SSH login from remote host

[cracker1985]

Hi everyone,

We have changed the default port of sshd in /etc/ssh/sshd_config and can connect to via this port from the LAN. But we can't connect from the outside (from the Internet). We use pf as firewall. Please help us!

Thanks.

 

[zodias]

Hi,

You can read this:
http://www.openbsd.org/faq/pf/rdr.html

Keep in mind FreeBSD Handbook's warning message as follows:

"Warning: When browsing the PF FAQ, please keep in mind that different versions of FreeBSD can contain different versions of PF. Currently, FreeBSD 8.X and prior is using the same version of PF as OpenBSD 4.1. FreeBSD 9.X and later is using the same version of PF as OpenBSD 4.5."

 

[Deleted member 2077]

First check that sshd is listening to your external interface, if not, verify the "ListenAddress" option in /etc/ssh/sshd_config.

Second, check your /etc/pf.conf. It should have a rule something like this (but it really depends on your setup):

pass in on $ext_if proto tcp to ($ext_if) port ssh

Third, verify it's not being blocked by any external routers (like your DSL router, etc) and has appropriate forwarding rules for port 22.

Also for a general trouble shooting tip, run the ssh client with the -v option. As in:

[cmd=]ssh -v myhost.com[/cmd]

It will provide more information on where it might be failing. Lastly, if you are still having problems, please provide more information than "Can't connect". This could be anything from a network to a firewall to a authentication to a protocol problem. It's really hard to tell without more details.

 

[cracker1985]

First check that sshd is listening to your external interface, if not, verify the "ListenAddress" option in /etc/ssh/sshd_config.

Second, check your /etc/pf.conf. It should have a rule something like this (but really depends on your setup):

pass in on $ext_if proto tcp to ($ext_if) port ssh

Third, verify it's not being block by any external routers (like your DSL router, etc) and has appropriate forwarding rules for port 22.

Also for a general trouble shooting tip, run ssh client with the -v option. As in:

ssh -v myhost.com

It will provide more information on where it might be failing. Lastly, if you are still having problems, please provide more information than "Can't connect". This could be anything from a network to a firewall to a authentication to a protocol problem. It's really hard to tell without more details.

Thanks bro!