[SOLVED] no route to host

[prahn]

Hi!

I am unsure, if this is a Proxmox problem or not, but I do not get it to work.

I have a VM running Rocky Linux, the firewall in Proxmox is off and also local iptables of the VM is set to let everything pass.
I can connect to the web service that the VM is running without a problem, but when I want connect via SSH I get:
"ssh: connect to host 192.168.1.8 port 22: No route to host"
Also SSH on the VM is correctly setup and is listening to port 22.

Is there any other network setting I can modify in Proxmox to make it work?
Does anyone have an idea?

Regards,
prahn

 

[ubu]

Do a tcpdump -ni any port 22 inside your VM and try to SSH into it. Check if you see incoming and or outgoing packets

 

[prahn]

Great, thank you.
Looks like the traffic arrives at the VM:



So, the problem is inside the VM??

 

[gfngfn256]

It would look like a Rocky Linux / VM issue.

What does this show inside VM:

sudo systemctl status sshd

 

[prahn]

This is looking fine:

 

[prahn]

iptables is also "open":



I even added an extra entry for SSH, but this does also not help...

 

[gfngfn256]

By default Rocky Linux (like most distros) blocks root access from SSH. Have you tried using the correct user to access or by overriding with the PermitRootLogin yes

 

[prahn]

By default Rocky Linux (like most distros) blocks root access from SSH. Have you tried using the correct user to access or by overriding with the PermitRootLogin yes

Yes, I already actived RootLogin via Password!
Also doing SSH with a different user also brings "no route to host".

 

[gfngfn256]

Hmm.. Can you ping the VM. Can you SSH & ping from the VM to another host?

 

[prahn]

Yes, Ping to the VM works without a problem. Also the Webservice on the VM is running fine.
I tried to SSH from the VM to another machine, no problem at all. Also Ping does work.

 

[gfngfn256]

Can't help you much here - don't use Rocky Linux - but are you sure you are using iptables at all - maybe you are on firewalld . See here. You probably know more about this than me, I assume.

 

[ubu]

watch your syslog for blocked / dropped packets:


journalctl -f

while trying ssh connection.

Also can you connect from the rocky linux instance to itself?

user@rocky:# ssh -v 192.168.1.8

 

[ubu]

watch your syslog for blocked / dropped packets:


journalctl -f

while trying ssh connection.

Also can you connect from the rocky linux instance to itself?

user@rocky:# ssh -v 192.168.1.8

Also Output from ss -tlpen

 

[prahn]

Can't help you much here - don't use Rocky Linux - but are you sure you are using iptables at all - maybe you are on firewalld . See here. You probably know more about this than me, I assume.

Great, that was the problem. iptables is installed but finally firewalld is used.
Great, thank you for your help!