-2
0
I have 2 servers in a data center. Server B is publicly accessible, as in, I can ssh into it.
Server A is not. So to access Server A, I ssh into Server B. And then from there, I ssh into Server A.
Now I was trying local port forwarding and it worked when I accessed the SSH port on Server A
(the inaccessible one) as in when I browsed http://localhost:local_port, I saw the whole SSH
unrecognized protocol stuff on the webpage.e.g.
SSH-2.0-OpenSSH_5.3
Protocol mismatch.
Then I tried to access the tomcat port via local port forwarding, and I couldn't, even though the connection to the in-between server was established successfully.
The browser just kept trying to connect but nothing happened.
Troubleshooting showed me that I could both telnet and ssh into the offending Server A from Server B. But I could neither telnet nor ssh into Server B from Server A. Even after unblocking the concerned ports with
iptables -I INPUT -p tcp --dport --syn -j ACCEPT
Summary? the offending server is accessible on the ssh port which is useless to me for my purposes.
How do I make this server(Server A) accessible on other ports? like my tomcat port for instance. Thanks
EDIT
When I try to ssh from Server A to Server B, I get
ssh: connect to host ip_value port port_no: Connection refused
When I run this:
service ssh status
I get:
ssh: unrecognized service
When I do:
ssh -v root@ip -p port_no
I get:
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 111.1111.xx.x [111.1111.xx.x] port 1000.
debug1: connect to address 111.1111.xx.x port 1000: Connection refused
ssh: connect to host 111.1111.xx.x port 1000: Connection refused
gbenroscience
Posted 2016-04-16T04:52:07.927
Reputation: 107
Possible duplicate of I can Telnet into a Linux CentOS system but cannot SSH into it. My colleagues say they can SSH into it
– Ramhound – 2016-04-16T06:29:45.360No it isn't. That issue you linked was mine..and its fixed now – gbenroscience – 2016-04-16T06:31:00.097
So what is the question? – Ramhound – 2016-04-16T06:36:41.363
I cannot ssh from the protected server back into the publicly accessible one. But I can ssh in the reverse direction. How can I enable ssh from the protected one to the publicly accessible one – gbenroscience – 2016-04-16T06:40:14.550
Ugh... this sounds complicated. Especially those IPv4 addresses with four digits in the second octet. So let's try some simple things. On server A, can you connect to the address 127.0.0.1 ? Does the SSH log (possibly /var/log/authlog*) show any details? Can you see the incoming traffic using tcpdump? – TOOGAM – 2016-04-16T06:51:07.860
@TOOGAM, I just put the dummy ip there, it has nothing to do with the actual format.the actual format is aaa.bb.ccc.dd – gbenroscience – 2016-04-16T07:03:40.583
I cant telnet localhost(127.0.0.1). The server is centos and I cant find authlog...but there is a /usr/share/selinux/devel/include/system/authlogin.if and I cant ssh it too, @TOOGAM – gbenroscience – 2016-04-16T07:08:21.797
On Server A, use " netstat -na | grep 22 " to confirm that you have an SSH server listening on port 22. Try running: sudo $( which sshd ) ; echo ${?} – TOOGAM – 2016-04-16T14:55:36.403
I have tcp connections established on the ssh port on the sey ip address. And it is also listening on the set port – gbenroscience – 2016-04-16T16:42:21.933