I can’t ssh into L5
What I did:
I installed openssh-server (it is up and running)
I enabled, from sharing, remote login
I connected to Wifi
ufw is not installed, i have iptables
I run sudo iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
When I’m trying to connect to the host I’m receiving no route to host (from qubes os, from sys-net - to skip firewall)
If I’ll try to ssh from terminal, from L5 itself, I can
Question: can I ssh into it via public IP?
For a start, just see whether you can ping the phone on its LAN IP address from another host on the LAN.
Then use the ss command on the phone to verify that there is something listening on port 22 on some IP address. Typical command might be: sudo ss -lntp | grep 22
I would start with iptables disabled on the phone (and hence ideally with the mobile connection killed).
You are kind of assuming IPv4 with the iptables command, so I am assuming that this is IPv4 only i.e. no IPv6.
ss command shows that is listening on port 22 (on all IPs 0.0.0.0)
I disabled iptables as well
ping is not working …
Ping on public IP is working, but ssh into it will not work as it will say connection refused
Try from a host that is not running Qubes.
I don’t have yet that option (only qubes on 2 laptops … and that’s it what I have at home)
Even my router has a “ping test” diagnostic. Is that an option for you?
Do you have another phone? On my hopefully one day phased out iPhone, I have the “Ping Lite” app, which can also do a ping test. (Output looks identical to that from the Linux ping command.)
You may also be able to do a standard Linux distro Live Boot on one or other of the laptops.
Bottom line is that until you can ping it is unlikely that ssh will work.
I’ll try with a live boot and came back with the results
thank you
Right now I’m from a live usb of PureOS
The ping still doesn’t work
Isn’t there a place where I should have a look as looks like something from the phone is blocking me
Maybe you have another firewall operating on your phone. Do you have firewalld installed? Have you checked nftables ?
No I don’t
Is the phone suspending?
When I’m trying to ping I’m keeping it open on terminal
I’m running out of ideas but one thing to try when ping A→B fails is to ping in the other direction i.e. ping the laptop (live booted) from the phone.
You can install and run tcpdump -n -i wlan0 to see if the ping packages reach your interface at all. Should similar look like yes (here for my tethered USB interface usb0):
root@pureos:/home/purism# tcpdump -n -i usb0
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on usb0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
14:12:47.994209 ARP, Request who-has 10.42.0.1 (32:1c:7f:6c:4c:c8) tell 10.42.0.18, length 28
14:12:47.994811 ARP, Reply 10.42.0.1 is-at 32:1c:7f:6c:4c:c8, length 28
14:12:47.994216 IP 10.42.0.18 > 10.42.0.1: ICMP echo request, id 59244, seq 0, length 64
14:12:47.995541 IP 10.42.0.1 > 10.42.0.18: ICMP echo reply, id 59244, seq 0, length 64
14:12:48.997210 IP 10.42.0.18 > 10.42.0.1: ICMP echo request, id 59244, seq 1, length 64
14:12:48.997771 IP 10.42.0.1 > 10.42.0.18: ICMP echo reply, id 59244, seq 1, length 64
14:12:50.001908 IP 10.42.0.18 > 10.42.0.1: ICMP echo request, id 59244, seq 2, length 64
14:12:50.002861 IP 10.42.0.1 > 10.42.0.18: ICMP echo reply, id 59244, seq 2, length 64
Yeah … after I realized the ping is not working in the other direction I started to remember that years ago I made some changes into my router 
I’m stupid …
It is working now
That’s one of the difficulties in trying to diagnose problems with someone else’s network via a forum. Noone here knows your network configuration better than you do. Anyway, glad that you got it working.
In some respects it may be helpful to outline what those changes were and how they interfered with ping / interfered with ssh - because I’m sure that someone else in the world can make the same mistake or overlook the same issue.