5

I have a two network interfaces machine, one is connected to the router and gets an automatic address via DHCP. The other has a static IP in a different subnet. I can ping both IP addresses, telnet to port 22 and see the "SSH prompt".. just fine. (trying them with switching the cable in my notebook)

Question: but when it comes to connecting to this machine via SSH I can only connect through the NIC that is connected via the router, not directly. It just timeouts when I try to connect directly. Why?

The firewall rules are the default, tried rebooting both sides, I only modified the "UseDNS to no" in the sshd_config on the machine.

Willian Paixao
  • 2,711
gasko peter
  • 5,514
  • What happens if you nmap the port where ssh hangs? – Thorsten Staerk Jan 14 '14 at 06:39
  • 2
    On which interface does your ssh daemon listen? Check config with cat /etc/ssh/sshd_config | grep Listen and check running daemon with netstat -putan | grep ssh. – chaos Jan 14 '14 at 07:15
  • 3
    What's the output of ssh -v user@domain (you might need to be prepared to supply more detailed log ssh -vv or -vvv if need be). You might also want to run sshd -d (-ddd) on the server on an alternative port, try connecting to that and then looking at the log from the SSH daemon. – peterph Jan 14 '14 at 08:12
  • @chaos if he gets SSH prompt, sshd is probably listening on that device as well. – peterph Jan 14 '14 at 08:13
  • First things first: are you sure you're connecting to the right machine (no alias in .ssh/config, no protocol-aware router in the middle)? If you are, then post the output of ssh -vv. – Gilles 'SO- stop being evil' Jan 14 '14 at 21:05
  • Did you figure this out? If not, would you post the output of ssh -vv as others have asked for? – Liczyrzepa Aug 24 '16 at 12:41

1 Answers1

1

I'm almost sure you have a route problem. Probably you either have none or two default routes.

Let's assume you have two networks, 192.168.0.0/24 and 192.168.1.0/24, your router's IP 192.168.0.1 and your machine's addresses 192.168.0.2 and 192.168.1.2. A manual configuration would be something like:

sudo ifconfig eth0 192.168.0.2 netmask 255.255.255.0 up
sudo ifconfig eth1 192.168.1.2 netmask 255.255.255.0 up
sudo route add default gw 192.168.0.1
sudo route add -net 192.168.1.0 netmask 255.255.255.0

Although each scenario would require a slightly different command. [1]

Please make sure there's no other default route. Also, make sure you have ipv4_forward set to 1. [2]

Willian Paixao
  • 2,711