On Sun, Jul 16, 2023 at 09:39:35AM +0200, Roger Price wrote: > On Sat, 15 Jul 2023, Greg Wooledge wrote: > > On Sat, Jul 15, 2023 at 11:59:33AM +0200, Roger Price wrote: > > > rprice@kananga:~$ ssh -v rprice@maria > > > ssh: connect to host maria port 22: Connection timed out > > > > A timeout is an ENTIRELY different symptom, and when combined with > > "but I can ping the remote", it means a firewall is involved. Every > > time. > > I tried to clear out the existing firewall on a Debian 9 machine with the > commands > > iptables -F > iptables -X > iptables -P INPUT ACCEPT > iptables -P FORWARD ACCEPT > iptables -P OUTPUT ACCEPT > > iptables -L -n --line-numbers reports > > Chain INPUT (policy ACCEPT) > num target prot opt source destination > 1 ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0 > 2 ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 > 3 ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0 > 4 ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0 > 5 ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0 > 6 ufw-track-input all -- 0.0.0.0/0 0.0.0.0/0 > > ... and so on
This would be a good time to try ssh :-) > I then recycled the Debian 9 machine, power off, power on, for a clean > restart, > After the restart, I tried to ssh from Debian 11 to that Debian 9 machine That's too late: the iptables command just modifies the kernel's settings. They are not persistent across a reboot. This is the job of whatever firewall management thingy sets the firewall at boot (it may be as simple as a self-made script calling iptables or as complex as some firewalld or ufw, or some systemd thingmajig). > rprice@titan ~ ssh -v rprice@kananga > ssh: connect to host kananga port 22: Connection timed out > > So it's something else? Roger No, this is to be expected: whatever did set up your firewall on first boot will do that again at every reboot. But before chasing that culprit it'd be nice to know we are barking up the right tree: can you ssh after flushing the firewalls and /before/ rebooting? Cheers -- tomás
signature.asc
Description: PGP signature
