From: Henrik.Carlqvist@deadspam.com   
      
   On Sat, 04 Sep 2021 04:32:20 +0000, carriunix wrote:   
   > Hi, slackers. I'm trying to configure a machine to allow ssh   
   > connections, but I'm facing some problems. Let me describe what I have:   
   > I set up a fresh Slackware64-current (15.0-rc1) install, without KDE and   
   > XFCE packages. I configured shhd_config file to port 3333, which is the   
   > only one opened at the facility where my server (let's call it server1)   
   > is installed. Then, I tested the ssh inside local network, and it did   
   > worked. When I did got home, I tried again, and I got "connection  timed   
   > out".   
   >   
   > I thoughted that could be my router, so I asked a co-worker the   
   > credentials from another machine (let's call it server2), with ssh   
   > configured, located at the same facility, and it works fine (same port,   
   > same client).   
      
   Are server1 and server2 configured with public IP addresses? Or (as I   
   would guess) are they behind some kind of NAT firewall?   
      
   If they are behind some NAT firewall I would doublecheck the settings of   
   that. The fact that it has been configured to allow port 3333 connections   
   to server2 might not for sure mean that also port 3333 connections to   
   server1 are allowed.   
      
   I don't think that you have done anything wrong in the configuration of   
   server1, but if that would be the one blocking incoming requests it would   
   probably explain why it did that in some system log file.   
      
   > My conclusions: It is not my router, it is not my client configuration,   
   > it is not some firewall somewhere. It is, probably, server1's   
   > configuration.   
   >   
   > Since local ssh connection worked, I did a ssh from server2 to server1,   
   > and it worked. So, I copied the shhd_config file from server2 to   
   > server1, and tried connect again directly to server1 with no sucess:   
   > still got "connection timed out".   
      
   If the problem really were server1 configuration you would not be able to   
   connect from any remote machine at all or see some explanation in the log   
   file why some remote machines are discriminated.   
      
   > Aditional information: server2 is running Ubuntu; netstat shows the port   
   > 3333 listening to tcp and tcp6; iptables and hosts.deny are clean; I   
   > can't ping any machine inside the facilty from outside; I can use telnet   
   > to touch server2, but not server1 (connection time out again).   
      
   When you connect from the outside, how do you differ between server1 and   
   server2? If they are behind a NAT router my guess is that router would   
   have only one IP address? If they are not behind a NAT router but have   
   their own public IP addresses, what kind of device do you have that only   
   allows port 3333?   
      
   regards Henrik   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)