Results 1 to 23 of 23
  1. #1
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54

    Very strange problem acccessing ssh.

    I am currently having a strange problem. I cannot access 2 of my vps (1 cloud and 1 solusvm) from two seperate companies. (brand new vps created within 2 days. I have never been able to ssh to these servers. They simply timeout in all cases with no additional information. No login prompts, no "connecting to host" in winscp, just timeouts.

    But I can access 7 other servers (I have had these for some time) including one dedicated linux, 4 vps linux, 2 windows vps from 3 different companies. None of these companies is provide the 2 problem vps.

    I can access the cloud management and reload OS, reboot, change password, login via Java console. The same is true with the solusvm vps system. But I cannot ssh to the vps themselves.

    I access via IP, so DNS is not an issue, although I did change my DNS servers to rule it out.

    I have tried accessing from the same computer with windows 7 (winscp and putty) windows xp (winscp and putty) and puppy linux (command line ssh -l root IP-ADDRESS.

    I have also tried with a seperate computer running windows 7 (winscp)

    I have logged into several of my other servers, including the dedicated and at the command prompt tried to access the vps's from there (ssh -l root IP-ADDRESS). I can successfully do this to the other vps and dedicated that I am running, I cannot do it to the two problem ones.

    I access via the same port and have checked the sshd_config in each (via the java console) and it is not a problem. (I made a port change on one, just to rule it out). I have changed the operating systems from centos to debian and ubuntu on each, but it made no difference.

    Firewall cannot be the problem since I access other vps and the dedicated with no problems and I have also tried different OS and machines.

    I have rebooted my modem and router several times to both remove potential jams and to get another IP from my ISP.

    An ISP IP block could not be the case, or else the ssh'ing from with in another ssh'd vps would work.

    Unless this is two independant problems that are coincidental, I cannot figure out what the problem could be.

    I am truly puzzled and would like some suggestions. (but please read what I have written first)

    Thanks
    Last edited by bugeye; 08-26-2011 at 12:08 AM. Reason: missing information

  2. #2
    Join Date
    Jan 2011
    Location
    Varna, Bulgaria
    Posts
    1,276
    What exactly you mean by "can't access ssh" - do you get connection refused, connection timed out, or the ssh connects but then doesn't accept your password?

  3. #3
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    Quote Originally Posted by rds100 View Post
    What exactly you mean by "can't access ssh" - do you get connection refused, connection timed out, or the ssh connects but then doesn't accept your password?
    As I stated in my post: "They simply timeout in all cases with no additional information. No login prompts, no "connecting to host" in winscp, just timeouts."

  4. #4
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,849
    I'd guess something in your server config or firewall is blocking you. As to why it should happen on two at the same time, did you recently change anything? Auto-updates? If not, maybe just coincidence.

    Quote Originally Posted by bugeye View Post
    puppy linux (command line ssh -l root IP-ADDRESS.
    Try
    Code:
    ssh -vvv -l root IP-ADDRESS
    It may tell you something.

    Also, Java consoles are usually just ssh clients. You're probably able to get access through those only because you're connecting to the host machine rather than directly to your own VPS.

    Once you're in, either through the Java console or your own ssh client connecting through the host machine, check your firewall settings, ssh server config and that sshd is running.

    Edit:
    Quote Originally Posted by bugeye View Post
    As I stated in my post: "They simply timeout in all cases with no additional information. No login prompts, no "connecting to host" in winscp, just timeouts."
    Firewall.
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  5. #5
    Join Date
    Jan 2011
    Location
    Varna, Bulgaria
    Posts
    1,276
    Can you try this: From another VPS do telnet IP_address 22 (or whatever your ssh port is) and see if you get any SSH identification string back. Or if it just sits there trying to connect, or connects, outputs nothing and then disconnects?
    Also on the problematic VPSes - do you run something like csf, fail2ban, some other iptables firewall?

  6. #6
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,849
    Perhaps a silly suggestion but have you made absolutely sure you're using the right port number? At the linux command line you need "-p PORTNUMBER".
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  7. #7
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    Quote Originally Posted by foobic View Post
    I'd guess something in your server config or firewall is blocking you. As to why it should happen on two at the same time, did you recently change anything? Auto-updates? If not, maybe just coincidence.


    Try
    Code:
    ssh -vvv -l root IP-ADDRESS
    It may tell you something.

    Also, Java consoles are usually just ssh clients. You're probably able to get access through those only because you're connecting to the host machine rather than directly to your own VPS.

    Once you're in, either through the Java console or your own ssh client connecting through the host machine, check your firewall settings, ssh server config and that sshd is running.
    As I said, these are two BRAND NEW vps, I have not change anything in them other than to attempt to fix the access problem. I have changed the OS on both as well and on the cloud, I have created a separate one that had the same problem.

    A firewall "configuration" or sshd not running should not be the cause because we are talking about three different distros with clean installs. According to the "new client" information in my new client email, I should just be able to ssh directly to the vps, so configuration or sshd not running should also not be an issue.

    One of the companies has been attempting to fix it for a day with no success so far (but they are keeping in touch and I do not fault their service). The other company is asleep I think.

    I tried the vvv option, but all it returned was:

    OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to IP-ADDRESS [IP-ADDRESS] port 22.

    Then timed out.

    debug1: connect to address IP-ADDRESS port 22: Connection timed out

  8. #8
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    Quote Originally Posted by foobic View Post
    Perhaps a silly suggestion but have you made absolutely sure you're using the right port number? At the linux command line you need "-p PORTNUMBER".
    No suggestions are silly.

    But yes I have attempted many variations of port options. Both vps in both companies in all OS itterations used 22 except for once when I tried a high port number to rule out port difficulty.

    But thank you.

  9. #9
    Join Date
    Jan 2011
    Location
    Varna, Bulgaria
    Posts
    1,276
    Login via the java/whatever console to one of the problematic VPS-es and then do tcpdump -n port 22

    After this try connecting via ssh to that problematic VPS. Look at the tcpdump to see if packets for port 22 arrive at all and if they arrive - is there any sort of reply.
    Also check that you are ssh-ing to the correct VPS IP - maybe what was sent in the welcome email is not correct? Just do ifconfig on the VPS and see what IP addresses are there.
    Also i hope the IP addresses are not something funny, like ending in .0 or .255?

  10. #10
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    Quote Originally Posted by rds100 View Post
    Can you try this: From another VPS do telnet IP_address 22 (or whatever your ssh port is) and see if you get any SSH identification string back. Or if it just sits there trying to connect, or connects, outputs nothing and then disconnects?
    Also on the problematic VPSes - do you run something like csf, fail2ban, some other iptables firewall?
    Telnet just sits there trying to connect.

    I dont run anything, they are brand new templates. I dont know anything about fail2ban or csf, but iptables was looked into thouroughly by the cloud vps hosting techs. According to them (and the other provider) I should just be able to ssh straight in.

  11. #11
    sounds like a firewall issue or openssh is not running maybe?

  12. #12
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,849
    Try logging into one of your other servers and then ssh to the problem children from there (just to eliminate your ISP). Then, if you're sure the port is correct, are you sure you're using the right IP address? Also, a clean install should normally have sshd running on 22 and not firewalled but with VPS templates you never quite know.

    Again, if you can get in via console (however that's working) you can check ip address (ifconfig), stop any firewall and verify that sshd is running.

    Edit: ie, pretty much exactly what rds100 said. Oops.
    Last edited by foobic; 08-26-2011 at 12:51 AM.
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  13. #13
    Join Date
    Apr 2009
    Location
    inside wht
    Posts
    746
    If you have any other vps from the same company , if so please try to ssh from there . See if that works.
    24x7 PROACTIVE SERVER MANAGEMENT | OUTSOURCED WEB HOSTING SUPPORT
    Sales : sales @ syslint.com | Call us : (+91)9447607799 | Are you looking for DevOps Admins ?

  14. #14
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    Quote Originally Posted by rds100 View Post
    Login via the java/whatever console to one of the problematic VPS-es and then do tcpdump -n port 22

    After this try connecting via ssh to that problematic VPS. Look at the tcpdump to see if packets for port 22 arrive at all and if they arrive - is there any sort of reply.
    Also check that you are ssh-ing to the correct VPS IP - maybe what was sent in the welcome email is not correct? Just do ifconfig on the VPS and see what IP addresses are there.
    Also i hope the IP addresses are not something funny, like ending in .0 or .255?
    Checked eth0 and the IP was correct. Restarted sshd and it responded [OK] then when I did a tcpdump, it reported 0 packets in all categories and I tried sshing twice for a total of 4 minutes.

  15. #15
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    Quote Originally Posted by foobic View Post
    Try logging into one of your other servers and then ssh to the problem children from there (just to eliminate your ISP). Then, if you're sure the port is correct, are you sure you're using the right IP address? Also, a clean install should normally have sshd running on 22 and not firewalled but with VPS templates you never quite know.

    Again, if you can get in via console (however that's working) you can check ip address (ifconfig), stop any firewall and verify that sshd is running.

    Edit: ie, pretty much exactly what rds100 said. Oops.
    This is what I was referring to when I said "I have logged into several of my other servers, including the dedicated and at the command prompt tried to access the vps's from there (ssh -l root IP-ADDRESS). I can successfully do this to the other vps and dedicated that I am running, I cannot do it to the two problem ones." Basically ssh'ing from within an ssh session to another server.

    I have checked the sshd config and verified that it is running. Unless the templates are very strange and have some weird firewall that I dont know about running, the firewall is also not the problem.

    As I mentioned before as well, I have both confirmed port 22 and tried other ports as well as rebuilding OS's with different templates.

  16. #16
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    Quote Originally Posted by Syslint View Post
    If you have any other vps from the same company , if so please try to ssh from there . See if that works.
    I do not have any other current vps with either company, although with the cloud company, I created another one with a different IP address and setup concurrent with the first. Still the same problem.

    I also deleted the VM altogether for 6 hours and then recreated it on the cloud system.

    At least I am somewhat pleased that you guys are suggesting most of the things I have tried so far. It makes me feel not quite so stupid.

    Also, although I am in Australia, I think it is now well and truly the nightshift in the US, so I doubt I will be hearing anymore from either company till shift change.

  17. #17
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    I even tried to buy a cheap photonvps for a month to test that, but maxmind hates me and so I will have to wait for shift change there as well to get something operational.

  18. #18
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    If anyone of you wants to try it, pm me and I will send you the login details for the vps. That way I can determine if the problem is my end or the vps end.

  19. #19
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,849
    Quote Originally Posted by bugeye View Post
    Checked eth0 and the IP was correct. Restarted sshd and it responded [OK] then when I did a tcpdump, it reported 0 packets in all categories and I tried sshing twice for a total of 4 minutes.
    Presumably this is a Xen VPS then (VZ normally uses venet0). What exactly does ifconfig return? Can you ping out from inside the problem VPSs? (eg. ping google.com).

    Edit: You could also try (from inside the troubled VPS):
    Code:
    ssh -l root 127.0.0.1
    ssh -l root IP_ADDRESS
    Last edited by foobic; 08-26-2011 at 01:38 AM.
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  20. #20
    I have also seen problems like this when there is a bad os template involved.

  21. #21
    Join Date
    Jan 2011
    Location
    Varna, Bulgaria
    Posts
    1,276
    If you want PM me with the console/login/etc details for one of the troubled VPSes and i will try to debug this for you.

  22. #22
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    Quote Originally Posted by foobic View Post
    Presumably this is a Xen VPS then (VZ normally uses venet0). What exactly does ifconfig return? Can you ping out from inside the problem VPSs? (eg. ping google.com).

    Edit: You could also try (from inside the troubled VPS):
    Code:
    ssh -l root 127.0.0.1
    ssh -l root IP_ADDRESS
    Good ideas.

    On the solusvm vps, pinging google returns unknown host. It can ping itself, but cannot ssh to one of my known working servers.

    Therefore, the solusvm machine is at fault.

    I cannot check the cloud machine at the moment, because the java console is returning errors.

  23. #23
    Join Date
    Feb 2003
    Location
    Australia
    Posts
    54
    Haha, I checked the cloud vps as well. It cannot reach out and touch the internet either.

    It seems that I have two brand new independant vps with a similar problem from the getgo. Talk about coincidence.

    Thanks for all your help guys. I am still not online, but the puzzle is no longer there.

Similar Threads

  1. can't SSH but can login to WHM, Strange!
    By HostForAsia in forum Hosting Security and Technology
    Replies: 11
    Last Post: 04-12-2013, 05:30 PM
  2. Strange SSH/Putty Problem
    By Grumps in forum Computers and Peripherals
    Replies: 8
    Last Post: 05-08-2011, 02:01 PM
  3. Is this a strange ssh process??
    By SmartTux in forum Hosting Security and Technology
    Replies: 16
    Last Post: 11-17-2005, 12:52 AM
  4. Strange Root SSH Problem
    By dkitchen in forum Dedicated Server
    Replies: 12
    Last Post: 07-27-2005, 03:11 AM
  5. Strange FTP/SSH user adding question
    By JDTurbeville in forum Dedicated Server
    Replies: 7
    Last Post: 01-04-2003, 12:23 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •