FTP Server
Rodolfo J. Paiz
rpaiz at simpaticus.com
Sun Apr 11 07:30:00 UTC 2004
At 18:38 4/9/2004, you wrote:
>Is port 22 open? check /etc/sysconfig/iptables
I can't help you much right now, but later, when you succeed in connecting
I have two suggestions:
* Make sure that in /etc/ssh/sshd_config you allow only Protocol
2. Do *not* allow Protocol 1, since they have found weaknesses in it and it
can be cracked. Of course you will also have to be sure that your SSH
client uses Protocol 2 as well.
* Set PermitRootLogin to no, then login as yourself and "su -" to
root. This makes it harder for an attacker, since they'd have to learn or
guess your username and password, then get into the system as you, then
learn or guess the root password.
For the moment, let me suggest that you post the following information:
From the machine acting as an SSH server:
1. The output of "chkconfig --list | grep ssh"
2. The output of "service sshd status"
3. The output of "service iptables status"
4. The output of "iptables -L"
5. The contents of /etc/hosts.deny and hosts.allow
6. The contents of /etc/ssh/sshd_config
7. The output of "cat /etc/redhat-release"
8. The output of "rpm -qa | grep ssh"
9. The username to which you want to connect
10. The contents of /var/log/messages and /var/log/secure. ONLY
for the minute or two when you try to connect, please... do not send 500
lines of random logs!
11. Is there a possibility that some other machine in the middle
could be blocking SSH traffic? A network firewall? The network
administrator? Your Internet Service Provider? You have not mentioned
whether the client machine is on the same network as the server, or whether
there are routers/firewalls/anything between them.
If you ask a better question, with more detail, you can get help that is
more accurate and is also quicker. At this point, all we really know is
that your server is also an FTP server! (And that doesn't help much.)
Cheers,
--
Rodolfo J. Paiz
rpaiz at simpaticus.com
http://www.simpaticus.com
More information about the redhat-list
mailing list