/etc/hosts change ssh problem

Discussion in 'Installation/Configuration' started by bswinnerton, Aug 25, 2007.

  1. bswinnerton

    bswinnerton New Member

    Hi, sorry for all of the questions that i have...

    I just changed the ip address in /etc/hosts and since i did, ssh stopped working it says that the connection timed out, but i changed it back and still cannot connect, where should i start to troubleshoot?
     
  2. bswinnerton

    bswinnerton New Member

    I just noticed, ftp is down as well.
     
  3. falko

    falko Super Moderator

    Any errors in your logs? What's in /etc/hosts now? Did you restart SSH?
     
  4. bswinnerton

    bswinnerton New Member

    Okay, i attached my current /etc/hosts file.

    As far as logs... I'm looking in the web1/log/error.log and not seeing anything. When i try to ssh in it times out, and yes i have restarted ssh.

    Thanks for all of your help.
     

    Attached Files:

  5. till

    till Super Moderator

    SSH does not log to a local apache error logfile.Plesae have a look in the syslog, messages log or auth.log in the directory /var/log/
     
  6. bswinnerton

    bswinnerton New Member

    Okay, two of the logs showed up stuff, auth.log had nothing:

    Code:
    messages log 
    
    Aug 27 22:25:47 ubuntuserver kernel: [170597.552184] Inbound IN=eth0 OUT= MAC=00:03:47:8b:82:37:00:1a:c4:69:d5:29:08:00 SRC=[B]MYIPADDRESS[/B] DST=[B]MYSERVERSIPADDRESS[/B] LEN=48 TOS=0x00 PREC=0x00 TTL=56 ID=10198 DF PROTO=TCP SPT=49205 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0 
    
    syslog
     
    Aug 27 22:24:28 ubuntuserver kernel: [170518.611539] Inbound IN=eth0 OUT= MAC=00:03:47:8b:82:37:00:1a:c4:69:d5:29:08:00 SRC=[B]MYIPADDRESS[/B] DST=[B]MYSERVERSIPADDRESS[/B] LEN=333 TOS=0x00 PREC=0x00 TTL=255 ID=61626 DF PROTO=UDP SPT=67 DPT=68 LEN=313 
    
    auth.log 
    
    nothing 
    Exactly what I get in my terminal window is:

    Code:
    ssh [b]MYSERVERSIPADDRESS[/b] -l administrator
    ssh: connect to host [b]MYSERVERSIPADDRESS[/b] port 22: Operation timed out
     
    Last edited: Aug 28, 2007
  7. till

    till Super Moderator

    Please post the output of:

    iptables -L

    and

    netstat -tap
     
  8. bswinnerton

    bswinnerton New Member

    Okay, iptables -l shows:

    Code:
    Chain INPUT (policy DROP)
    target     prot opt source               destination        
    ACCEPT     tcp  --  home                 anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN
    ACCEPT     udp  --  home                 anywhere           
    ACCEPT     0    --  anywhere             anywhere           
    ACCEPT     icmp --  anywhere             anywhere            limit: avg 10/sec burst 5
    DROP       0    --  anywhere             255.255.255.255    
    DROP       0    --  anywhere             adsl-76-243-116-255.dsl.wlfrct.sbcglobal.net
    DROP       0    --  BASE-ADDRESS.MCAST.NET/8  anywhere           
    DROP       0    --  anywhere             BASE-ADDRESS.MCAST.NET/8
    DROP       0    --  255.255.255.255      anywhere           
    DROP       0    --  anywhere             0.0.0.0            
    DROP       0    --  anywhere             anywhere            state INVALID
    LSI        0    -f  anywhere             anywhere            limit: avg 10/min burst 5
    INBOUND    0    --  anywhere             anywhere           
    LOG_FILTER  0    --  anywhere             anywhere           
    LOG        0    --  anywhere             anywhere            LOG level info prefix `Unknown Input'
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination        
    ACCEPT     icmp --  anywhere             anywhere            limit: avg 10/sec burst 5
    LOG_FILTER  0    --  anywhere             anywhere           
    LOG        0    --  anywhere             anywhere            LOG level info prefix `Unknown Forward'
    
    Chain OUTPUT (policy DROP)
    target     prot opt source               destination        
    ACCEPT     tcp  --  ubuntuserver         home                tcp dpt:domain
    ACCEPT     udp  --  ubuntuserver         home                udp dpt:domain
    ACCEPT     0    --  anywhere             anywhere           
    DROP       0    --  BASE-ADDRESS.MCAST.NET/8  anywhere           
    DROP       0    --  anywhere             BASE-ADDRESS.MCAST.NET/8
    DROP       0    --  255.255.255.255      anywhere           
    DROP       0    --  anywhere             0.0.0.0            
    DROP       0    --  anywhere             anywhere            state INVALID
    OUTBOUND   0    --  anywhere             anywhere           
    LOG_FILTER  0    --  anywhere             anywhere           
    LOG        0    --  anywhere             anywhere            LOG level info prefix `Unknown Output'
    
    Chain INBOUND (1 references)
    target     prot opt source               destination        
    ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:5900
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:5900
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:3389
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:3389
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:25
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:bootps
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:bootps
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:mysql
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:www:81
    ACCEPT     udp  --  anywhere             anywhere            udp dpts:www:81
    LSI        0    --  anywhere             anywhere           
    
    Chain LOG_FILTER (5 references)
    target     prot opt source               destination        
    
    Chain LSI (2 references)
    target     prot opt source               destination        
    LOG_FILTER  0    --  anywhere             anywhere           
    LOG        tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
    DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN
    LOG        tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
    DROP       tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/RST
    LOG        icmp --  anywhere             anywhere            icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
    DROP       icmp --  anywhere             anywhere            icmp echo-request
    LOG        0    --  anywhere             anywhere            limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
    DROP       0    --  anywhere             anywhere           
    
    Chain LSO (1 references)
    target     prot opt source               destination        
    LOG_FILTER  0    --  anywhere             anywhere           
    LOG        0    --  anywhere             anywhere            limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
    REJECT     0    --  anywhere             anywhere            reject-with icmp-port-unreachable
    
    Chain OUTBOUND (1 references)
    target     prot opt source               destination        
    ACCEPT     icmp --  anywhere             anywhere           
    ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     0    --  anywhere             10.0.1.37          
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:www
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:https
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:25
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:ssh
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpts:ftp-data:ftp
    ACCEPT     udp  --  anywhere             anywhere            udp dpts:20:fsp
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:81
    ACCEPT     udp  --  anywhere             anywhere            udp dpt:81
    LSO        0    --  anywhere             anywhere 
    and netstat -tap shows the following:

    Code:
    (Not all processes could be identified, non-owned process info
     will not be shown, you would have to be root to see it all.)
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name  
    tcp        0      0 localhost:2208          *:*                     LISTEN     -                  
    tcp        0      0 *:mysql                 *:*                     LISTEN     -                  
    tcp        0      0 *:www                   *:*                     LISTEN     -                  
    tcp        0      0 *:81                    *:*                     LISTEN     -                  
    tcp        0      0 ubuntuserver:domain     *:*                     LISTEN     -                  
    tcp        0      0 localhost:domain        *:*                     LISTEN     -                  
    tcp        0      0 localhost:ipp           *:*                     LISTEN     -                  
    tcp        0      0 *:smtp                  *:*                     LISTEN     -                  
    tcp        0      0 localhost:953           *:*                     LISTEN     -                  
    tcp        0      0 localhost:2207          *:*                     LISTEN     -                  
    tcp6       0      0 *:imaps                 *:*                     LISTEN     -                  
    tcp6       0      0 *:pop3s                 *:*                     LISTEN     -                  
    tcp6       0      0 *:5900                  *:*                     LISTEN     5410/vino-server   
    tcp6       0      0 *:pop3                  *:*                     LISTEN     -                  
    tcp6       0      0 *:imap2                 *:*                     LISTEN     -                  
    tcp6       0      0 *:ftp                   *:*                     LISTEN     -                  
    tcp6       0      0 *:ssh                   *:*                     LISTEN     -                  
    tcp6       0      0 *:smtp                  *:*                     LISTEN     -                  
    tcp6       0      0 ip6-localhost:953       *:*                     LISTEN     -                  
    tcp6       0      0 ubuntuserver:5900       66-159-147-201.ad:49156 ESTABLISHED5410/vino-server 
    
    
    P.S. I just noticed that I cannot ping my servers ip address, I can however get through to the website and I can also ping my webservers router, not sure if this has anything to do with it, but anything that may help.
     
    Last edited: Aug 29, 2007
  9. falko

    falko Super Moderator

    SSH and FTP are both listening on tcp6. What's in /etc/hosts?
     
  10. bswinnerton

    bswinnerton New Member

    Code:
    127.0.0.1 localhost
    127.0.1.1 ubuntuserver.gateway.2wire.net ubuntuserver
    
    # The following lines are desirable for IPv6 capable hosts
    ::1 ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts
     
  11. falko

    falko Super Moderator

    What's the output of
    Code:
    ifconfig
    ?
     
  12. bswinnerton

    bswinnerton New Member

    eth0 Link encap:Ethernet HWaddr 00:03:47:8B:82:37 inet addr:76.243.116.170 Bcast:76.243.116.255 Mask:255.255.255.0 inet6 addr: fe80::203:47ff:fe8b:8237/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:306806 errors:0 dropped:0 overruns:0 frame:0 TX packets:133092 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:30395057 (28.9 MiB) TX bytes:99807827 (95.1 MiB)

    lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:36886 errors:0 dropped:0 overruns:0 frame:0 TX packets:36886 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:16164580 (15.4 MiB) TX bytes:16164580 (15.4 MiB)
     
  13. falko

    falko Super Moderator

    Modify /etc/hosts like this:

    Code:
    127.0.0.1 localhost.localdomain localhost
    76.243.116.170 ubuntuserver.gateway.2wire.net ubuntuserver
    
    # The following lines are desirable for IPv6 capable hosts
    ::1 ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts
     
  14. bswinnerton

    bswinnerton New Member

    ..Still nothing, it does the same thing. I editied it and restarted.
     
  15. bswinnerton

    bswinnerton New Member

    I also reset my router totally (which is also my firewall) in case it was a fiewall setting, but that did nothing.

    Any more ideas?
     
  16. falko

    falko Super Moderator

    Are you trying to connect locally, or from a system outside your LAN? If the latter, ask your ISP if they are blocking certain ports such as SSH...
     
  17. bswinnerton

    bswinnerton New Member

    The only thing that i am confused about is that this all worked before, would they of started blocking it just recently? I thought it was right around the time that I changed my etc/hosts file.

    Plus I cannot connect locally because it is a static ip and my router doesn't allow local addresses when you have a static ip.

    UPDATE: I just called them and asked if they blocked it and they said no.
     
    Last edited: Sep 1, 2007
  18. bswinnerton

    bswinnerton New Member

    I suppose i could re-install my os.

    If i do, where can i find all of the mail and such so that i won't lose it.

    Thanks.
     
  19. falko

    falko Super Moderator

    If you're using mbox, all mailboxes are in /var/spool/mail. If you're using Maildir, there's a Maildir for each user in his homedir.
     
  20. bswinnerton

    bswinnerton New Member

    Can anyone help me?
     

Share This Page