Re: [Hampshire] unable to connect from one system to another…

Top Page
This message is part of the following thread:
M---\the complete thread tree sorted by date
M++\M\Stuart Sears at <-
MMMMMMPaul Tansom at ->

Reply to this message
Author: Kelly Dunlop
Date:  
To: Hampshire LUG Discussion List
New-Topics: [Hampshire] Thanks - was: Re: unable to connect from one system to another using ssh
Subject: Re: [Hampshire] unable to connect from one system to another using ssh
On Wed, Feb 17, 2010 at 11:19:27AM +0000, Lisi wrote:
> On Tuesday 16 February 2010 14:23:31 Kelly Dunlop wrote:
> [snip]
> I have been trying to follow this thread, with limited success, as it is an
> area where my igonorance is both wide and deep. :-( But I hope to learn.
>
> So I have been trying the various commands to see what I get. arp -n just
> gave me my router from 2 computers currently active on the LAN.
>
> The IPs of the two active computers are 192.168.0.2 and 192.168.0.3. The
> router is 192.168.0.1.
>
> I then tried the following (from 192.168.0.2):
> 
> Tux:/home/lisi# netstat -atn
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address           Foreign Address         State
> tcp        0      0 0.0.0.0:59782           0.0.0.0:*               LISTEN
> tcp        0      0 127.0.0.1:1004          0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN
> tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN
> tcp        0      0 0.0.0.0:7741            0.0.0.0:*               LISTEN
> tcp        0      0 192.168.0.2:43311       92.122.211.37:1935      
> ESTABLISHED
> tcp6       0      0 :::22                   :::*                    LISTEN
> tcp6       0      0 ::1:631                 :::*                    LISTEN
> Tux:/home/lisi# ps -ef | grep sshd
> root      2341     1  0 06:38 ?        00:00:00 /usr/sbin/sshd
> root     15602 15392  0 11:08 pts/1    00:00:00 grep sshd
> Tux:/home/lisi#

>
> If I have understood correctly, that is a bit worrying. (The ESTABLISHED
> one.) So have I understood? I hope that I have not. ;-0.


I'd check what processes sshd has spawned by: 

    ps -ef | grep 2341


This should show you what processes are running from the sshd, 2341 is the process id
of sshd and any children it has spawned will have it as their parent id.

On my box I get this: 

diamond ~ # ps -ef| grep 4171
root       722  4171  0 13:19 ?        00:00:00 sshd: kad [priv] 
root      4171     1  0 Jan26 ?        00:00:00 /usr/sbin/sshd


which shows me that I have an sshd and following this down I get: 

diamond ~ # ps -ef| grep 722
root       722  4171  0 13:19 ?        00:00:00 sshd: kad [priv] 
kad        727   722  0 13:19 ?        00:00:00 sshd: kad@pts/8


and: 

diamond ~ # ps -ef| grep 727
kad        727   722  0 13:19 ?        00:00:00 sshd: kad@pts/8  
kad        728   727  0 13:19 pts/8    00:00:00 -bash


which shows it is running a Shell.

You can also run who which tells it is me that is logged in on that tty: 

kad      pts/8        Feb 17 13:19 (eam2100.private.net)



I hope this isn't telling you things you already know, it's just that I thought I
could help :-)

You could also drop the -n parameter to netstat which will give you names for the
ports (mapped from /etc/services). I can identify 631 as ipp which is printing,
and 111 as sunrpc which I think is to do with NFS and remote disk mounting.

Hope it helps you try and identify what is happening.

Kelly
--
Kelly Dunlop
kelly@???


This message was posted to the following mailing lists:
Hampshire LUG
Mailing List Info | Nearby Messages		<-Re: [Hampshire] Basic CAD software?Re: [Hampshire] Basic CAD software?->
Hampshire LUG Mailing List Archive administrated by WebmasterLurker (version 2.3)