need help for setting SSH Server for Windows XP

A

atomskamravka

Hi,

I'm trying to set up SSH Server on my Windows XP (SP2).
I've tried openssh and cygwin with no results.
Everything goes smoothly with the installation.
I can even connect with Putty using 127.0.0.1 as IP address.
But when I try to connect to my actual IP (158.64.X.X) I get error
message "Connection time out".
In my windows firewall proper ports are opened (22,443,80). I even
tried with turning off my firewall.
Changing from port 22 to ports 80, 443 also doesn't give any results.
Any clues?

Thank you
 
S

Sooner Al [MVP]

Hi,

I'm trying to set up SSH Server on my Windows XP (SP2).
I've tried openssh and cygwin with no results.
Everything goes smoothly with the installation.
I can even connect with Putty using 127.0.0.1 as IP address.
But when I try to connect to my actual IP (158.64.X.X) I get error
message "Connection time out".
In my windows firewall proper ports are opened (22,443,80). I even
tried with turning off my firewall.
Changing from port 22 to ports 80, 443 also doesn't give any results.
Any clues?

Thank you
Click to expand...

To use SSH you only need TCP Port 22 (or whatever port you configure the
sshd_config file for) forwarded on your router and any firewall to the
static LAN IP of the server PC. This includes the Windows Firewall. You do
*NOT* need TCP Port 80 or 443 open in order to use SSH. Close any unneeded
ports as a security precaution.

To test from another PC on your local LAN use the LAN IP of the SSH server.
It is *NOT* a valid test to call the SSH server PC from another local PC
using the public IP of the router. This illustration (written for a VPN
test) shows this...

http://theillustratednetwork.mvps.org/Vista/PPTP/BasicVPNTest.html

You can test port forwarding through your router and any software firewall
by going to the http://www.canyouseeme.org site using IE on the SSH server
PC. If the test fails make sure the router and any software firewall are
configured correctly.

Remember if you change the SSH listening port in the sshd_config file you
will need to restart the SSH service on the SSH server PC. See the last part
of this page for help...

http://theillustratednetwork.mvps.org/Ssh/SecureYourcopSSHServer-Vista.html

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
How to ask a question
http://support.microsoft.com/KB/555375
 
S

Sooner Al [MVP]

Sooner Al said:
To use SSH you only need TCP Port 22 (or whatever port you configure the
sshd_config file for) forwarded on your router and any firewall to the
static LAN IP of the server PC. This includes the Windows Firewall. You do
*NOT* need TCP Port 80 or 443 open in order to use SSH. Close any unneeded
ports as a security precaution.

To test from another PC on your local LAN use the LAN IP of the SSH
server. It is *NOT* a valid test to call the SSH server PC from another
local PC using the public IP of the router. This illustration (written for
a VPN test) shows this...

http://theillustratednetwork.mvps.org/Vista/PPTP/BasicVPNTest.html

You can test port forwarding through your router and any software firewall
by going to the http://www.canyouseeme.org site using IE on the SSH server
PC. If the test fails make sure the router and any software firewall are
configured correctly.

Remember if you change the SSH listening port in the sshd_config file you
will need to restart the SSH service on the SSH server PC. See the last
part of this page for help...

http://theillustratednetwork.mvps.org/Ssh/SecureYourcopSSHServer-Vista.html

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
How to ask a question
http://support.microsoft.com/KB/555375
Click to expand...

This page illustrates how to setup a private-public key pair for
PuTTY/WinSCP...

http://theillustratednetwork.mvps.org/Ssh/copSSH-WinSCP-KeyPair.html

I had forgotten you use PuTTY as your client...

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
How to ask a question
http://support.microsoft.com/KB/555375
 
A

atomskamravka

This page illustrates how to setup a private-public key pair for
PuTTY/WinSCP...

http://theillustratednetwork.mvps.org/Ssh/copSSH-WinSCP-KeyPair.html

I had forgotten you use PuTTY as your client...

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program -http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
How to ask a questionhttp://support.microsoft.com/KB/555375
Click to expand...

Thanks a lot for your help. Unfortunately I can not try this right
away (I'm not at home).
You are saying that even if putty works with 127.0.0.1 and does not
work with actual IP, it is still ok? I was testing it from the
internet (not from the LAN).
By the way, I'm not behind a firewall.
 
S

Sooner Al [MVP]

Thanks a lot for your help. Unfortunately I can not try this right
away (I'm not at home).
You are saying that even if putty works with 127.0.0.1 and does not
work with actual IP, it is still ok? I was testing it from the
internet (not from the LAN).
By the way, I'm not behind a firewall.
Click to expand...

Testing with PuTTY on the SSH server using the 127.0.0.1 address (ie. the
localhost address) only tells you the server is up and running and that you
can login using a user ID and password. If you tested from a remote location
and got a timeout then something is blocking TCP Port 22 (or whatever port
your listening on). Run the http://www.canyouseeme.org test from the SSH
server PC. If it fails you have a software firewall or something else
blocking incoming requests for SSH. Its always possible your home ISP blocks
TCP Port 22. Are you running the Windows Firewall or some other software
firewall on the SSH server PC? If so you need to configure that to allow SSH
incoming traffic.

http://theillustratednetwork.mvps.org/Ssh/WindowsFirewallSSHConfigPortandScope.JPG

http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexceptions.mspx

Also note that if your testing from an office/work location then its
possible the office/work network admins have blocked TCP Port 22 outbound.
If that is the case can you test from a friend or family members home?

If the canyouseeme.org test passes and you can't connect from a remote
location then its possible your calling the wrong public IP address for your
SSH server PC.

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
How to ask a question
http://support.microsoft.com/KB/555375
 
A

atomskamravka

Testing with PuTTY on the SSH server using the 127.0.0.1 address (ie. the
localhost address) only tells you the server is up and running and that you
can login using a user ID and password. If you tested from a remote location
and got a timeout then something is blocking TCP Port 22 (or whatever port
your listening on). Run thehttp://www.canyouseeme.orgtest from the SSH
server PC. If it fails you have a software firewall or something else
blocking incoming requests for SSH. Its always possible your home ISP blocks
TCP Port 22. Are you running the Windows Firewall or some other software
firewall on the SSH server PC? If so you need to configure that to allow SSH
incoming traffic.

http://theillustratednetwork.mvps.org/Ssh/WindowsFirewallSSHConfigPor...

http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfexce...

Also note that if your testing from an office/work location then its
possible the office/work network admins have blocked TCP Port 22 outbound.
If that is the case can you test from a friend or family members home?

If the canyouseeme.org test passes and you can't connect from a remote
location then its possible your calling the wrong public IP address for your
SSH server PC.

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program -http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
How to ask a questionhttp://support.microsoft.com/KB/555375
Click to expand...

Thanks for your replies, I really appreciate it.
My 'testing computer' is behind a firewall, that is why I've changed
the port to 80 (and to 443).
But I also tested the server from the same computer where the server
runs, and it does not connect to the server.
I've read somewhere that maybe I have to use DNS instead of IP
address. Can this be true?
Anyways, I will try testing it from canyouseeme.org as you advised me
as soon as I get home.
Thanks again, hopefully I'll get running it.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

XP Remote Desktop to Server 2003 via SSH tunnel failing (W2K OK) 2
Please Help with Remote Desktop! 3
Tunneling RDP over SSH 2
RDC can't connect to local port when using SSH on XP 1
SSH and Telnet not working (Vista) 8
RDP over HTTP Proxy 0
ssh sessions 2
XP + ssh + loopback = trouble %^) 1

Top