Ssh connection refused for domain name but not for IP address

nuccio · July 18, 2015, 10:24pm

#Hello yunohost community !

This project is just what was missing for simple multi-purpose homeservers. And the possibility to create custom apps with relatively simple scripts seems an amazing possibility (not possible on freedombox). I hope to be able to contribute !

I have a problem to connect with ssh to my yunohost instance installed on raspbian jessie.

I can’t connect with:

$ ssh root@mydomain.noho.st
ssh: connect to host mydomain.noho.st port 22: Connection refused

Interestingly it is possible by using the IP:

$ ssh root@10.0.242.1
root@10.0.242.1's password: 
etc...

The domain name resolution works for other accesses (https://mydomain.noho.st is functional) and ping:

$ ping mydomain.noho.st
PING mydomain.noho.st (82.227.177.115) 56(84) bytes of data.
64 bytes from cac94-4-82-227-177-115.fbx.proxad.net (82.227.177.115): icmp_seq=1 ttl=63 time=1.08 ms
64 bytes from cac94-4-82-227-177-115.fbx.proxad.net (82.227.177.115): icmp_seq=2 ttl=63 time=1.22 ms
64 bytes from cac94-4-82-227-177-115.fbx.proxad.net (82.227.177.115): icmp_seq=3 ttl=63 time=1.43 ms
^C
--- mydomain.noho.st ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 1.084/1.249/1.439/0.146 ms


g@gg:~$ ping 10.0.242.1
PING 10.0.242.1 (10.0.242.1) 56(84) bytes of data.
64 bytes from 10.0.242.1: icmp_seq=1 ttl=64 time=1.22 ms
64 bytes from 10.0.242.1: icmp_seq=2 ttl=64 time=1.19 ms
64 bytes from 10.0.242.1: icmp_seq=3 ttl=64 time=1.21 ms
^C
--- 10.0.242.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 1.198/1.212/1.226/0.041 ms

So DNS seems to work and port 22 is open (yunohost firewall confirms).
Any advice on what could go wrong ? Any investigation lead ?

For info I have installed https://github.com/labriqueinternet/hotspot_ynh app and am connected by wifi on the hotspot.

matlink · July 19, 2015, 12:21pm

your mydomain.noho.st is resolved to 82.227.177.115.
Apparently, your ssh daemon is not listening to every IP addresses your server got, but only maybe to 10.0.242.1.
Can you do a netstat -plnt | grep ssh on your yunohost instance and post the result here ?

nuccio · July 19, 2015, 12:59pm

Here it is :

# netstat -plnt | grep ssh tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 431/sshd tcp6 0 0 :::22 :::* LISTEN 431/sshd

I don’t understand these lines and there’s no reference to 10.0.242.1…

How can I set sshd to listen to several IP addresses ?

Anyway, thanks for your answer !!

matlink · July 22, 2015, 7:34pm

Are you behind a modem ? maybe your have forgotten to make the port forwarding from port 22 to your yunohost’s port 22. Check this : https://yunohost.org/#/isp_box_config_en
You seem to have a Free ADSL service, so check https://moncompte.free.fr

nuccio · July 25, 2015, 5:04pm

Well thank you matlink, you pointed it !
I can access mydomain.noho.st with https and ssh correctly after setting the port redirection in mafreebox.fr

I’m sorry for the trouble as everything is nicely documented…

I thought UPnP IGD worked as the 80 port was nicely redirected from the freebox to the yunohost instance.
This automatic redirection also fails now. UPnP activation complains about no compatible device found. I thought the freebox was one, why is it failing ? And why was it working for a time ?

$ sudo yunohost firewall upnp enable Error: No UPnP device found Error: Unable to open UPnP ports

Any idea to debug what’s failing on a freebox ?

Thanks for the great support !