New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
SSH using IPv6?
How do I actiavte OpenSSH to use IPv6?
Whenever I try SSHing into a server using IPv6 it says...
ssh: connect to host 2602:ffea:a::cb1:d461 port 22: Network is unreachable
Use these options to restrict which interfaces/protocols sshd will bind to
ListenAddress ::
ListenAddress 0.0.0.0
Anything I need to do here?
Comments
No, if that is your config then SSHD is already listening on any interface/ip. Check with
netstat -taupe
if that is really the case. If so, then login viassh -6 <user>@<ipv6> -p22
. I guess you've not closed that port viaip6tables
?Edit: Assuming that the Listen[...] starts with # that are not shown here because of markdown.
There are # before each of those lines, the quote function on this board seems to have disabled it.
Yes I though so. Because with the # it tells OpenSSH to not just listen on one specific interface/ip, which is the standard-setting of the config-file.
Even without the # it says "ssh: connect to host 2602:ffea:a::cb1:d461 port 22: Network is unreachable"
I guess you gave OpenSSH a restart after the committed changes? And I guess you checked if it's really listening on any IPv6-IP? And I guess you checked that you don't have a firewall-rule in the way? (see above)
Ofc, because now you're disabling access completely. (you don't have a null-ip).
I restarted OpenSSH. I don't know how to tell if it is listening, and I don't have any firewall.
Just read my post.
Yep it is listening.
The lines in sshd_config are used for non default settings. So Listen with # in front of it tells sshd to use the default listening settings which as @skagarrek said is all interfaces and all IPs.
If you do ifconfig do you see the IPv6 address on the eth0 (venet0 on OpenVZ) device? Can you ping the v6 address and get a response?
Okay I need to close the port using ip6tables, don't know what that even means.
ping: unknown host 2602:ffea:a::e3f5:a96c
Anyone have any ideas?
ping6.
It looks like your client IPv6 is broken, network unreachable has a deeper background.
Silly question, but do you have IPv6 on your end or have an IPv6 Tunnel you are connecting to?
Also, make sure you're using the IPv6 command, ping6 vice ping, ssh -6 vice ssh, etc.
In the end it was just I am ignorant of IPv6, didn't realise a tunnel was required. Shame that no ISPs in the UK provide IPv6. Thanks for everyone's help, I'll use a tunnel.
Andrews and Arnold provide IPv6 and are a great ISP.
Wish BT would follow.
Also the entanet resellers, I have IPv6 with Aquiss.