cannot ssh into a box with DHCP assigned IP address

Fleuriot Damien ml at my.gd
Wed Feb 20 10:00:37 UTC 2013 

On Feb 20, 2013, at 10:45 AM, Anton Shterenlikht <mexas at bristol.ac.uk> wrote:

> 	From: Fleuriot Damien <ml at my.gd>
> 	To: mexas at bristol.ac.uk
> 	Subject: Re: cannot ssh into a box with DHCP assigned IP address
> 	Date: Wed, 20 Feb 2013 10:31:22 +0100
> 	Cc: freebsd-questions at freebsd.org
> 
> 	On Feb 20, 2013, at 10:28 AM, Anton Shterenlikht <mexas at bristol.ac.uk> wrote:
> 
> 	> I have a laptop with FreeBSD -current,
> 	> with ip address assigned via DHCP.
> 	> The laptop has neither a static ip address,
> 	> nor a domain.
> 	> 
> 	> I can ping the laptop fine, but cannot
> 	> ssh into it. The sshd is running, /etc/ssh/ssd_config
> 	> seems fine, /etc/hosts.allow is fine.
> 	> However, /etc/hosts is just the default:
> 	> 
> 	> #
> 	> ::1                     localhost localhost.my.domain
> 	> 127.0.0.1               localhost localhost.my.domain
> 	> #
> 	> 
> 	> Is it the lack of a domain that prevents
> 	> me from getting ssh access?
> 	> I try to ssh with just a dynamic ip address,
> 	> for which ping seems to work fine.
> 	> Or is the problem somewhere else?
> 	> 
> 	> I'm not even sure I'm asking the right
> 	> questions.
> 	> 
> 	> Thanks
> 	> 
> 	> Anton
> 
> 
> 	First, check what ports SSH listens on:
> 	sockstat | grep ssh
> 
> root at zzz:~ # sockstat | grep ssh
> mexas    ssh        16193 3  tcp4   172.21.220.12:20541   137.222.187.241:22
> root     sshd       1091  3  tcp6   *:22                  *:*
> root     sshd       1091  4  tcp4   *:22                  *:*
> root at zzz:~ #
> 
> I also see:
> 
> /var/log/auth.log:Feb 18 11:54:25 zzz sshd[1091]: Server listening on :: port 22
> .
> /var/log/auth.log:Feb 18 11:54:25 zzz sshd[1091]: Server listening on 0.0.0.0 po
> rt 22.
> 
> Is 0.0.0.0 expected?
> 

0.0.0.0 = * = all IPs / interfaces



> Anything else I should check in the logs?
> 

Not that I'm aware of



> 
> 	Then, assuming SSH indeed listens on *:22 ,
> 	 check if you have a firewall running that
> 	 could be preventing packets from reaching your box.
> 
> I don't think so.
> There's nothing in the kernel config
> 
> 	By the way, do you get a login prompt at all,
> 	 over SSH, or just a plain timeout or connection reset ?
> 
> Just a timeout:
> 
> root at zzz:~ # ifconfig wlan0
> wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>        ether 00:21:5c:50:68:c3
>        inet 172.21.220.12 netmask 0xfffffc00 broadcast 255.255.255.255
>        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
>        media: IEEE 802.11 Wireless Ethernet OFDM/54Mbps mode 11g
>        status: associated
>        ssid eduroam channel 1 (2412 MHz 11g) bssid 00:3a:98:62:cd:a0
>        country US authmode WPA2/802.11i privacy ON deftxkey UNDEF
>        AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 14 bmiss 10 scanvalid 450
>        bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5
>        protmode CTS wme roaming MANUAL
> root at zzz:~ #
> 
> TZAV> ping 172.21.220.12
> PING 172.21.220.12 (172.21.220.12): 56 data bytes
> 64 bytes from 172.21.220.12: icmp_seq=0 ttl=60 time=2.056 ms
> 64 bytes from 172.21.220.12: icmp_seq=1 ttl=60 time=1.766 ms
> ^C
> 
> TZAV> ssh 172.21.220.12
> ssh: connect to host 172.21.220.12 port 22: Operation timed out
> TZAV>
> 
> Thanks
> 
> Anton
> 



Run this on your server:

tcpdump -ni wlan0 ip and port 22



Then try to ssh to the box, see if SYN packets arrive, see if your box sends SYN/ACK back.

More information about the freebsd-questions mailing list