On Fri, 2010-01-22 at 19:20 -0600, Kat wrote:
The problem is I am trying ssh (my ip) and I get "Connection refused".
You haven't said what distribution of Linux you are running?
The problem you report above is either:
a) Your ssh daemon is not set to listen on the LAN ip address.
b) ssh is listening, but the firewall on that machine (not the router) is set to block connections on the LAN interface.
This happens both from my parents' machine (in another town - Go Mom for downloading and running putty), and from my own (that ssh is running on).
I suspect the problem has to do with my router, either regarding my rather prudent settings (LAN connection must be authenticated, and have a whitelisted MAC address), or more likely, I am missing something in setup to allow incoming connections that get forwarded to my specific machine. This is where my understanding falls apart at the moment... help?
Before you go any further trying to get your router setup, you positively MUST get it working on the LAN first.
You have accomplished step 1 already which is to confirm that ssh is working by sshing to localhost (127.0.0.1).
Step 2 is to confirm that ssh is listening and reachable on the LAN IP. That is where you are now. Do this:
# netstat -an | grep -E "tcp.*?22.*?LISTEN"
You should see something like:
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
That means ssh is listening on all interfaces (IPs).
If you still can't ssh to it from itself, then the firewall on the local machine is most likely blocking port 22. Turn the firewall off and try again.
Once you've got the machine so it can ssh to itself on the LAN IP then, if you can, you should test ssh from another machine on the same LAN.
Step 3 is to configure the firewall/router to port forward the SSH port on the external IP (the 24.x.x.x address) to the internal LAN IP 192.168.1.100). That should be fairly straight forward on the Linksys firewall.
Then, ssh to it from the remote computer using firewall's Internet (external) IP address (not the LAN IP).
One word of caution; before you do any of this, please make sure your passwords (especially your root password) is something very secure. Once you open up port 22, you will see literally hundreds of attempts per day to hack your root password.
I personally recommend changing the port to something else but that throws a bunch more complications into the process and at this point just focus on getting it working, then you can move on to more advanced things like changing the default ssh ports (hint, look in /etc/ssh/sshd_conf).
Regards,