A Linux administrator is troubleshooting SSH connection issues from one of the workstations.
When users attempt to log in from the workstation to a server with the IP address 104.21.75.76, they receive the following message:
The administrator reviews the information below:
Which of the following is causing the connectivity issue?
The connectivity issue is caused by the server's firewall. The firewall rules shown in Server Output 1 indicate that several IP addresses, including 5.189.153.89 (which is the IP of the workstation attempting to connect), are being rejected for TCP connections on port 22. This prevents the workstation from establishing an SSH connection with the server. The sshd service on the server is active and running, as shown in Server Output 2. Hence, the correct answer is that the server's firewall is preventing connections from being made.
It's a Firewall issue, i'm picking `C`. Please note, it's easy to misread the title of the outputs, read carefully -i made the same mistake from `TheRealManish` contribution also... it reads: Server Output#1 Server Output#2 Server Output#3 Server Output#4 *NOT* Server #1 Output Server #2 Output Server #3 Output Server #4 Output Cheers!
OMG thanks so much! i totally missed the wording!! i was like why the F is it telling us all of these other outputs!
Thanks again, but im reading thru this and the firewall rejection is to reject with ICMP.. but instead it is rejecting with TCP reset. It seems like C is also wrong, but its way closer than all of the rest.
TCP/IP defines the kernel will send an ICMP message back with an "Port unreachable" message for UDP services, and TCP RST messages for TCP - REF: https://unix.stackexchange.com/questions/261360/icmp-port-unreachable-error-even-if-port-is-open So from what i can tell, TCP response from the server should be sending a RST not a ICMP "Port unreachable" message, thats for udp!
Glad we're working together, i figured you would have taken your test already and passed.
Server output 2 -> sshd "active (running)", so answer not B :-( Server output 1 -> port 22 being blocked from all sources ... firewall issue Everything else looks fine
MODS, I think i might have hit the flag button by accident, please disregard . the output says we are connecting to the server ending in .76. Thats server 3. so we ignore all of the output for server 1,2,4. All we know about 3 is that it has an IP address. If a service is not running on a machine, it will send a connection refusal..
From the provided outputs and error message, the connectivity issue seems to be caused by the server's firewall configuration. Specifically, Server Output 1 shows that the firewall on the server is configured to reject SSH connections (port 22) from several IP addresses, including 5.189.153.89, which matches the IP address of the workstation.
This statement on Server output 2: "Active: active (running) since" means that even tho the service did not load at startup, it has been manually started, manually starting `sshd`: ❯ sudo systemctl start sshd ❯ sudo systemctl status sshd ● sshd.service - OpenSSH Daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2020-07-14 11:13:08 -03; 2s ago From https://bbs.archlinux.org/viewtopic.php?id=257365 That leaves the firewall issue as correct.
Comptia is famous for these gotcha questions. C is probably correct, but B is probably the Comptia answer.
Firewall issue
As the question states the user tried to ssh from ONE of the workstations, and one of the workstations (Workstation 1) has an IP that is being rejected in the firewall with port 22 (aka ssh)
I selected "B" because if you take any service and DISABLE it, it will not work. In this case, ssh is disabled.
Yes the ssh service is disabled but as you can see it has been running, what that means is that the service does not start up automatically but needs the administrator to actively start it up, but the firewall drops the packets from port 22 and thus it is a firewall issue.
The server’s firewall is preventing connections from being made.
It seems like B to me.. as Server 3 seems to set the correct IP. receiving a reset packet back indicates a service is not running.
server output is telling you ssh is active and running, also, as you can see the firewall is rejecting all connections so this is clearly a firewall issue, definitely C
are you sure? it says we are connectiong to host 104.21.75.76. thats server 3. therefor the ONLY output we should concern ourselves with is the output from server 3. the server 3 output is super vague. no talk about firewall or ssh port. i wish we had a way to get together and review this stuff :)
disregard my comment here, apparently, I can't read lol.