FTP Server

Rodolfo J. Paiz rpaiz at simpaticus.com
Sun Apr 11 07:30:00 UTC 2004 

At 18:38 4/9/2004, you wrote:
>Is port 22 open? check /etc/sysconfig/iptables

I can't help you much right now, but later, when you succeed in connecting 
I have two suggestions:

         * Make sure that in /etc/ssh/sshd_config you allow only Protocol 
2. Do *not* allow Protocol 1, since they have found weaknesses in it and it 
can be cracked. Of course you will also have to be sure that your SSH 
client uses Protocol 2 as well.

         * Set PermitRootLogin to no, then login as yourself and "su -" to 
root. This makes it harder for an attacker, since they'd have to learn or 
guess your username and password, then get into the system as you, then 
learn or guess the root password.

For the moment, let me suggest that you post the following information:

 From the machine acting as an SSH server:

         1. The output of "chkconfig --list | grep ssh"

         2. The output of "service sshd status"

         3. The output of "service iptables status"

         4. The output of "iptables -L"

         5. The contents of /etc/hosts.deny and hosts.allow

         6. The contents of /etc/ssh/sshd_config

         7. The output of "cat /etc/redhat-release"

         8. The output of "rpm -qa | grep ssh"

         9. The username to which you want to connect

         10. The contents of /var/log/messages and /var/log/secure. ONLY 
for the minute or two when you try to connect, please... do not send 500 
lines of random logs!

         11. Is there a possibility that some other machine in the middle 
could be blocking SSH traffic? A network firewall? The network 
administrator? Your Internet Service Provider? You have not mentioned 
whether the client machine is on the same network as the server, or whether 
there are routers/firewalls/anything between them.

If you ask a better question, with more detail, you can get help that is 
more accurate and is also quicker. At this point, all we really know is 
that your server is also an FTP server! (And that doesn't help much.)

Cheers,


-- 
Rodolfo J. Paiz
rpaiz at simpaticus.com
http://www.simpaticus.com

More information about the redhat-list mailing list