First off.
Can you SSH into the machine and get a prompt?
Then I would look into other options that the remote server might have disabled for SSH connections.
And make sure your tcpdump version supports all options mentioned in the debug file.
Met vriendelijke groet / With kind regards,
Hugo van der Kooij
From: Wireshark-users <wireshark-users-bounces@xxxxxxxxxxxxx> On Behalf Of AllSort ofQuestions via Wireshark-users
Sent: zaterdag 19 januari 2019 18:44
To: wireshark-users@xxxxxxxxxxxxx
Cc: AllSort ofQuestions <allsortofquestions@xxxxxxxxx>
Subject: [Wireshark-users] Wireshark on Windows 10 -trying to sniff traffic on a remote machine via sshdump not working
I am trying to sniff the traffic on a remote Linux machine
The local machine is Windows 10 and the wireshark version is 2.9 (I also tried 2.6.6, latest obtained via Check for updates)
Here is what the debug file shows me when I use the sshdump interface
cmdline: C:\Program Files\Wireshark\extcap\sshdump.exe --capture --extcap-interface sshdump --fifo \\.\pipe\wireshark_extcap_sshdump_20190119121535 --remote-host 10.16.31.37 --remote-password XXXXXXXXXXX --debug true --remote-sudo true --remote-capture-command tcpdump -U -i ens160 -w- --debug-file debug.txt --remote-username minime --remote-interface ens160 Remote capture command has disabled other options
Running: tcpdump -U -i ens160 -w-
the firewall is inactive
using tcpdump at the remote end I can see wireshark trying to establish connection
using who shows me no user from my worskstation address..I think the session is not opening but I can't say what is wrong
thanks
