Help -- can't SSH into my box
John Aldrich
jmaldrich at yahoo.com
Tue Jan 6 14:55:31 UTC 2009
Quoting Chris Snook <csnook at redhat.com>:
>
> I'm curious to know what, if anything, appears in /var/log/messages and
> /var/log/secure when you attempt to ssh in, as well as what appears
> when you successfully scp in.
>
Initially, nothing was appearing in /var/log/secure. However, I did
eventually find out that my DHCP wasn't handing my box the IP address
I was expecting it to, so I fixed the statically-assigned entry in my
DSL router for my box and I was able to SSH in from the LAN. When I
did that, it showed the expected entry in /var/log/secure. I also saw
some hack attempts from an unknown IP (NOT the IP I was coming in from.)
>
> Also, the fact that you're running sshd on a non-standard port implies
> that you've edited /etc/ssh/sshd_config. Could you try the default
> sshd_config, just for comparison? It's entirely possible that you're
> doing something that should be valid, but that some other security
> policy (PAM, SELinux, etc.) doesn't correctly handle in the default
> configuration.
>
Hmm.. possibly. I compared it with the saved SSHD_CONFIG from my FC6
box (I copied it to my home directory before wiping and reinstalling)
and it *appeared* to be identical. Also, I'm running SELINUX in
"Permissive" mode (have I mentioned I *hate* SELINUX?!?!? <G>) since
there doesn't appear to be any way to disable it entirely. In any
case, I'll try that later...
I was able to briefly enter my box at home from work this morning, but
I got kicked out in less than a minute for some reason and have not
been able to get back in. I have also hard-coded my work IP in
/etc/hosts.allow. I got in on port 22, instead of the non-standard
port (which I prefer not to reveal here for security sake! <G>)
I'm not a total n00bie, but I'm not an experience sys-admin either. :-)
More information about the fedora-list
mailing list