SSH login from Windows
 

I have an airport with Mac OS X.3, I have forwarded port 22 from the airport base to my Mac and opened port 22 on my firewall.

I am using SSH Secure Shell for Windows with these settings:

> profile for "home mac"
> host name "my ip addy" and with
> user name "deans-emac"
> with port "22"

> and I added an outgoing tunnel with :
> settings name left blank
> listen port "4689"
> dest "localhost"
> dest port "3689"
> allow local connections "yes"
> type "tcp".

I'm getting an error message "host is unreachable" from SSH Secure Shell...

The longterm goal is to use RendezvousProxy (http://ileech.sf.net/) to make it seem I'm on the same local subnet on my Windows office machine as my home Mac for iTunes purposes.

Here are the settings i'm using in Rendezvous Proxy:

> IP Address "127.0.0.1"
> Port "4689"
> Host label "Home iTunes"
> Service Text-empty
> Service type "_.daap._tcp.local."

However, it can't get logged in via SSH to even get this far....

Umm, I don't see the part where you say that you enabled the SSH daemon (sshd) on OS X. You would normally do this by turning on "Remote Login" in the Sharing preferences. This will automatically open port 22 in the firewall.

Oh yeah, Remote Login is checked.

things to try
 

Cann you login via 'ssh' from another UNIX machine (e.g. another OS X machine)?

What do you see in the logs on your OS X machine? (Run the "Console" app to see logs.) You might want to enable more debugging info in the sshd log - see 'man sshd'.

Can you 'ping' your OS X machine from the Windows machine?

Try turning off all firewalls, connecting the two machines directly with an Ethernet cable and verifying that the basics work. Then you will know that the problem is in the networking/firewalls and you can work on that.

Re: SSH login from Windows
 

It is very unlikely that your username is "deans-emac". That sounds like your computer name. Your username is more likely something like dean. If you don't know it, open up a Terminal window and type whoami

Put in your correct username and you should be able to connect properly.

Trevor

Well, I have changed my user name to "Dean" and still can't login...I've even thought maybe my ISP is blocking port 22 so I tried forwarding port 2222 to 22 and loging into to port 2222...Still no luck.

I can't direct connect and I don't have another OSX(Unix) machine to try logging in with.

What ssh client are you using on Windows? I'd recommend puTTY: http://www.chiark.greenend.org.uk/~sgtatham/putty/

Trevor

Is that the exact way (including case) it was displayed when you typed whoami? Not "dean"?

Trevor

I had been using SSHSecureShellClient but I'll try puTTY

I'm unfamiliar with how to setup puTTY...

OK, I have completely turned OFF the firewall on the "server" machine but can't even SSH into it at all...anything I'm missing?

By the "server machine", I assume you mean the OS X machine that you are trying to log into using ssh.
And I assume that the "client" machine is your Windows machine on which you are running PuTTY.

Some things to test:

1) Can you ping the server machine from the client ?
If not, you have a basic connectivity problem.
(I think there is a 'ping' command in Windows that you can run from the DOS command line, otherwise search for a ping utility that you can download.)

2) Open a Terminal window on the OS X machine and run the following command:

ssh 127.0.0.1

You should get asked if you trust the machine at 127.0.0.1 - answer "yes" (it is the local OS X machine - the same machine you are on), then enter your usual OS X password.
If this doesn't work, you have a problem with the SSH daemon on OS X.

Okay, Dean. Time to do some doublechecking.

PM me your public IP and I'll try it from here. I can run command-line ssh so I can add the debugging flags.

Breen

Okay, I tried it from a command line here. Didn't work.

A port scan shows:

So my packets don't seem to be reaching your sshd.

Try hayne's suggestion -- try to ssh to 127.0.0.1 from your Mac.

Let's make sure that sshd is running:
and check your firewll rules:
and make sure that sshd isn't logging anything important:
Breen

[dean-emac:~] dean% ps auxw |grep sshd
dean 6957 0.0 0.1 18172 344 std S+ 6:48PM 0:00.01 grep sshd

[dean-emac:~] dean% sudo ipfw list
Password:
65535 allow ip from any to any

[dean-emac:~] dean% sudo grep sshd /var/log/system.log

Feb 20 18:50:20 dean-emac sudo: dean : TTY=ttyp1 ; PWD=/Users/dean ; USER=root ; COMMAND=/usr/bin/grep sshd /var/log/system.log

[dean-emac:~] dean% ssh 127.0.0.1

The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
RSA key fingerprint is blah blah blah
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '127.0.0.1' (RSA) to the list of known hosts.
dean@127.0.0.1's password:
Last login: Fri Feb 20 18:48:08 2004
Welcome to Darwin!

Breen:
sshd doesn't show up in 'ps' output since it is run as needed by xinetd.
One way to check that SSH is enabled is to look if anyone is listening at port 22:

sudo lsof | grep ssh

whodean:
So your SSH seems fine on the OS X end.
It thus seems that your problem is network related - something is stopping the packets from reaching your OS X machine.
I ask again: can you ping the OS X machine from your Windows machine?

hayne-i emailed you my public IP...haven't been able to try to ping from the windows machine.

Probably can't ping it since it's behind an Airport at a remote location. The airport (or Dean's ISP) appears to be dropping pings as well.

I'm starting to think this is an Airport problem.

OK...what settings from the Airport Admin utility should I check?

Thanks for trying to help guys, does anyone have any further help for SSH login to my (over Airport) Mac from a Windows 2000 machine?

How is your Airport base station connected to the Internet? Does it dial up?
Is it connected to another router?

I have a cable modem connection through Comcast.

To simplify the situation, try connecting your Mac to the cable modem directly. This cuts the Airport base station out of the picture. Get the ssh working in this configuration, then worry about the Airport.

I will try this tonight and report back.

Thanks again.

OK, I tried accessing iTunes from another PC (windows xp) that is connected to my airport network and the share worked fine on iTunes for Windows....

I think I've finally got the Airport issue fixed, one of you guys care to help try this again?

What exactly do you need?

Trevor