2

Googled this to death, cannot resolve. I cannot connect to my CYGWIN sshd from another machine. Netstat shows connection is established. Can connect locally, no problem.

[oracle@aserver ~]$  ssh myid@mycomp
ssh: connect to host mycomp port 22: Connection refused

On mycomp:

$ netstat -a | grep ssh
  TCP    MYCOMP:ssh            MYCOMP.mydomain.com:0  LISTENING
  TCP    MYCOMP:1161           aserver.mydomain.com:ssh  ESTABLISHED

Successful login from the localhost:

$ ssh myid@mycomp
myid@mycomp's password:
Last login: Tue Sep 14 14:27:30 2010 from mycomp.mydomain.com
Fanfare!!!
You are successfully logged in to this server!!!

I'm on XP sp3, updated CYGWIN today. Tried cleanup and reconfigure, didn't help.

Cleanup (credit to Herb Maeder http://www.cygwin.com/ml/cygwin/2008-10/msg00370.html) :

# Remove sshd service
cygrunsrv --stop sshd
cygrunsrv --remove sshd
# Delete any sshd or related users (such as cyg_server) from /etc/passwd
#   (use your favorite editor)
# Delete any sshd or relaged users (such as cyg_server) from the system
net user sshd /delete

Configure:

$ ssh-host-config -y
*** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep.
*** Query: Should privilege separation be used? (yes/no) yes
*** Info: Note that creating a new user requires that the current account have
*** Info: Administrator privileges.  Should this script attempt to create a
*** Query: new local account 'sshd'? (yes/no) yes
*** Info: Updating /etc/sshd_config file
*** Query: Overwrite existing /etc/inetd.d/sshd-inetd file? (yes/no) yes
*** Info: Creating default /etc/inetd.d/sshd-inetd file
*** Info: Updated /etc/inetd.d/sshd-inetd


*** Warning: The following functions require administrator privileges!

*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []

*** Info: The sshd service has been installed under the LocalSystem
*** Info: account (also known as SYSTEM). To start the service now, call
*** Info: `net start sshd' or `cygrunsrv -S sshd'.  Otherwise, it
*** Info: will start automatically after the next reboot.

*** Info: Host configuration finished. Have fun!

myid@MYCOMP /cygdrive/c/Documents and Settings/myid
$ cygrunsrv -S sshd

myid@MYCOMP /cygdrive/c/Documents and Settings/myid
$ cygrunsrv -Q sshd
Service             : sshd
Display name        : CYGWIN sshd
Current State       : Running
Controls Accepted   : Stop
Command             : /usr/sbin/sshd -D
ultracrepidarian
  • 138
  • 1
  • 1
  • 4

4 Answers4

2

Can you telnet to port 22 from another computer?

telnet <mycomp> 22

If you're getting a connection refused (and you can connect via localhost), this is definitely a firewall issue. There are other firewalls besides Windows Firewall--McAfee, ZoneAlarm, etc., and it sounds like you're being blocked--since you can access it internally (indicating its listening on the correct port) but you can't access it externally (indicating external ports are closed).

Surprisingly, Mozilla has a great look on configuring firewalls--including the Windows Firewall. Give it a try. Just because you think there's no firewall running--doesn't mean there isn't.

Andrew M.
  • 11,182
  • 2
  • 35
  • 29
  • It was our corporate firewall. What made me think it was not blocking is the second line of the netstat output (see second block of code from top) - the connection from the server to my machine. Then I realized this connection appears when I ssh to the server. Yes, I ssh to the server then ssh (scp actually) back to my machine. – ultracrepidarian Sep 15 '10 at 15:37
  • Plus, it used to work before. something must've changed with the firewall upgrade we had recently. – ultracrepidarian Sep 15 '10 at 15:38
1

Is there any chance a Windows firewall is running?

Have you run your SSH client in either verbose or debug mode?

T.P.
  • 163
  • 5
  • Windows firewall off. – ultracrepidarian Sep 14 '10 at 23:20
  • [oracle@aserver ~]$ ssh -v -v -v myid@mycomp OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to mycomp [111.11.11.11] port 22. debug1: connect to address 111.11.11.11 port 22: Connection refused ssh: connect to host mycomp port 22: Connection refused – ultracrepidarian Sep 14 '10 at 23:22
  • that came out mashed together but you get the idea - there is no additional insight to be gained from the verbose output. – ultracrepidarian Sep 14 '10 at 23:24
  • Hmmm. I'm gonna reinstall CYGWIN myself and delve deeper. – T.P. Sep 15 '10 at 00:10
  • Ok. Installed the latest and greatest 1.7 release Cygwin on an XP SP2 box. After setting up SSHD with ssh-host-config, I tried to connect from my Win 7 desktop through PuTTY. Connection timed out (not refused though.) Went to the XP box and turned off firewall. Immediately after, I was able to SSH in with PuTTY. I wonder if SP3 is putting a twist on your situation? – T.P. Sep 15 '10 at 01:29
0

I have been dealing with this exact issue for a few weeks now. It may not apply directly to this case. But I am going to share my experience here, in the hope that it may help somebody.

The Cygwin SSHD is running on my Windows 7 Home Premium Box.

  • I WAS able to ssh into the machine from localhost, or by typing out my IP address. This was attempted, and was successful in Putty.
  • I was NOT able to ssh into the machine from any other device on the LAN.
    • I verified that this was not a firewall, or antivirus, or security issue. I tested this using apache portable on port 22. I was able to reach it on port 22. I also ensured that sshd.exe was given full ability to communicate on the network.
    • I turned off all firewall features on the machine. It was only windows defender, and windows firewall. This did not fix the problem
  • after some digging around. I was able to find that it was something with putty itself. For some reason, I am able to use an openssh client from my linux server (out in the cloud) in, without any problem. I think it has something to do with putty keys.
  • I ran putty.exe -cleanup and still had the problem.
  • On one of my linux servers, I get this ssh_exchange_identification: Connection closed by remote host
  • On another one of my linux servers, it just connects.

Hope this helps.

Devon

--EDIT-- Okay. It started to get even stranger. I have 4 cloud servers, each tied to a different domain. One server could login to my sshd while others couldn't.

I fixed this by commenting out all of the entries in hosts.deny. I also adjusted my hosts.allow file to look like this.

ALL : localhost 127.0.0.1/32 [::1]/128 [::ffff:127.0.0.1]/128 : allow
SSHD : ALL

That fixed it for me.

Devon Dieffenbach
  • 19
  • 4
-2

I faced the same error and found out that my sshd was not running. So start your sshd using net start sshd and it might work for you.

Shilpa
  • 109
  • 1