• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

SSH (Solved)

General pfSense Questions
3
4
927
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • N
    NollipfSense
    last edited by NollipfSense Jul 19, 2019, 3:30 AM Jul 18, 2019, 10:45 PM

    I enabled SSH; however, I kept getting: ssh_dispatch_run_fatal: Connection to 192.168.1.1 port 22: Operation timed out

    What's up with that when I am accessing from LAN? I selected a password or public key.

    pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
    pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

    1 Reply Last reply Reply Quote 0
    • G
      Gertjan
      last edited by Gertjan Jul 18, 2019, 11:08 PM Jul 18, 2019, 11:07 PM

      @NollipfSense said in SSH:

      ssh_dispatch_run_fatal

      Using what ssh client ?

      A recent Putty would connect after entering an IP and port.

      edit : Firewall rules on LAN interface do let enter the ssh traffic ?

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      1 Reply Last reply Reply Quote 0
      • J
        johnpoz LAYER 8 Global Moderator
        last edited by johnpoz Jul 18, 2019, 11:57 PM Jul 18, 2019, 11:38 PM

        Unless he disabled the antilock rule, once you enable ssh its in the antilock out rule to be allowed.

        Maybe didn't actually enable it? Maybe he changed the port from 22? He is has a software firewall on the client he is running blocking it? His pfsense lan IP is not actually 192.168.1.1?

        ssh didn't actually start for some reason?

        Lots of possible reasons it could be timing out to connect.

        edit:
        I should test this - is it possible to create a floating rule that blocks the antilock out rule? Hmmm - be right back.

        edit2: Nope even putting a floating rule to block doesn't stop antilockout - which is stated on the rules order link
        https://docs.netgate.com/pfsense/en/latest/firewall/firewall-rule-processing-order.html

        Internal automatic rules (pass and block for various items like lockout, snort, DHCP, etc.)

        Are above floating even.. so seems only way you could firewall yourself from ssh on the lan would be to have disabled the antilockout.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        • N
          NollipfSense
          last edited by Jul 19, 2019, 3:29 AM

          It seems that the secure shell daemon not have been running for some reason...all is good now.

          pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
          pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

          1 Reply Last reply Reply Quote 0
          2 out of 4
          • First post
            2/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.