2

This is all within a LAN. My server can be pinged. I can run php apps on my server from within the LAN.

I have installed openssh-server. I tried the command:

ps aux

and it shows the:

process listed as /usr/sbin/sshd -D

However, when I try the command:

netstat -tulpn

the PID/Program name column is blank (I mean it has a hyphen).

Honestly, I don't understand this area too well.

But the strange thing is that SSH used to work but it suddenly stopped. I'd really love to have some help on resolving this.

EDIT:

I Just realised that I cannot even run php apps via a browser. But localhost in the URI works with the default index.html page.

MORE INFO:

Just for the record, I never changed any iptables settings. Only after I got stuck with this problem that I did iptables -F.

I've even tried reinstalling ssh a couple of times but I do get the feeling that the entries in iptables are causing this problem as I learnt from the comments of below.

If I turn off the firewall with ufw disable, ssh localhost works.

Now when I try accessing this server from another PC, I get a pretty big error message like this:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @   
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS
POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be
eavesdropping on you right now (man-in-the-middle attack)! It is also
possible that a host key has just been changed. The fingerprint for
the ECDSA key sent by the remote host is
d4:........4:e9:75:06:61. Please contact your
system administrator. Add correct host key in
/home/khalid/.ssh/known_hosts to get rid of this message. Offending
ECDSA key in /home/khalid/.ssh/known_hosts:1   remove with: ssh-keygen
-f "/home/khalid/.ssh/known_hosts" -R 192.168.1.6 ECDSA host key for 192.168.X.X has changed and you have requested strict checking. Host key verification failed.

and there's no connection.

belacqua
  • 23,540
itsols
  • 1,200

2 Answers2

2

PID/Program name is blank because you are not running as root, try,

sudo netstat -tupln

You can ssh localhost to check if the sshd is working. Check the firewall afterward.

EDIT:

After looking into the syslog I realised that the server was blocking inputs from eth1. So what I did was use 

sudo ufw allow 22

and accept inputs from this port.

I don't know why it worked before and stopped. And this is the first time I enabled this port to get ssh working. But this did the trick.

Many thanks to neo and gertvdijk for the inputs.

Tom Brossman
  • 13,297
neo
  • 219
  • 2
  • 6
1

I did not think it was necessary to post my own answer since it was a few steps based on the comments from @gertvdijk and @neo. Anyway, here it is a complete answer.

Many thanks to neo and gertvdijk for their inputs. Here's what I did to get it working:

  1. Checked the file /var/log/syslog using this command:

    sud editor /var/log/syslog

  2. Identified the entries that apparently suggested that incoming traffic on the LAN's ethernet card was blocked. The following is NOT the exact entry but it should give someone an idea:

    [UFW BLOCK] IN=eth1 OUT= MAC =.... SRC=$

    So if you have similar entries, you're blocked. In my case, eth1 connects to my LAN and eth0 to the Internet. The STRANGE thing though, is that I had never enabled or disabled the firewall. So I'm stumped as to how this could have happened.

  3. Any way, I used sudo ufw allow 22 to allow inputs from this port.

I don't know why it worked before and suddenly stopped. But these steps did the trick.

Once again, thanks for all the support!

itsols
  • 1,200