cannot ssh into a box with DHCP assigned IP address

Anton Shterenlikht mexas at
Wed Feb 20 13:55:11 UTC 2013

	From feenberg at Wed Feb 20 13:39:28 2013

	> 	From: Fleuriot Damien <ml at>
	> 	To: mexas at
	> 	Subject: Re: cannot ssh into a box with DHCP assigned IP address
	> 	Date: Wed, 20 Feb 2013 10:31:22 +0100
	> 	Cc: freebsd-questions at
	> 	On Feb 20, 2013, at 10:28 AM, Anton Shterenlikht <mexas at> wrote:
	> 	> I have a laptop with FreeBSD -current,
	> 	> with ip address assigned via DHCP.
	> 	> The laptop has neither a static ip address,
	> 	> nor a domain.
	> 	>
	> 	> I can ping the laptop fine, but cannot
	> 	> ssh into it. The sshd is running, /etc/ssh/ssd_config
	> 	> seems fine, /etc/hosts.allow is fine.
	> 	> However, /etc/hosts is just the default:

	While on the problem machine, can you ssh to localhost? ssh to the IP 

yes to both

	I would suspect the problem is in /etc/hosts.allow
	 or /etc/hosts.deny,

The first non-comment line in /etc/hosts.allow is
ALL : ALL : allow

and I don't have /etc/hosts.deny:

root at zzz:~ # ls /etc/hosts*
/etc/hosts              /etc/hosts.equiv
/etc/hosts.allow        /etc/hosts.lpd
root at zzz:~ #

	or perhaps the subnet mask is incorrect.

Well.. what should it be?
I have on the problem box (ssh server):

        ether 00:21:5c:50:68:c3
        inet netmask 0xfffffc00 broadcast
        media: IEEE 802.11 Wireless Ethernet OFDM/54Mbps mode 11g
        status: associated
        ssid eduroam channel 1 (2412 MHz 11g) bssid 00:3a:98:62:cd:a0
        country US authmode WPA2/802.11i privacy ON deftxkey UNDEF
        AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 14 bmiss 10 scanvalid 450
        bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5
        protmode CTS wme roaming MANUAL

I'm trying to ssh from

I wonder, perhaps it somehow built into the
Eduroam wireless, provided by the University,
that the devices connected to it cannot be
accessible. They can only initiate outgoing
connections, but all incoming connections are
somehow blocked? Given that the majority of
the devices will be unsecured MS boxes, maybe
the university thought that this is wise idea
for safety. Perhaps I can investigate this
with my IT guys. 

Or I might be talking complete nonsense here, not my area at all.



More information about the freebsd-questions mailing list