cannot ssh from outside network
Vladimir Kosovac
vkosovac at gmail.com
Sun Aug 6 21:53:12 UTC 2006
Paula, on 137.131.252.71 machine check /etc/hosts.deny and /etc/hosts.allow
files.
If they contain only comments at the beginning of each file, TCP wrappers
are not your problem.
However, if they have entries in them, /etc/hosts.deny might ressemble
something like:
in.telnetd: ALL
in.ftpd : ALL
sshd : ALL
syslog : ALL
which denies access to four daemons from any remote machine. To get around
this, you use /etc/hosts.allow file, with explicit entries for
hosts that need access to particular daemon. In your case:
sshd: 192.42.82.56
As far as firewall goes, I'd say yours is letting that stuff through, since
the error received is ssh specific reply.
V
On 8/4/06, Paula J. Lindsay <paula at scripps.edu> wrote:
>
> Thank you for your responses. Can you tell me how to check the TCP
> wrappers?
> Also, I am new to linux (been on SGIs for ten years). Can you tell me
> how to
> check to make sure the firewall is letting ssh traffic thru?
> Many thanks,
> Paula
>
> Vladimir Kosovac wrote:
>
> > Did you check TCP wrappers on 137.131.252.71? (hosts.deny / hosts.allow)
> > Also, as others suggested, make sure firewall lets through ssh traffic.
> >
> > V
> >
> > On 8/3/06, Manuel Arostegui Ramirez <manuel at todo-linux.com> wrote:
> >
> >>
> >> El Jueves, 3 de Agosto de 2006 01:11, Paula J. Lindsay escribió:
> >> > Hi,
> >> > I have a redhat 9 box.
> >> >
> >>
> >> You should upgrade your box, RH 9.0 is quite old.
> >>
> >> > I tried to connect to the redhat 9 box from a machine outside our
> >> network
> >> > and got the following... 101 worf: ssh -l spooner 137.131.252.71
> >> > ssh_exchange_identification: Connection closed by remote host
> >> >
> >>
> >> Use ssh -l spooner 137.131.252.71 -v -v -v
> >> In order to debug find out what's wrong in the autenthication proccess.
> >>
> >> > And the following packet capture from inside of our firewall
> >> shows
> >> > that born receives the connection and then refuses it with a Fin
> >> packet...
> >> > 15:51:13.740835 192.42.82.56.1401 > 137.131.252.71.22: S
> >> > 15:51:13.744082 137.131.252.71.22 > 192.42.82.56.1401: S
> >> > 15:51:18.821897 137.131.252.71.22 > 192.42.82.56.1401: F
> >> >
> >> > A connection attempt from within our network is successful.
> >> Maybe
> >> > this machine is treating hosts from outside of our 137.131 IP space
> >> > differently? Can someone help me?
> >> > Many thanks in advance.
> >> > Paula
> >>
> >> Is that box behind a firewall? If so, take a look at those logs.
> >>
> >> Greetings.
> >>
> >> --
> >> Manuel Aróstegui Ramírez.
> >>
> >> Electronic Mail is not secure, may not be read every day, and should
> not
> >> be used for urgent or sensitive issues.
> >>
> >> --
> >> redhat-list mailing list
> >> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >>
>
> --
> --*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
> o The Paula J. Lindsay, IT Analyst III
> / Research Computing, TPC21
> o Scripps phone: 858.784.9378
> \ fax: 858.784.9301
> o Research email: paula at scripps.edu
> /
> o Institute
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list