[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] can't ssh into server



>>I fooled around with it a bit more last night: Using the Security Settings GUI, if I turn the firewall off, then I can ssh into the box and thin clients can connect and boot. However, if I turn the firewall on, and using the Custom settings I allow incoming ssh, dhcp, www, and mail, I can still ssh into the box, but the thin clients seem to fail at the tftp stage; that is, they get an IP address, but then stall when downloading the kernel. To add insult to injury, Red Hat seems to have dumbed-down the Security Setting GUI in the change from 8 to 9: I'm running k12ltsp version 3.0.1, which is based on RH8, here at work, while at home (where I'm having the problem) I'm running k12ltsp ver. 3.1.1 which is RH9-based. On RH8, the Security Setting GUI has an additional field for allowing you to define specific ports for allowed connections; on RH9, there are just the five or six services like ssh, http, etc., listed, but no option for allowing specific ports to be open. In my case, I suspect that I need to allow connections to port 69 for tftp, but the ftp option in the GUI refers only to ports 20 and 21.

I use gShiled (iptables fw) because I can actually figure out how to configure it and tweak it. To me I haven't been able to tweak the built in firewall configuration tool provided by Red Hat - it seems to never show my old choices, it just always presents a fresh default set of choices. I don't operate that way, I like to have a config, test it, tweak a little, test again, tweak more, and repeat until I finally get it all like I want it. Why start from scratch each time you want to tweak your firewall -- or am I missing the "load old fw config" button somewhere (I just checked redhat-config-securitylevel and I still don't see it).

Here's my page which provides a link to gShield and my customizations I often do when installing gShield:

http://www.cpqlinux.com/gshield.html

Sincerely,
Richard Black





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]