Ssh to computer in local network times out recently

General system Applications
1

I am trying to connect to another computer via ssh. This worked fine for several months now, but since a few days I cannot connect anymore. Unfortunately I cannot tell, what caused the change. Executing

ssh -vvvvv 192.168.0.101

shows the following output:

OpenSSH_9.2p1, OpenSSL 3.0.8 7 Feb 2023
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolve_canonicalize: hostname 192.168.0.101 is address
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/username/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/username/.ssh/known_hosts2'
debug3: ssh_connect_direct: entering
debug1: Connecting to 192.168.0.101 [192.168.0.101] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x4

and after some time I am getting a time out:

Reseting the firewall as was suggested in Cannot SSH into server on same network - #14 by sradjoker did not work. As other users mentioned, that not ufw but firewalld is used in endeavoros, I also reseted the firewall using the instructions provided here: https://serverfault.com/questions/901220/reset-firewalld-rules-to-default

The problem cannot be caused by the server, that I want to connect to, since connected from my mobile or another computer on the same port 22 works perfectly fine.

Thank you in advance for any help!

2

connecting via telnet (telnet 192.168.0.101 22) shows the following output:

Trying 192.168.0.101...
Connected to 192.168.0.101.
Escape character is '^]'.
+SSH-2.0-OpenSSH_8.4p1 Raspbian-5+b1
3

I am not sure what the issue is here but the firewall doesn’t block any outbound connections by default.

You could stop the firewall and see if that makes any difference. This may not be related to the firewall at all.

4

Does the username of the connecting computer still match the one on the server? If not, you need to add a username argument.

ssh username@192.168.0.101
1 Like
5

Does the computer you are trying to connect to have a static IP address? If not, the computer you are trying to connect to may have had it’s IP address changed by the router.

To find out, in a terminal

ip route
default via 192.168.0.1 dev enp10s0 proto dhcp src 192.168.0.103 metric 100 
192.168.0.0/24 dev enp10s0 proto kernel scope link src 192.168.0.103 metric 100

The first line shows the Router’s LAN side IP address

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp10s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 70:85:c2:8a:53:b4 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.103/24 brd 192.168.0.255 scope global dynamic noprefixroute enp10s0
       valid_lft 4972sec preferred_lft 4972sec
    inet6 fe80::a95:55d0:e9a8:acd2/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

In the section labled “2:” on the third line down you should see a line

inet 192.168.0.103 brd 192.168.0.255 scope global dynamic noprefixrute enp10s0

the first IP address listed is the computer’s network IP ADDRESS . If you see “dynamic” in this line, then the computer’s IP address was assigned by DHCP and can be changed by the router and may no longer be 192.168.0.101

Pudge

EDIT:
With NetworkManager, to change the computer’s IP address to a STATIC address do the following:

# nmcli con
NAME                       UUID                                                             TYPE       DEVICE
Wired connection 1   xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx    ethernet    enp2s0

“Wired connection 1” is the name of your LAN connection. Do the following ignoring the comments in Parenthesis. Also note which lines have a \ at the end or not.

 nmcli con mod “Wired connection 1” \
> ipv4.addresses “192.168.0.168/24” \             (your desired Static IP address)
> ipv4.gateway “192.168.0.1” \                         ( IP address of the LAN side of router or switch)
> ipv4.dns “192.168.0.1,8.8.8.8” \                     ( IP address for your desired DNS server(s))
> ipv4.method “manual”                                    (NOTE: no back slash on this command)

ipv4.gateway = “The LAN side IP address of your router or switch” listed above
ipv4.dns = “The LAN side IP address of your router or switch” comma “8.8.8.8.8” = Google DNS
You can omit 8.8.8.8 Google DNS server or substitute another DNS server of your choice.

Reboot the computer and re-check for your desired static IP address.

6

Thank you very much for all your helping comments. From this point however I can assure you, that:

  • I also tried to connect with ssh -p 22 username@192.168.0.101 with the same result, although from other devices the connection could be established using this username.
  • The computer, that I connect to definitely has a static ip adress inside the local network. As I said I successfully connect to exactly the same ip adress from other devices.

Now here comes the funny fact: I did some reboots yesterday after I reset the firewall etc. without any success. However when I turned on the computer today, it is working again surprisingly. Would be good to know, what solved the problem, but right now I cannot tell. I am not sure, if this has had any effect, but what I also did yesterday was removing known_hosts from ~/.ssh/. However I made a backup of that file and now after the reboot and after I could get the connection, a new file was automatically created and has no difference to the old one (using tool diff).

So right now the topic can be closed, but I will keep you informed, when it occurs again and when I maybe found out the crucial step for the solution.

1 Like
7

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.