|
[Original]
[Print]
[Top]
|
I'm trying to test a new network configuration, and exposing my ssh port
to the Internet. I'm having a friend of my test both smtp and ssh from
his host. He can telnet to my smtp port just fine, but my ssh port
disconnects on him, like so:
[root@friendshost:/usr/u/friend:1753]$ telnet 123.123.123.12 22
Trying 123.123.123.12...
Connected to 123.123.123.12.
Escape character is '^]'.
Connection closed by foreign host.
I think this is the right thing for ssh to do when contacted by telnet.
My ssh doesn't have any knowledge of the other host's keys.
Your thoughts?
Thanks....
--
PLEASE post a SUMMARY of the answer(s) to your question(s)!
Show Windows & Gates to the exit door.
Unless otherwise noted, the statements herein reflect my personal
opinions and not those of any organization with which I may be affiliated.
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Kevin the Drummer wrote:
I'm trying to test a new network configuration, and exposing my ssh port
to the Internet. I'm having a friend of my test both smtp and ssh from
his host. He can telnet to my smtp port just fine, but my ssh port
disconnects on him, like so:
root@friendshost:/usr/u/friend:1753]$ telnet 123.123.123.12 22
Trying 123.123.123.12...
Connected to 123.123.123.12.
Escape character is '^]'.
Connection closed by foreign host.
I think this is the right thing for ssh to do when contacted by telnet.
My ssh doesn't have any knowledge of the other host's keys.
Your thoughts?
Thanks....
From outside:
ian@externalhost:~$ telnet my.host.name 2222
Trying XX.XX.XX.XX...
Connected to my.host.name.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.2p1 Debian-5
From inside:
ian@internalhost:~$ telnet my.host.name 22
Trying 192.168.1.14...
Connected to my.host.name.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.2p1 Debian-5
(port 2222 external is forwarded to port 22).
--
echo izn@pwlvkqrw.nwv|tr zwvq aeto
|
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
nobody@tek.com (Kevin the Drummer) (06-01-26 20:11:14):
I'm trying to test a new network configuration, and exposing my ssh
port to the Internet. I'm having a friend of my test both smtp and
ssh from his host. He can telnet to my smtp port just fine, but my
ssh port disconnects on him, like so:
root@friendshost:/usr/u/friend:1753]$ telnet 123.123.123.12 22
Trying 123.123.123.12...
Connected to 123.123.123.12.
Escape character is '^]'.
Connection closed by foreign host.
I think this is the right thing for ssh to do when contacted by
telnet. My ssh doesn't have any knowledge of the other host's keys.
Your thoughts?
SSH is not a Telnet protocol. As such, you will never have success
using Telnet for an SSH service.
Regards.
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Ertugrul Soeylemez wrote:
SSH is not a Telnet protocol. As such, you will never have success
using Telnet for an SSH service.
Regards.
However, you should at least be able to get the header-thing (example.
'SSH-2.0-OpenSSH_4.2p1 Debian-5'), rather than having the connection
terminate immediately. I think OP was using telnet just to verify the
remote machine could get to ssh, not as an attempt to log in to an sshd
using a telnet client.
--
echo izn@pwlvkqrw.nwv|tr zwvq aeto
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Ertugrul Soeylemez wrote:
nobody@tek.com (Kevin the Drummer) (06-01-26 20:11:14):
I'm trying to test a new network configuration, and exposing my ssh
port to the Internet. I'm having a friend of my test both smtp and
ssh from his host. He can telnet to my smtp port just fine, but my
ssh port disconnects on him, like so:
root@friendshost:/usr/u/friend:1753]$ telnet 123.123.123.12 22
Trying 123.123.123.12...
Connected to 123.123.123.12.
Escape character is '^]'.
Connection closed by foreign host.
I think this is the right thing for ssh to do when contacted by
telnet. My ssh doesn't have any knowledge of the other host's keys.
Your thoughts?
SSH is not a Telnet protocol. As such, you will never have success
using Telnet for an SSH service.
Regards.
If you read closer, you will find that he is using telnet as a debugging
tool and not a connection tool.
|
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Ian Kilgore [invalid@address.see.sig] wrote:
However, you should at least be able to get the header-thing (example.
'SSH-2.0-OpenSSH_4.2p1 Debian-5'), rather than having the connection
terminate immediately. I think OP was using telnet just to verify the
remote machine could get to ssh, not as an attempt to log in to an sshd
using a telnet client.
I am OP, and you are right about what I was trying to do.
Thx...
--
PLEASE post a SUMMARY of the answer(s) to your question(s)!
Show Windows & Gates to the exit door.
Unless otherwise noted, the statements herein reflect my personal
opinions and not those of any organization with which I may be affiliated.
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
|
SSH is not a Telnet protocol. As such, you will never have success
using Telnet for an SSH service.
telnet (the application) is a *universal tcp client*, and as such,
it can succesfully establish a "raw" connection to any server, any
service (provided that it is tcp-based).
Whether or not the user is able to transmit the right data and
interpret the incoming data for the connection to be maintained,
that's a different story.
But surely, you can run: telnet www.somehost.com 80
And then, at telnet prompt, type:
GET / HTTP/1.1
Host: www.somehost.com
Connection: close
And at the time you hit enter twice, you'll receive the index.html
document from the given host (and then the connection will be closed
by the server).
This is a result of the HTTP protocol being extremely simple (at
least for simple requests) -- simple enough that you can easily
manage to type the correct commands without any timing, encryption,
or other weird constraints.
As others have pointed out, the OP should at least expect the
"welcome" message that an SSH server transmits upon accepting
the connection.
For the OP: maybe you should take a closer look at the sshd
config file -- there seem to be restrictions that are disallowing
the connection (perhaps number of connections, or acceptable
IPs for incoming connections, etc.).
HTH,
Carlos
--
|
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Carlos Moreno [moreno_at_mochima_dot_com@mailinator.com] wrote:
telnet (the application) is a *universal tcp client*
[plug]
Almost as good as netcat.
[/plug]
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
In news:D3kCf.52137$0h.9882@tornado.southeast.rr.com,
Ian Kilgore [invalid@address.see.sig] wrote:
SSH is not a Telnet protocol. As such, you will never have success
However, you should at least be able to get the header-thing (example.
'SSH-2.0-OpenSSH_4.2p1 Debian-5'), rather than having the connection
terminate immediately. I think OP was using telnet just to verify the
remote machine could get to ssh, not as an attempt to log in to an sshd
using a telnet client.
He would have gotten a "protocol mismatch" error had he attempted to
establish a login.
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Carlos Moreno [moreno_at_mochima_dot_com@mailinator.com] (06-01-27 17:40:46):
SSH is not a Telnet protocol. As such, you will never have success
using Telnet for an SSH service.
telnet (the application) is a *universal tcp client*, and as such, it
can succesfully establish a "raw" connection to any server, any
service (provided that it is tcp-based).
No, it is not. Telnet is a terminal protocol, hence it has a few
non-raw features like Telnet negotiation and terminal escape codes,
which get handled by the client -- and yes, all Telnet clients _must_
handle them. In fact, theoretically it may even be a security risk to
use Telnet to do that. Some Telnet clients (or the terminals they run
in) include escape codes, with which you can change keyboard
assignments, or similar.
Better use Netcat for this. There are no negotiation codes, with which
a hostile server could gain login informations. The terminal escapes
can be gotten around by piping the output through 'cat -v' (if even
desired).
Regards.
|
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
"ynotssor" [ynotssor@example.net] (06-01-27 15:50:49):
SSH is not a Telnet protocol. As such, you will never have success
However, you should at least be able to get the header-thing
(example. 'SSH-2.0-OpenSSH_4.2p1 Debian-5'), rather than having the
connection terminate immediately. I think OP was using telnet just
to verify the remote machine could get to ssh, not as an attempt to
log in to an sshd using a telnet client.
He would have gotten a "protocol mismatch" error had he attempted to
establish a login.
.... had he even attempted to type a few characters. But I guess you
meant that.
Regards.
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Ken K [kkauffman@nospam.headfog.com] (06-01-27 08:59:30):
SSH is not a Telnet protocol. As such, you will never have success
using Telnet for an SSH service.
If you read closer, you will find that he is using telnet as a
debugging tool and not a connection tool.
He shouldn't do so. Netcat is the debugging tool to use in this case.
Regards.
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Ertugrul Soeylemez wrote:
Ken K [kkauffman@nospam.headfog.com] (06-01-27 08:59:30):
SSH is not a Telnet protocol. As such, you will never have success
using Telnet for an SSH service.
If you read closer, you will find that he is using telnet as a
debugging tool and not a connection tool.
He shouldn't do so. Netcat is the debugging tool to use in this case.
Regards.
Perhaps, but your opinion about which tool to use really was not what he was
asking for, if you read the original post.
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Carlos Moreno [moreno_at_mochima_dot_com@mailinator.com] wrote:
SSH is not a Telnet protocol. As such, you will never have success
using Telnet for an SSH service.
telnet (the application) is a *universal tcp client*, and as such,
it can succesfully establish a "raw" connection to any server, any
service (provided that it is tcp-based).
Whether or not the user is able to transmit the right data and
interpret the incoming data for the connection to be maintained,
that's a different story.
Hehehe.
"Sure, Bob, you /can/ telnet to port 22, but as we use DSA & Blowfish,
you've gotta be *real good* at mental arithmetic for it to work"
rgds, Alan
--
99 Ducati 748BP, 95 Ducati 600SS, 81 Guzzi Monza, 74 MV Agusta 350
"Ride to Work, Work to Ride" SI# 7.067 DoD#1930 PGP Key 0xBDED56C5
|
|
|
[Original]
[Print]
[Top]
|
|
The content of this page is collected from Linux Forum, All copyrights and other associated rights are reserved by the original authors of the articles.