cannot ssh into a box with DHCP assigned IP address

Anton Shterenlikht mexas at bristol.ac.uk
Wed Feb 20 13:55:11 UTC 2013 

	From feenberg at nber.org Wed Feb 20 13:39:28 2013

	> 	From: Fleuriot Damien <ml at my.gd>
	> 	To: mexas at bristol.ac.uk
	> 	Subject: Re: cannot ssh into a box with DHCP assigned IP address
	> 	Date: Wed, 20 Feb 2013 10:31:22 +0100
	> 	Cc: freebsd-questions at freebsd.org
	>
	> 	On Feb 20, 2013, at 10:28 AM, Anton Shterenlikht <mexas at bristol.ac.uk> wrote:
	>
	> 	> I have a laptop with FreeBSD -current,
	> 	> with ip address assigned via DHCP.
	> 	> The laptop has neither a static ip address,
	> 	> nor a domain.
	> 	>
	> 	> I can ping the laptop fine, but cannot
	> 	> ssh into it. The sshd is running, /etc/ssh/ssd_config
	> 	> seems fine, /etc/hosts.allow is fine.
	> 	> However, /etc/hosts is just the default:

	While on the problem machine, can you ssh to localhost? ssh to the IP 
	address?

yes to both

	I would suspect the problem is in /etc/hosts.allow
	 or /etc/hosts.deny,

The first non-comment line in /etc/hosts.allow is
ALL : ALL : allow

and I don't have /etc/hosts.deny:

root at zzz:~ # ls /etc/hosts*
/etc/hosts              /etc/hosts.equiv
/etc/hosts.allow        /etc/hosts.lpd
root at zzz:~ #

	or perhaps the subnet mask is incorrect.

Well.. what should it be?
I have on the problem box (ssh server):

wlan0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1
500
        ether 00:21:5c:50:68:c3
        inet 172.21.220.12 netmask 0xfffffc00 broadcast 255.255.255.255
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: IEEE 802.11 Wireless Ethernet OFDM/54Mbps mode 11g
        status: associated
        ssid eduroam channel 1 (2412 MHz 11g) bssid 00:3a:98:62:cd:a0
        country US authmode WPA2/802.11i privacy ON deftxkey UNDEF
        AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 14 bmiss 10 scanvalid 450
        bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5
        protmode CTS wme roaming MANUAL

I'm trying to ssh from 137.222.187.241.

I wonder, perhaps it somehow built into the
Eduroam wireless, provided by the University,
that the devices connected to it cannot be
accessible. They can only initiate outgoing
connections, but all incoming connections are
somehow blocked? Given that the majority of
the devices will be unsecured MS boxes, maybe
the university thought that this is wise idea
for safety. Perhaps I can investigate this
with my IT guys. 

Or I might be talking complete nonsense here, not my area at all.

Thanks

Anton

More information about the freebsd-questions mailing list