees the packets they are making it past the router/firewall and onto your box. If it doesn't then the problem is between you and the remote side of the firewall - either something is blocking the packets so they never reach your router/firewall or your forwarding is not working. If you do see packets arriving then the problem is on the CentOS box.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

doulos
Posts: 29
Joined: 2015/11/07 17:55:32

Re: SSH "party did not proplerly respond ...."

Post by doulos » 2018/01/15 19:27:14

I can get to it from another computer on the network. I know the IP address of the router is correct since I can get to the webserver on port 80. Here is some more info when I connect from a computer inside the same network:
[]# firewall-cmd --zone=public --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces:
sources: me
services: ftp http dhcpv6-client ssh https mysql
ports: 443/tcp 80/tcp 2200/tcp 2201/tcp 21/tcp 3306/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="me" accept

[]# nmap -sT -O localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2018-01-15 09:59 PST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00010s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 995 closed ports
PORT STATE SERVICE
21/tcp open ftp
25/tcp open smtp
80/tcp open http
443/tcp open https
3306/tcp open mysql
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.7 - 3.9
Network Distance: 0 hops

OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 6.42 seconds

[]# hostname -I
10.1.4.30
modem.png
Modem port forwarding settings:
modem.png (205.71 KiB) Viewed 438 times
router.png
Router port forwarding settings:
router.png (161.79 KiB) Viewed 438 times

User avatar
TrevorH
Forum Moderator
Posts: 23678
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SSH "party did not proplerly respond ...."

Post by TrevorH » 2018/01/15 19:40:49

It's a simple test and will help to narrow down where the problem lies.

If you are connecting to the system to do this via ssh then you'll need to add "and not host 1.2.3.4" to the tcpdump so it reads "port 2201 and not host ..." where 1.2.3.4 is the ip address that you are connecting from via ssh or it will loop printing packets.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

doulos
Posts: 29
Joined: 2015/11/07 17:55:32

Re: SSH "party did not proplerly respond ...."

Post by doulos » 2018/01/15 19:44:43

I am logging in remotely to a windows computer on the same network, then ssh-ing into the CentOS server. I will not be able to log onto the server itself for a week or so. What is the command if logging in from another computer inside the network using ssh? I tried the one you posted above but it is always 5 minutes behind.

User avatar
TrevorH
Forum Moderator
Posts: 23678
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SSH "party did not proplerly respond ...."

Post by TrevorH » 2018/01/15 21:18:54

It's the same command and you need to exclude the machine from which you are ssh'ing or it will dump that traffic. So whatever the ip address is of your windows computer, use that in the "not host x.y.z.a" argument.

I'm not sure what you mean by "5 minutes behind". It dumps traffic as it arrives. If the timestamp on the packets it dumps is off by 5 mins then so is the time on that machine.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke

kalyanasundaram
Posts: 22
Joined: 2014/08/20 14:12:58

Re: SSH "party did not proplerly respond ...."

Post by kalyanasundaram » 2018/01/16 12:29:59

Is it resolved?

doulos
Posts: 29
Joined: 2015/11/07 17:55:32

Re: SSH "party did not proplerly respond ...."

Post by doulos » 2018/01/16 21:15:59

No, not yet. I did fix the time, though. Never considered the time might be off.

Post Reply