> doesn't have to drive there, he can always use ssh. The OP never said
> ssh to some machine outside is not working, so its a fair assumption
> that he can.
Yes, you are absolutely right. ssh to other outsides nodes with global
ip works well.
Thanks,
AA
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
10-24-2011, 02:18 AM
Marko Vojinovic
Unable to ssh nodes with global IP
On Monday 24 October 2011 02:18:39 Ed Greshko wrote:
> On 10/24/2011 02:04 AM, Joe Zeff wrote:
> > On 10/23/2011 02:09 AM, Abu Attar Musharih wrote:
> >> The customer service said that ssh is not allowed. So, what to do
> >> then? I badly need a server with global IP for experimenting grid
> >> computing.
> >
> > Configure ssh to use a non-standard port such as 6002.
>
> FWIW.... If an ISP has gone through the trouble of blocking ports of
> well known services chances are they have also blocked incoming SYN
> packets on higher ports as well.
>
> Thus my suggestion to use a port of a well known service that is allowed.
Oh, be careful Ed, :-)
I got bashed quite a lot for suggesting a similar thing about openvpn couple
of threads ago... I learned that the proper, politically correct way to answer
this is the following: if the ISP decided to block port 22, they probably did
it for security reasons (and not because someone over there is a moron), and
it's both illegal and unethical to go behind their backs and create a tunnel
through their firewall without their consent. The OP should check his contract
with the ISP, because it might be illegal or against their terms of service to
use ssh on their network. He might get sued and end up in jail, for all we
know.
You wouldn't want to encourage the OP into such bad behavior by giving out
advice to use an open port outside of its intended purposes, would you now?
:-D
Oh, btw, as a piece of preemptive advice --- if you reply to this, don't use
any strange words like "legitimate" or similar, 'cause someone might pick up a
dictionary against you... ;-)
P.S. Sorry folks, just couldn't resist... :-D No hard feelings, Ed! :-)
Best, :-)
Marko
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
10-24-2011, 02:32 AM
Abu Attar Musharih
Unable to ssh nodes with global IP
On Mon, Oct 24, 2011 at 12:30 AM, Rick Sewill <rsewill@gmail.com> wrote:
> Question to the OP please. *Are you also behind your own router?
> Does it run NAT? *If yes, is it configured to forward an ssh connection,
> from the Internet, to your local host?
No, I am not. I do not have any router. My laptop is connecting via
mobile broadband and have a global IP.
$ ifconfig
ppp0 Link encap:Point-to-Point Protocol
inet addr:120.166.xx.xxx P-t-P:10.64.64.64 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:4245 errors:0 dropped:0 overruns:0 frame:0
TX packets:4914 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:1253230 (1.1 MiB) TX bytes:948317 (926.0 KiB)
>
-deleted-
>
> How can one tell if one is behind a router that uses NAT?
> What is your local host's IP address?
> If your host's IP address is in the range, listed by rfc 1918,
> http://www.rfc-editor.org/rfc/rfc1918.txt
> 192.168.0.0 - 192.168.255.255, 172.16.0.0 - 172.31.255.255,
> or 10.0.0.0 - 10.255.255.255, you are behind a router running NAT.
If I switch my connection to another provider, so that I have my own
router, and the IP of the nodes are no longer global, (IP range
192.168.1. 1 etc), I can ssh between them, as well as to outside.
regards,
AA
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
10-24-2011, 02:35 AM
Ed Greshko
Unable to ssh nodes with global IP
On 10/24/2011 10:18 AM, Marko Vojinovic wrote:
> P.S. Sorry folks, just couldn't resist... :-D No hard feelings, Ed! :-)
No hard feelings.... But.....
ISP â‰* Employer
--
Even if you do learn to speak correct English, whom are you going to
speak it to? -- Clarence Darrow
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
10-24-2011, 02:41 AM
Abu Attar Musharih
Unable to ssh nodes with global IP
On Mon, Oct 24, 2011 at 11:18 AM, Marko Vojinovic <vvmarko@gmail.com> wrote:
>>
>> Thus my suggestion to use a port of a well known service that is allowed.
>
> Oh, be careful Ed, :-)
>
> I got bashed quite a lot for suggesting a similar thing about openvpn couple
> of threads ago... I learned that the proper, politically correct way to answer
> this is the following: if the ISP decided to block port 22, they probably did
> it for security reasons (and not because someone over there is a moron), and
> it's both illegal and unethical to go behind their backs and create a tunnel
> through their firewall without their consent. The OP should check his contract
> with the ISP, because it might be illegal or against their terms of service to
> use ssh on their network. He might get sued *and end up in jail, for all we
> know.
>
> You wouldn't want to encourage the OP into such bad behavior by giving out
> advice to use an open port outside of its intended purposes, would you now?
> :-D
>
> Oh, btw, as a piece of preemptive advice --- if you reply to this, don't use
> any strange words like "legitimate" or similar, 'cause someone might pick up a
> dictionary against you... ;-)
>
> P.S. Sorry folks, just couldn't resist... :-D No hard feelings, Ed! :-)
>
With the same provider and the same type of service, I used to be able
to do INCOMING SHH to the laptop connecting via the service. It seemed
they have changed just recently without any clear explanation to the
customer.
best,
AA
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
10-24-2011, 03:07 AM
Marko Vojinovic
Unable to ssh nodes with global IP
On Monday 24 October 2011 03:35:12 Ed Greshko wrote:
> On 10/24/2011 10:18 AM, Marko Vojinovic wrote:
> > P.S. Sorry folks, just couldn't resist... :-D No hard feelings, Ed! :-)
>
> No hard feelings.... But.....
>
> ISP â‰* Employer
Oh, so if they are paying you, it's unethical to break the firewall, but if you
are paying them, then it's perfectly ok to do so?
Silly me, how did I forget that people's ethics and rules of behavior depend
on the direction of the money flow... ;-) Not to mention that the arguments of
security and "rules are there for a reason" work only if you are on the
receiving side of that flow...
None of this is directed particularly to you Ed, it's just that sometimes I
almost enjoy losing an argument in a discussion, just to be able to explore
the ultimate level of sanity of the counter-argument.
P.S. For the OP: in case you missed that previous thread I reffered to, here's
the link:
Maybe you'll find some useful advice there, at least practical if not
philosophical. ;-)
Best, :-)
Marko
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
10-24-2011, 03:24 AM
Marko Vojinovic
Unable to ssh nodes with global IP
On Monday 24 October 2011 04:07:35 Marko Vojinovic wrote:
> P.S. For the OP: in case you missed that previous thread I reffered to,
> here's the link:
>
> http://lists.fedoraproject.org/pipermail/users/2011-October/406090.html
It appears that the thread was lousy threaded, here are the remaining parts:
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
10-24-2011, 05:12 AM
Reindl Harald
Unable to ssh nodes with global IP
Am 24.10.2011 05:07, schrieb Marko Vojinovic:
> On Monday 24 October 2011 03:35:12 Ed Greshko wrote:
>> On 10/24/2011 10:18 AM, Marko Vojinovic wrote:
>>> P.S. Sorry folks, just couldn't resist... :-D No hard feelings, Ed! :-)
>>
>> No hard feelings.... But.....
>>
>> ISP â‰* Employer
>
> Oh, so if they are paying you, it's unethical to break the firewall, but if you
> are paying them, then it's perfectly ok to do so?
if you really still not understand why someone MUST NOT break in through
his companies fierwalls you should be fired now and never get a job
again whereever this could be a topic
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
10-24-2011, 08:35 AM
suvayu ali
Unable to ssh nodes with global IP
On Mon, Oct 24, 2011 at 03:48, Abu Attar Musharih
<abuattar.musharih@gmail.com> wrote:
>> 4. if this last step shows you that connection is not happening, you
>> * can try looking at your router settings. there should be a way to
>> * port forward your ssh connections to port 22 of the machine you want
>> * to use as a server.
>
> The problem is, ssh does not work from another online laptop to to this machine.
> Neither does ping.
Can you see entries corresponding to each login attempt in /var/log/secure?
--
Suvayu
Open source is the future. It sets us free.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
10-24-2011, 11:15 AM
Abu Attar Musharih
Unable to ssh nodes with global IP
On Mon, Oct 24, 2011 at 4:35 PM, suvayu ali <fatkasuvayu+linux@gmail.com> wrote:
> Can you see entries corresponding to each login attempt in /var/log/secure?
I tried INCOMING ssh several times and check file /var/log/secure
No entries related to login attempt found.
Now, it becomes even worse. Yesterday I could do OUTGOING ssh, but not anymore.
The following site is inaccessible
http://www.yougetsignal.com/tools/open-ports/
While using different provider, there is no problem.
Regards,
AA
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Unable to ssh nodes with global IP
