Re: cannot ssh from outside network



Paula, on 137.131.252.71 machine check /etc/hosts.deny and /etc/hosts.allow
files.
If they contain only comments at the beginning of each file, TCP wrappers
are not your problem.
However, if they have entries in them, /etc/hosts.deny might ressemble
something like:

in.telnetd: ALL
in.ftpd : ALL
sshd : ALL
syslog : ALL

which denies access to four daemons from any remote machine. To get around
this, you use /etc/hosts.allow file, with explicit entries for
hosts that need access to particular daemon. In your case:

sshd: 192.42.82.56

As far as firewall goes, I'd say yours is letting that stuff through, since
the error received is ssh specific reply.

V

On 8/4/06, Paula J. Lindsay <paula@xxxxxxxxxxx> wrote:

Thank you for your responses. Can you tell me how to check the TCP
wrappers?
Also, I am new to linux (been on SGIs for ten years). Can you tell me
how to
check to make sure the firewall is letting ssh traffic thru?
Many thanks,
Paula

Vladimir Kosovac wrote:

> Did you check TCP wrappers on 137.131.252.71? (hosts.deny / hosts.allow)
> Also, as others suggested, make sure firewall lets through ssh traffic.
>
> V
>
> On 8/3/06, Manuel Arostegui Ramirez <manuel@xxxxxxxxxxxxxx> wrote:
>
>>
>> El Jueves, 3 de Agosto de 2006 01:11, Paula J. Lindsay escribió:
>> > Hi,
>> > I have a redhat 9 box.
>> >
>>
>> You should upgrade your box, RH 9.0 is quite old.
>>
>> > I tried to connect to the redhat 9 box from a machine outside our
>> network
>> > and got the following... 101 worf: ssh -l spooner 137.131.252.71
>> > ssh_exchange_identification: Connection closed by remote host
>> >
>>
>> Use ssh -l spooner 137.131.252.71 -v -v -v
>> In order to debug find out what's wrong in the autenthication proccess..
>>
>> > And the following packet capture from inside of our firewall
>> shows
>> > that born receives the connection and then refuses it with a Fin
>> packet...
>> > 15:51:13.740835 192.42.82.56.1401 > 137.131.252.71.22: S
>> > 15:51:13.744082 137.131.252.71.22 > 192.42.82.56.1401: S
>> > 15:51:18.821897 137.131.252.71.22 > 192.42.82.56.1401: F
>> >
>> > A connection attempt from within our network is successful.
>> Maybe
>> > this machine is treating hosts from outside of our 137.131 IP space
>> > differently? Can someone help me?
>> > Many thanks in advance.
>> > Paula
>>
>> Is that box behind a firewall? If so, take a look at those logs.
>>
>> Greetings.
>>
>> --
>> Manuel Aróstegui Ramírez.
>>
>> Electronic Mail is not secure, may not be read every day, and should
not
>> be used for urgent or sensitive issues.
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>

--
--*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
o The Paula J. Lindsay, IT Analyst III
/ Research Computing, TPC21
o Scripps phone: 858.784.9378
\ fax: 858.784.9301
o Research email: paula@xxxxxxxxxxx
/
o Institute
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list