Connection Refused on ssh

John J. Boyer director at chpi.org
Thu Oct 7 18:57:46 UTC 2004 

When I try ssh with -v I get a number of debug limes. the only one which 
seems significant is
sss_connect: needpriv 0

Thanks,
John


On Thu, 7 Oct 2004, Janina Sajka wrote:

> Aha. Reading the file was useful! <grin>
> 
> The usual Redhat way of running ssh is to do:
> 
> service sshd start
> 
> Of course you can also ask for status:
> 
> service sshd status
> 
> And you get to turn it on when booting with:
> 
> chkconfig --level 35 sshd on
> 
> These are particularly nice features of Redhat/Fedora systems. They do a
> nice job of managing provided services.
> 
> Rafael Skodlar writes:
> > On Thu, Oct 07, 2004 at 03:23:59AM -0500, John J. Boyer wrote:
> > > Hello,
> > > 
> > > I have a Redhat 8.0 system which I must access with ssh. ?However, 
> > > whenever I give a ssh command it says "Connection refused". How can I get 
> > > around this? Below is my sshd_config file, if anyone cares to look at it. 
> > > Thanks!
> > 
> > Your config file has a line ListenAddress commented out. Uncomment it 
> > and put IP number for interface you want to listen on. 0.0.0.0 means 
> > listen on all interfaces and IPs.
> > 
> > That should make a difference.
> > 
> > > 
> > > #	$OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $
> > > 
> > > # This is the sshd server system-wide configuration file.  See
> > > # sshd_config(5) for more information.
> > > 
> > > # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
> > > 
> > > # The strategy used for options in the default sshd_config shipped with
> > > # OpenSSH is to specify options with their default value where
> > > # possible, but leave them commented.  Uncommented options change a
> > > # default value.
> > > 
> > > Port 22
> > > Protocol 2
> > > #ListenAddress 0.0.0.0
> > > #ListenAddress ::
> > > 
> > > # HostKey for protocol version 1
> > > #HostKey /etc/ssh/ssh_host_key
> > > # HostKeys for protocol version 2
> > > HostKey /etc/ssh/ssh_host_rsa_key
> > > HostKey /etc/ssh/ssh_host_dsa_key
> > > 
> > > # Lifetime and size of ephemeral version 1 server key
> > > KeyRegenerationInterval 3600
> > > ServerKeyBits 768
> > > 
> > > # Logging
> > > #obsoletes QuietMode and FascistLogging
> > > SyslogFacility AUTH
> > > #SyslogFacility AUTHPRIV
> > > #LogLevel INFO
> > > 
> > > # Authentication:
> > > 
> > > LoginGraceTime 600
> > > PermitRootLogin yes
> > > StrictModes yes
> > > 
> > > RSAAuthentication yes
> > > PubkeyAuthentication yes
> > > #AuthorizedKeysFile	.ssh/authorized_keys
> > > 
> > > # rhosts authentication should not be used
> > > RhostsAuthentication no
> > > # Don't read the user's ~/.rhosts and ~/.shosts files
> > > IgnoreRhosts yes
> > > # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
> > > RhostsRSAAuthentication no
> > > # similar for protocol version 2
> > > #HostbasedAuthentication no
> > > # Change to yes if you don't trust ~/.ssh/known_hosts for
> > > # RhostsRSAAuthentication and HostbasedAuthentication
> > > IgnoreUserKnownHosts yes
> > > 
> > > # To disable tunneled clear text passwords, change to no here!
> > > PasswordAuthentication no
> > > PermitEmptyPasswords no
> > > 
> > > # Change to no to disable s/key passwords
> > > #ChallengeResponseAuthentication yes
> > > 
> > > # Kerberos options
> > > #KerberosAuthentication no
> > > #KerberosOrLocalPasswd yes
> > > #KerberosTicketCleanup yes
> > > 
> > > #AFSTokenPassing no
> > > 
> > > # Kerberos TGT Passing only works with the AFS kaserver
> > > #KerberosTgtPassing no
> > > 
> > > # Set this to 'yes' to enable PAM keyboard-interactive authentication 
> > > # Warning: enabling this may bypass the setting of 'PasswordAuthentication'
> > > #PAMAuthenticationViaKbdInt yes
> > > 
> > > X11Forwarding no
> > > #X11Forwarding yes
> > > X11DisplayOffset 10
> > > #X11UseLocalhost yes
> > > PrintMotd no
> > > PrintLastLog yes
> > > KeepAlive yes
> > > #UseLogin no
> > > UsePrivilegeSeparation yes
> > > #Compression yes
> > > 
> > > #MaxStartups 10
> > > # no default banner path
> > > #Banner /some/path
> > > #VerifyReverseMapping no
> > > 
> > > 
> > > # override default of no subsystems
> > > Subsystem	sftp	/usr/libexec/openssh/sftp-server
> > > 
> > > 
> > > -- 
> > > John J. Boyer; Executive Director, Chief Software Developer
> > > Computers to Help People, Inc.
> > > http://www.chpi.org
> > > 825 East Johnson; Madison, WI 53703
> > 
> > -- 
> > Rafael
> > 
> > _______________________________________________
> > Blinux-list mailing list
> > Blinux-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/blinux-list
> 
> 

-- 
John J. Boyer; Executive Director, Chief Software Developer
Computers to Help People, Inc.
http://www.chpi.org
825 East Johnson; Madison, WI 53703

More information about the Blinux-list mailing list