Re: cannot ssh from outside network



Paula, on 137.131.252.71 machine check /etc/hosts.deny and /etc/hosts.allow
files.
If they contain only comments at the beginning of each file, TCP wrappers
are not your problem.
However, if they have entries in them, /etc/hosts.deny might ressemble
something like:

in.telnetd: ALL
in.ftpd : ALL
sshd : ALL
syslog : ALL

which denies access to four daemons from any remote machine. To get around
this, you use /etc/hosts.allow file, with explicit entries for
hosts that need access to particular daemon. In your case:

sshd: 192.42.82.56

As far as firewall goes, I'd say yours is letting that stuff through, since
the error received is ssh specific reply.

V

On 8/4/06, Paula J. Lindsay <paula@xxxxxxxxxxx> wrote:

Thank you for your responses. Can you tell me how to check the TCP
wrappers?
Also, I am new to linux (been on SGIs for ten years). Can you tell me
how to
check to make sure the firewall is letting ssh traffic thru?
Many thanks,
Paula

Vladimir Kosovac wrote:

> Did you check TCP wrappers on 137.131.252.71? (hosts.deny / hosts.allow)
> Also, as others suggested, make sure firewall lets through ssh traffic.
>
> V
>
> On 8/3/06, Manuel Arostegui Ramirez <manuel@xxxxxxxxxxxxxx> wrote:
>
>>
>> El Jueves, 3 de Agosto de 2006 01:11, Paula J. Lindsay escribió:
>> > Hi,
>> > I have a redhat 9 box.
>> >
>>
>> You should upgrade your box, RH 9.0 is quite old.
>>
>> > I tried to connect to the redhat 9 box from a machine outside our
>> network
>> > and got the following... 101 worf: ssh -l spooner 137.131.252.71
>> > ssh_exchange_identification: Connection closed by remote host
>> >
>>
>> Use ssh -l spooner 137.131.252.71 -v -v -v
>> In order to debug find out what's wrong in the autenthication proccess..
>>
>> > And the following packet capture from inside of our firewall
>> shows
>> > that born receives the connection and then refuses it with a Fin
>> packet...
>> > 15:51:13.740835 192.42.82.56.1401 > 137.131.252.71.22: S
>> > 15:51:13.744082 137.131.252.71.22 > 192.42.82.56.1401: S
>> > 15:51:18.821897 137.131.252.71.22 > 192.42.82.56.1401: F
>> >
>> > A connection attempt from within our network is successful.
>> Maybe
>> > this machine is treating hosts from outside of our 137.131 IP space
>> > differently? Can someone help me?
>> > Many thanks in advance.
>> > Paula
>>
>> Is that box behind a firewall? If so, take a look at those logs.
>>
>> Greetings.
>>
>> --
>> Manuel Aróstegui Ramírez.
>>
>> Electronic Mail is not secure, may not be read every day, and should
not
>> be used for urgent or sensitive issues.
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>

--
--*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
o The Paula J. Lindsay, IT Analyst III
/ Research Computing, TPC21
o Scripps phone: 858.784.9378
\ fax: 858.784.9301
o Research email: paula@xxxxxxxxxxx
/
o Institute
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



Relevant Pages

  • Re: I am having connectivity problems
    ... firewall and turned ON Windows firewall. ... When I tried to install SP2 I was unable to get it thru Windows Update. ... does the connection problem persist? ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Serious Security Issue in Windows XP SP2s Firewall
    ... Subject: AW: Serious Security Issue in Windows XP SP2's Firewall ... If you update a WinXP SP-1 with enabled Internet ... Connection Firewall ...
    (Focus-Microsoft)
  • Re: Still cant connect to RWW or OWA remotely
    ... No, I don't have a 3rd party firewall, and it's a pretty plain vanilla WinXP ... Connected to the network like the other workstations, ... I could go to any workstation and connect to them just fine. ... match the broadband connection, the two NIC firewall, the remote ...
    (microsoft.public.windows.server.sbs)
  • RE: Serious Security Issue in Windows XP SP2s Firewall
    ... file and printer sharing is available for network login from any network (I ... Internet Connection Sharing of the PC has to be disabled." ... Serious Security Issue in Windows XP SP2's Firewall ...
    (Focus-Microsoft)
  • Re: Big hole??
    ... > firewall then even they can't get in, ... > supposedly safe SP2 for Windows XP invites any Internet ... > Connection Sharing of the PC has to be disabled. ... > in fact is a common configuration and not a rare sight. ...
    (microsoft.public.windowsxp.general)