Help: Can't ssh to NAS from a linux machine

Discussion about using NAS on Linux and Unix OS.
Locked
sidneyyu
New here
Posts: 8
Joined: Thu Nov 22, 2018 10:58 pm

Help: Can't ssh to NAS from a linux machine

Post by sidneyyu »

1) linux is installed on the mchine recently. it's centOS7
2) i can ssh to NAS from my macbook pro, so it means ssh service is good on NAS
3) but everytime i tried to ssh to NAS from my linux machine, it's always "connection timed out"
4) i used the same command, same IP as i did with macbook pro.
5) i made sure /etc/ssh/ssh_config is the same on the linux machine as on macbook pro

i'm stuck. there's gotta be some settings off on my linux machine, but i just couldn't figure out which.
Can anyone please help. i'd really appreciate!
User avatar
OneCD
Guru
Posts: 12010
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Help: Can't ssh to NAS from a linux machine

Post by OneCD »

Hi and welcome to the forum. :)

Suggest trying your SSH command again in verbose mode. i.e:

Code: Select all

ssh -vvv admin@nas
Are there any errors shown?

Compare the debug info when performing the same connection from your Mac.

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
sidneyyu
New here
Posts: 8
Joined: Thu Nov 22, 2018 10:58 pm

Re: Help: Can't ssh to NAS from a linux machine

Post by sidneyyu »

Thanks for the suggestion. i did the verbose mode.
No error shown in debug, after "connect to IP port 22", it's just "connet to IP port 22:connection timed out".
The only difference between centOS and mac is that mac has replaced openSSL with LibreSSL.
In the first line of debug,
mac shows:
OpenSSH_7.7p1, LibreSSL 2.7.3
centOS shows:
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017

I'm not sure if this is the reason. My NAS still uses openSSL, not LibreSSL.
Also i can ssh from my NAS to centOS machine.
My next step would be to replace openSSL with LibreSSL on centOS machine if i don't get any other suggestions.

Thanks again.
OneCD wrote: Fri Nov 23, 2018 3:41 am Hi and welcome to the forum. :)

Suggest trying your SSH command again in verbose mode. i.e:

Code: Select all

ssh -vvv admin@nas
Are there any errors shown?

Compare the debug info when performing the same connection from your Mac.
User avatar
OneCD
Guru
Posts: 12010
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Help: Can't ssh to NAS from a linux machine

Post by OneCD »

You could try starting another SSH server on your NAS in interactive-mode (not daemon) with a different listening port and in verbose mode. SSH into the NAS from your Mac, start the server, then keep that session open while this temporary SSH server is running.

Then connect to that new port from your CentOS. Does it work?

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
sidneyyu
New here
Posts: 8
Joined: Thu Nov 22, 2018 10:58 pm

Re: Help: Can't ssh to NAS from a linux machine

Post by sidneyyu »

Igoogled but I'm still not sure how to start another SSH server on the NAS.
Can you elaborate a bit on how i'm able to do that?
Thanks very much!
OneCD wrote: Sat Nov 24, 2018 3:16 am You could try starting another SSH server on your NAS in interactive-mode (not daemon) with a different listening port and in verbose mode. SSH into the NAS from your Mac, start the server, then keep that session open while this temporary SSH server is running.

Then connect to that new port from your CentOS. Does it work?
User avatar
OneCD
Guru
Posts: 12010
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Help: Can't ssh to NAS from a linux machine

Post by OneCD »

sidneyyu wrote: Sun Nov 25, 2018 10:17 pm Igoogled but I'm still not sure how to start another SSH server on the NAS.
Can you elaborate a bit on how i'm able to do that?
First, SSH into your QNAP from the Mac. Then start a new instance of the SSH server in debug-mode and listening on port 2000 with:

Code: Select all

/usr/sbin/sshd -Ddf /etc/config/ssh/sshd_config -p 2000
Note: this is a one-shot launch. When a client has connected then disconnected from this single instance, the instance dies. So, you need to remember to relaunch it after a successful client connection. It's not a daemon, so don't close the TTY session from your Mac. Use it to monitor the server-end of the connection.

Then, from your CentOS, connect to that port with:

Code: Select all

ssh -vvv admin@nas -p 2000

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
sidneyyu
New here
Posts: 8
Joined: Thu Nov 22, 2018 10:58 pm

Re: Help: Can't ssh to NAS from a linux machine

Post by sidneyyu »

thanks for the detailed instructions.
i was able to follow them, but i still got a Connection timed out on port 2000.
the ssh login hangs at:
debug1:Connecting to IP port 2000.

OneCD wrote: Mon Nov 26, 2018 9:36 am
sidneyyu wrote: Sun Nov 25, 2018 10:17 pm Igoogled but I'm still not sure how to start another SSH server on the NAS.
Can you elaborate a bit on how i'm able to do that?
First, SSH into your QNAP from the Mac. Then start a new instance of the SSH server in debug-mode and listening on port 2000 with:

Code: Select all

/usr/sbin/sshd -Ddf /etc/config/ssh/sshd_config -p 2000
Note: this is a one-shot launch. When a client has connected then disconnected from this single instance, the instance dies. So, you need to remember to relaunch it after a successful client connection. It's not a daemon, so don't close the TTY session from your Mac. Use it to monitor the server-end of the connection.

Then, from your CentOS, connect to that port with:

Code: Select all

ssh -vvv admin@nas -p 2000
User avatar
OneCD
Guru
Posts: 12010
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Help: Can't ssh to NAS from a linux machine

Post by OneCD »

Was anything shown at the server-end at the same time?

Are you using any sort of IP whitelist/blacklist/automatic-banning on the NAS?

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
sidneyyu
New here
Posts: 8
Joined: Thu Nov 22, 2018 10:58 pm

Re: Help: Can't ssh to NAS from a linux machine

Post by sidneyyu »

Nothing was shown at the server-end. Just "Server istening on :: port 2000".
I don't think I'm using any IP control or firewalls. But just in case how do I check?
My gut feeling is there's some configs wrong on CentOS side, but i can ssh into mac from CentOS, so ... i'm really lost.
Last edited by sidneyyu on Sun Dec 02, 2018 2:13 pm, edited 1 time in total.
User avatar
OneCD
Guru
Posts: 12010
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Help: Can't ssh to NAS from a linux machine

Post by OneCD »

You’ll need to check this within the QTS web UI. I think it’s called ‘Network Access Protection’.

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
sidneyyu
New here
Posts: 8
Joined: Thu Nov 22, 2018 10:58 pm

Re: Help: Can't ssh to NAS from a linux machine

Post by sidneyyu »

I found where the problem is.
In my QTS web UI --> Control Panel --> Security, there's a specific block on my centOS's IP.
I can't recall how it's there. Could be some experiments I did long time ago. Then I reconfigured my network after moving into a new place. Then the new CentOS machine I built happen to take that IP...
I should have check there before i came here asking for help. quite silly.
Thanks again for teaching me a few tricks about SSH.
User avatar
OneCD
Guru
Posts: 12010
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Help: Can't ssh to NAS from a linux machine

Post by OneCD »

Good work. :D

I would have suggested it sooner, but I misunderstood your original post, where you mentioned using the same IP. At first, I thought you meant you were connecting from the same IP. ;)

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
danielo515
Starting out
Posts: 10
Joined: Sun Jul 14, 2019 5:48 pm

Re: Help: Can't ssh to NAS from a linux machine

Post by danielo515 »

I'm sorry to post on such an old thread, but I just faced this same issue but from my macbook.
I can't understand how my macbook IP ended up on that list. Lucky I found this thread and I was able to delete the entry from my phone, thank you very much.
User avatar
OneCD
Guru
Posts: 12010
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Help: Can't ssh to NAS from a linux machine

Post by OneCD »

* topic locked to prevent further necroposting *

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
Locked

Return to “Linux & Unix (NFS)”