Page 2 of 4

Re: SSH not working

Posted: Mon Sep 03, 2012 11:15 pm
by drgeoff
If I telnet to a host I don't expect a reply that mentions 'ssh'.

Re: SSH not working

Posted: Mon Sep 03, 2012 11:17 pm
by Alesbi
drgeoff wrote:If I telnet to a host I don't expect a reply that mentions 'ssh'.
Right. But at least i got a response. And the other guys seem to think it means SSH is working. Any ideas on what I can do now, Geoff?

Re: SSH not working

Posted: Mon Sep 03, 2012 11:21 pm
by Jim JKla
Another approach.

Download a Linux image say Ubuntu one that will boot and run from CD burn it to CD (You do not need to install).

Boot from the CD and run putty from that active Linux.

If it works it's Microsoft causing you grief.

Re: SSH not working

Posted: Mon Sep 03, 2012 11:23 pm
by Alesbi
Jim JKla wrote:Another approach.

Download a Linux image say Ubuntu one that will boot and run from CD burn it to CD (You do not need to install).

Boot from the CD and run putty from that active Linux.

If it works it's Microsoft causing you grief.
Will Wubi suffice? I once did a wubi install but it was slow and frustrating. I uninstalled it shortly after

Re: SSH not working

Posted: Mon Sep 03, 2012 11:28 pm
by Jim JKla
You don't need to install just run from CD it loads into a ramdisk (virtual disk in memory)

Yes Wubi would do. Had to go look it up. :D

Re: SSH not working

Posted: Tue Sep 04, 2012 12:05 am
by Alesbi
Jim JKla wrote:You don't need to install just run from CD it loads into a ramdisk (virtual disk in memory)

Yes Wubi would do. Had to go look it up. :D
Essentially the same errors. Tried through command line and PuTTY.

Image

Re: SSH not working

Posted: Tue Sep 04, 2012 12:15 am
by Jim JKla
Well thats eliminated Microsoft well partialy It's still rogue in my books.

If you have a Wheezy SD card in the RPi then it's OK and you have a Linux connection running putty on the PC end the only other thing I can think of is Router Firewall. ;)

The following is from the putty support common error messages
10.15 ‘Network error: Connection reset by peer’

This error occurs when the machines at each end of a network connection lose track of the state of the connection between them. For example, you might see it if your SSH server crashes, and manages to reboot fully before you next attempt to send data to it.

However, the most common reason to see this message is if you are connecting through a firewall or a NAT router which has timed the connection out. See question A.7.10 in the FAQ for more details. You may be able to improve the situation by using keepalives; see section 4.13.1 for details on this.

Note that Windows can produce this error in some circumstances without seeing a connection reset from the server, for instance if the connection to the network is lost.

Re: SSH not working

Posted: Tue Sep 04, 2012 12:18 am
by Alesbi
Jim JKla wrote:Well thats eliminated Microsoft well partialy It's still rogue in my books.

If you have a Wheezy SD card in the RPi then it's OK and you have a Linux connection running putty on the PC end the only other thing I can think of is Router Firewall. ;)
10.15 ‘Network error: Connection reset by peer’

This error occurs when the machines at each end of a network connection lose track of the state of the connection between them. For example, you might see it if your SSH server crashes, and manages to reboot fully before you next attempt to send data to it.

However, the most common reason to see this message is if you are connecting through a firewall or a NAT router which has timed the connection out. See question A.7.10 in the FAQ for more details. You may be able to improve the situation by using keepalives; see section 4.13.1 for details on this.

Note that Windows can produce this error in some circumstances without seeing a connection reset from the server, for instance if the connection to the network is lost.
Your quote mentions timeouts. Timeouts often happen over a small period of time. Perhaps if a web page isn't loading, after 20 seconds it might tell me the connection has timed out. My connection to my Pi times out instantly - as soon as I hit the OK button in Putty, 1 second later, it gives me one of the errors you've seen.

Any idea how I can disable my router's firewall? I know you can add exceptions, but it looks a bit tricky, and i'd prefer to fully disable it (temporarily) to be safe. It's a Netgear DGN2000 Router.

Re: SSH not working

Posted: Tue Sep 04, 2012 12:24 am
by Alesbi
I made a rule in my inbound services of my router to allow Any incoming traffic and divert it to the LAN server 192.168.0.5 (my Pi). This did not solve the problem. Same errors occur.

Re: SSH not working

Posted: Tue Sep 04, 2012 12:33 am
by Jim JKla
Link to the manual

http://www.downloads.netgear.com/files/ ... 4Aug08.pdf

I wish I could stay up but I am shattered and I have a 6am start and it's 1:24am here.

I will be in tomorrow and the threads on watch.

One saving grace Netgear manuals are well written and the router I have here is similar (I don't have the antenas)

The firewall stuff is in section3

I will be in tomorrow. ;)
Alesbi wrote:I made a rule in my inbound services of my router to allow Any incoming traffic and divert it to the LAN server 192.168.0.5 (my Pi). This did not solve the problem. Same errors occur.
this is more like outside world to Pi

Re: SSH not working

Posted: Tue Sep 04, 2012 12:36 am
by Alesbi
Jim JKla wrote:Link to the manual

http://www.downloads.netgear.com/files/ ... 4Aug08.pdf

I wish I could stay up but I am shattered and I have a 6am start and it's 1:24am here.

I will be in tomorrow and the threads on watch.

One saving grace Netgear manuals are well written and the router I have here is similar (I don't have the antenas)

The firewall stuff is in section3 you may need to look at section 1.3 to log in and Netgear often have the login password written on the router (if you have not changed it (you should)) but there is a reset switch but note this may screw your internet connection settings

I will be in tomorrow. ;)
Alesbi wrote:I made a rule in my inbound services of my router to allow Any incoming traffic and divert it to the LAN server 192.168.0.5 (my Pi). This did not solve the problem. Same errors occur.
this is more like outside world to Pi
I'll give that a read. It's early here too, but I don't have an early start. Thanks very much and sorry for keeping you up so late! In future, don't feel obligated to stay on to help me, come and go as you please :D

Re: SSH not working

Posted: Tue Sep 04, 2012 4:54 am
by Wendo
Wow, this thread wanders around a lot.

Lets put to rest a lot of the things people are saying.

telnetting to the pi won't work, however, as most people seem to have missed, you've been telnetting to port 22 (the SSH port, not port 23 the normal telnet port) and that's why you're getting an SSH response. Which is good, and indicates at least that some part of the SSH server is running.

As has been mentioned, leave the pi connected to your router.

What I haven't seen is any information on your normal computer from a network point of view. Judging by whats been said it will also have a 192.168.0.x IP address normally, can you confirm that (run ipconfig from a command prompt)?

Secondly, from a command prompt on your computer can you ping the rpi IP address

Code: Select all

ping 192.168.0.5
what does that respond with? I would assume you'll get 4 replies with <1ms response

From there, what happens if you do the reverse, ie log into the rpi and try to ping the IP address of your computer

Code: Select all

ping -c 4 <ip address of computer>
assuming you also get replies from that we've established basic connectivity of both systems. The fact that you can telnet to the SSH port and get a response sort of confirms that already, but better safe than sorry, and if you do have full connectivity then it should be working already.

From there, you might want to try pinging google.com from the rpi

Code: Select all

 ping -c 4 www.google.com
this will confirm the rpi has correct gateway, netmask and DNS settings. If this doesn't work, then your router isn't handing out all this information and it could be the cause of the issues.

Let start with that and see what happens. From there we'll have a good idea if this is a netowrk issue, or something on the rpi

Re: SSH not working

Posted: Tue Sep 04, 2012 5:52 am
by Jim JKla
Wendo wrote: From there, what happens if you do the reverse, ie log into the rpi and try to ping the IP address of your computer
He can't no active keyboard available on RPi ;)

Thats why he needs ssh. ;)

Re: SSH not working

Posted: Tue Sep 04, 2012 6:58 am
by Wendo
Well that will make things tricky :/

Re: SSH not working

Posted: Tue Sep 04, 2012 8:53 am
by drgeoff
I'm not convinced that the router's firewall has anything to do with this. On all the home routers that I have encountered all the firewall, port forwarding, security stuff is only between the WAN and the LAN. All the LAN ports are on an ethernet switch and there is no way to control traffic between them.

The section 'Firewall Rules' on page 3-5 of the Netgear manual is quite explicit:

"Firewall rules block or allow specific traffic passing through from one side of the router to the other".

Thanks to Wendo for spotting what I had missed regarding the 'ssh' reply to a telnet request.

Re: SSH not working

Posted: Tue Sep 04, 2012 9:09 am
by Wendo
Oh I'd agree, unless the router has a DMZ or something this should "just work"

It's exceedingly weird that you can telnet to port 22 and confirm SSH is working, but can't actually connect with an SSH client from the same computer. The only thing I can think of is windows firewall isn't allowing the putty connection out, but that should be very obvious by a big prompt when you try to connect with putty

Of course, if that were the case then booting from the linux live cd and trying it should have also worked

Re: SSH not working

Posted: Tue Sep 04, 2012 9:19 am
by RaTTuS
what is the ip of your windows mahcine

Re: SSH not working

Posted: Tue Sep 04, 2012 9:40 am
by itimpi
drgeoff wrote:If I telnet to a host I don't expect a reply that mentions 'ssh'.
You should if you telnet to a port that is not a standard telnet port (23) but one for a SSH connection (22) :)

Re: SSH not working

Posted: Tue Sep 04, 2012 9:49 am
by james968
What happens if you boot up off the Linux Live CD (which you did before) and then run:

Code: Select all

ssh [email protected]<ipaddress of rpi> 
(or whatever IP address it is)

Also try adding -v to get more output form the command. (You can also add more v's to make it even more verbose).

James

Re: SSH not working

Posted: Tue Sep 04, 2012 9:51 am
by Alesbi
Note: I use a long line of hyphens to separate each response to a different post.
Wendo wrote:Wow, this thread wanders around a lot.

Lets put to rest a lot of the things people are saying.

telnetting to the pi won't work, however, as most people seem to have missed, you've been telnetting to port 22 (the SSH port, not port 23 the normal telnet port) and that's why you're getting an SSH response. Which is good, and indicates at least that some part of the SSH server is running.

As has been mentioned, leave the pi connected to your router.

What I haven't seen is any information on your normal computer from a network point of view. Judging by whats been said it will also have a 192.168.0.x IP address normally, can you confirm that (run ipconfig from a command prompt)?

Secondly, from a command prompt on your computer can you ping the rpi IP address

Code: Select all

ping 192.168.0.5
what does that respond with? I would assume you'll get 4 replies with <1ms response

From there, what happens if you do the reverse, ie log into the rpi and try to ping the IP address of your computer

Code: Select all

ping -c 4 <ip address of computer>
assuming you also get replies from that we've established basic connectivity of both systems. The fact that you can telnet to the SSH port and get a response sort of confirms that already, but better safe than sorry, and if you do have full connectivity then it should be working already.

From there, you might want to try pinging google.com from the rpi

Code: Select all

 ping -c 4 www.google.com
this will confirm the rpi has correct gateway, netmask and DNS settings. If this doesn't work, then your router isn't handing out all this information and it could be the cause of the issues.

Let start with that and see what happens. From there we'll have a good idea if this is a netowrk issue, or something on the rpi
Thanks for the detail. My laptop is normally 192.168.0.3. I can ping my Pi as normal from my laptop. Now, as for pinging stuff from the Pi. I SHOULD be able to get hold of a keyboard today - going to use USB->PS/2 adapter with my family pc's keyboard. So assuming that works, I get a keyboard. However, my TV and my router are in different parts of the house, making a wired connection to my router whilst using the TV impossible. It looks like its a case of one or the other I'm afraid (TV or Networking).
------------------------------------------------------------------------------------------------------------------------
Jim JKla wrote:
Wendo wrote: From there, what happens if you do the reverse, ie log into the rpi and try to ping the IP address of your computer
He can't no active keyboard available on RPi ;)

Thats why he needs ssh. ;)
Yeah, kinda :/ (see above)
------------------------------------------------------------------------------------------------------------------------
drgeoff wrote:I'm not convinced that the router's firewall has anything to do with this. On all the home routers that I have encountered all the firewall, port forwarding, security stuff is only between the WAN and the LAN. All the LAN ports are on an ethernet switch and there is no way to control traffic between them.

The section 'Firewall Rules' on page 3-5 of the Netgear manual is quite explicit:

"Firewall rules block or allow specific traffic passing through from one side of the router to the other".

Thanks to Wendo for spotting what I had missed regarding the 'ssh' reply to a telnet request.
The router manual, kindly provided by Jim JKla, does say the following as regards to its default rules for both incoming and outgoign traffic...
Netgear wrote:• Inbound. Block all access from outside except responses to requests from the LAN side.
• Outbound. Allow all access from the LAN side to the outside.
Basically, LAN traffic is not blocked at all, it seems. So I don't think it's the router's firewall either (although I did make an exception to allow all traffic to 192.168.0.5, and this didn't help.
----------------------------------------------------------------------------------------------------------------------------------
RaTTuS wrote:what is the ip of your windows mahcine
192.168.0.3
------------------------------------------------------------------------------------------------------------------
james968 wrote:What happens if you boot up off the Linux Live CD (which you did before) and then run:

Code: Select all

ssh [email protected]<ipaddress of rpi> 
(or whatever IP address it is)

Also try adding -v to get more output form the command. (You can also add more v's to make it even more verbose).

James
I get connection reset by peer. See terminal on the left hand side of this picture.

Image
larger picture here: http://i.imgur.com/b3Ui3.png

Re: SSH not working

Posted: Tue Sep 04, 2012 10:06 am
by Alesbi
This fellow: http://www.hjackson.org/blog/archives/2 ... et-by-peer

talks about adding

ServerAliveInterval = 300
ServerAliveCountMax = 300

to /etc/ssh/ssh_config. What you think?

and does anyone think my problem might be related to SSH keys?

Re: SSH not working

Posted: Tue Sep 04, 2012 10:28 am
by james968
Hi,

Can you power cycle the RPi? and then attempt to ssh to it again. (Make sure the network cable stays connected during the whole process).

(Also during the boot process, do you see any messages about SSH?)

James

Re: SSH not working

Posted: Tue Sep 04, 2012 10:54 am
by jojopi
Alesbi wrote:and does anyone think my problem might be related to SSH keys?
Yes. Connection reset without prompting for a password is consistent with the Pi's ssh host keys being missing or corrupt. With a keyboard on the Pi, you can regenerate these with:

Code: Select all

sudo mv /etc/ssh/ssh_host_* /root/
sudo dpkg-reconfigure openssh-server
Or, as root on another linux box with the Pi's SD card in a card reader:

Code: Select all

mount /dev/sdX2 /mnt   # for some value of X, or it could be mmcblk0p2
mv /mnt/etc/ssh/ssh_host_* /mnt/root/
yes |ssh-keygen -q -N "" -t rsa -f /mnt/etc/ssh/ssh_host_rsa_key
yes |ssh-keygen -q -N "" -t dsa -f /mnt/etc/ssh/ssh_host_dsa_key
yes |ssh-keygen -q -N "" -t ecdsa -f /mnt/etc/ssh/ssh_host_ecdsa_key 2>/dev/null
sync
umount /dev/sdX2
eject /dev/sdX
Now, if you are using the recommended raspbian or debian images, the host keys should have been generated on first boot. So if the above fixes your problem then can you check afterwards for clues as to what might have gone wrong with that:

Code: Select all

cat /var/log/regen_ssh_keys.log
sudo ls --full-time /root
sudo ssh-keygen -lf /root/ssh_host_rsa_key
sudo ssh-keygen -lf /root/ssh_host_dsa_key
sudo ssh-keygen -lf /root/ssh_host_ecdsa_key

Re: SSH not working

Posted: Tue Sep 04, 2012 11:41 am
by drgeoff
Alesbi

Looks like you are in a Catch 22 situation. You are stuck until you have a working keyboard on the RPi. :)

Re: SSH not working

Posted: Tue Sep 04, 2012 12:07 pm
by Alesbi
jojopi wrote:
Alesbi wrote:and does anyone think my problem might be related to SSH keys?
Yes. Connection reset without prompting for a password is consistent with the Pi's ssh host keys being missing or corrupt. With a keyboard on the Pi, you can regenerate these with:

Code: Select all

sudo mv /etc/ssh/ssh_host_* /root/
sudo dpkg-reconfigure openssh-server
Or, as root on another linux box with the Pi's SD card in a card reader:

Code: Select all

mount /dev/sdX2 /mnt   # for some value of X, or it could be mmcblk0p2
mv /mnt/etc/ssh/ssh_host_* /mnt/root/
yes |ssh-keygen -q -N "" -t rsa -f /mnt/etc/ssh/ssh_host_rsa_key
yes |ssh-keygen -q -N "" -t dsa -f /mnt/etc/ssh/ssh_host_dsa_key
yes |ssh-keygen -q -N "" -t ecdsa -f /mnt/etc/ssh/ssh_host_ecdsa_key 2>/dev/null
sync
umount /dev/sdX2
eject /dev/sdX
Now, if you are using the recommended raspbian or debian images, the host keys should have been generated on first boot. So if the above fixes your problem then can you check afterwards for clues as to what might have gone wrong with that:

Code: Select all

cat /var/log/regen_ssh_keys.log
sudo ls --full-time /root
sudo ssh-keygen -lf /root/ssh_host_rsa_key
sudo ssh-keygen -lf /root/ssh_host_dsa_key
sudo ssh-keygen -lf /root/ssh_host_ecdsa_key
Thanks for all these commands. I think I understand how to perform the Pi ones. Can the new SSH keys be generated offline?