Networking :: No Sshd Access From Outside LAN?
Jan 19, 2011
I can't ssh into my Dad's machine. He can ssh in from another computer on his network, but I can't get in across the internet. I thought we had port forwarding set up correctly on his router. (Westell 327W running verizon software - sshd application, port 22 to port 22, tcp).
I can exchange keys with his server but I get. "Permission denied, please try again" when I try and login. An nmap scan (with -PN option) on his IP shows the open port.
PORT STATE SERVICE
22/tcp open ssh
View 8 Replies
ADVERTISEMENT
Sep 28, 2010
I have a site in India that needs to be accessed by our offices round the world. I have added AllowUsers lines for the static IP's in those offices. However, we also have a couple of people who travel and don't have static ip's. Is it possible to enable both AllowUsers for the offices and have certificate access for the others?
View 1 Replies
View Related
Mar 31, 2010
I'm having a problem with my ubuntu 9.10 machine. I can ssh out of the computer, but not in. I have /etc/init.d/ssh, but not /etc/init.d/sshd - don't know if this is normal If I run /etc/init.d/ssh status I get: robot@cora:~$ sudo /etc/init.d/ssh status * could not access PID file for sshd
If I run /etc/init.d/ssh restart (or stop then start) then I can ssh both ways. But I cannot get this to work automatically at boot. The machine is going to be in a remote location, so I need the ability to ssh INTO it after reboot, which I don't have. I have confirmed that start files are located in /etc/rc3.d/S16ssh
I've uninstalled and reinstalled openssh-server (via "apt-get remove openssh-server" and "apt-get install openssh-server") and this did not help. There are both /etc/ssh/ssh_config and /etc/ssh/sshd_config files that look like they are standard (compared to what I've found from web searches). /etc/init.d/ssh is also standard.
View 8 Replies
View Related
Nov 4, 2010
Quick explanation about what this thread is: by way of an article featured on linuxtoday, I learned about what appears to be an actively managed IP blacklist: [URL]
# This is a compiled list of dirty hosts associated with
# bruteforcing attempts, spam, botnets, RBN and the list
# continues to grow. The data is comprised of information
# compiled from Arbor Networks, Project Honeypot, FIRE
# (maliciousnetwork.org), Host Exploit, Shadowserver and
# a variety of other similarly based sites.
Quick explanation about what this thread is not: this is not intended to be a discussion about default deny vs. default allow (i.e. whitelists vs. blacklists), nor is this a call for enumerations of your own sshd hardening strategy. Please try to keep on point. That said, can anyone speak to the quality of the blacklist information noted above? And/or are there any suggestions for a readily available blacklist of "known better" quality? I plan to try including an actively maintained blacklist like this into a multi-layered approach for hardening an sshd bastion host.
View 4 Replies
View Related
Mar 6, 2010
I'm trying to setup ssh access on my Fedora 12 laptop. I get the following error message in /var/log/secure when I try to login from another machine using ssh and the login is denied:
Code:
sshd[3025]: error: Could not get shadow information for <user>
sshd[3025]: Failed password for <user> from <ip> port <port> ssh2
If I do a 'setenforce 0' I can login and no error is logged.
View 10 Replies
View Related
Jan 6, 2010
I've started to get segfaults in sshd when trying to connect. There has been no reboot and (until I restarted the sshd to try to fix the problem) there was still another ssh session connected.
The log messages:
Code:
==> kern.log <==
Jan 6 21:33:38 shuttle kernel: [ 1928.611128] sshd[9548]: segfault at bf30e534 eip b7f51b4c esp bf30e510 error 6
==> auth.log <==
[Code]....
View 1 Replies
View Related
Jan 7, 2011
can't seem to get sshd to bind on a remote interface.When I attempt to connect, I get an instant "unable to connect to host."
Code:
$ cat sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
[Code]...
View 3 Replies
View Related
Feb 19, 2010
is it possible to specify differnt settings for ssh depending on where somone is logging in from basically i want PasswordAuthentication yes when someone is logging in from 192.168.*.* but set to no when logging in from anywhere else
View 1 Replies
View Related
Jul 11, 2011
I want to make sure sshd service will start after a server reboot. On redhat or centOS I can do "chkconfig sshd on". What's the equivalent command for ubuntu?
View 1 Replies
View Related
Aug 8, 2010
I have installed Fedora 13 and updated it. I simply cant use ssh to connect to this Fedora, not even locally. I have enabled port22 in firewall settings and nothing. Tried to disable firewall completely and nothing. I have disabled SELinux (not sure if it has something to do with this, but... ) and nothing. Entered "ALL: ALL" in /etc/hosts.allow and still nothing. Dont know what to do anymore.
Here is what happens when I try to ssh to this machine, even from it:
[flibio@surf ~]$ ssh localhost
warning: Need basic cursor movement capability, using vt100
flibio's password:
Authentication successful.
Disconnected; connection lost (Connection closed.).
Connection to localhost closed.
[flibio@surf ~]$
Looking into Services > sshd and it says "This service is dead."
So I tried:
[root@surf etc]# service sshd restart
Stopping sshd: [FAILED]
Starting sshd: : OpenSSH_5.4p1 on
: FATAL: Creating listener failed: port 22 probably already in use! .....
And still I get disconnected whenever I try to ssh to this machine from anywhere. Services says that sshd is allways dead, even restarting it but I can only restart it by doing a pkill sshd before.
View 7 Replies
View Related
May 19, 2011
Somehow the -D option got tacked on to my sshd when I start up. How do I remove the -D option when sshd is started at boot? I'm guessing I need to edit something in /etc/init.d but not sure what. I checked System->Preferences->Startup Applications and the ssh server daemon isn't listed there. And since it is a command line option /etc/ssh/sshd_config is of no help.
View 2 Replies
View Related
Nov 17, 2010
I have recently set up two machines with F14 and on both, I am completely unable to make remote login via SSH work. openssh-server is installed and seems to work well:
I have already worked for hours on the problem now, using Google and trying numerous things, and still could not find any solution. On my other machine, which still uses F13, remote login works just fine. Is there any change in the default behaviour of the sshd I am not aware of? I would really appreciate your assistance!
View 14 Replies
View Related
Feb 5, 2011
I just upgraded from FC 13 to FC 14. I run an ssh server on a port in the 3000s (call it 3xxx, to protect the innocent). When I try to start sshd with the "Port 3xxx" option in sshd_conf, I get the following error in /var/log/secure
sshd[5104]: error: Bind to port 3xxx on 0.0.0.0 failed: Permission denied.
sshd[5104]: error: Bind to port 3xxx on : : failed: Permission denied.
I did not use to have this problem in FC 13. how I can give sshd the necessary permissions now?
View 2 Replies
View Related
Jun 12, 2009
I've been running a Samba server under RedHat 8 for five years without a hiccup. I want to cut over to a F10 box but cannot get shares accessible. smbclient attempts fail over NT password error. SELinux is disabled. Server is visible on the network. Users require no password access to shared data.
smb.conf follows:
# Samba config file created using SWAT
# from UNKNOWN (>)
# Date: 2009/06/12 14:15:15
[code]....
View 1 Replies
View Related
Dec 31, 2010
I managed to configure my W890i phone to get access to internet through an ubuntu-based computer. It's very easy to use the phone to give internet access to the computer, but the opposite is quite more tricky. For that I've done the following
----On the phone---
-Set the USB network option to "through computer", so that the phone uses the computer's internet connection and not the opposite.
-Decide and set "Shared Network" parameters: user, pasword and workgroup.
-In "conectivity-> internet connection" set "allow local network" to "yes"
----On Ubuntu 10.04---
-Install samba, samba-client, smbfs, smbclient, firestarter and dhcp3-server
-Configure Samba (System-> Administration-> Shared folders): same workgroup as in the phone, add new user (the phone), passwd this new user. In my case the user was called "w890i" and the password given was the same.
-Once the phone is connected to the computer through USB (then select "phone mode"), a new connection appears in NetworkManager: usb0.The aim is to create a shared network that gives internet access to this device. Edit the IPv4 parameters of this new connection, set them to Manual and give an IP adress (192.168.0.1) and a subnet mask (255.255.255.0); the rest of the fields are left empty.Connect this network.
-Set firestarter to use dhcp3: sudo ln -sf /etc/init.d/dhcp3-server /etc/init.d/dhcpd
-Launch firestarter and follow the wizard. Set "allow internet shared connection", choose the device for the primary internet access, and then the device for the shared network (usb0). Then change the settings for firestarter: activate DHCP for local network, set IP to the one we gave before (192.168.0.1).
-Open dhcp3-server config file sudo gedit /etc/default/dhcp3-server And set INTERFACES="usb0"
-Set the policies of firestarter: in incoming connections, allow connections from the IP adress given to the phone (192.168.0.1). Then add rules for the ports that need to be open for this connection. I opened HTTP, HTTPS, SMB, SMTP, POP3, IMAP, IMAPS, DHCP for all the connections in the local network.
-Apply policies and start the firewall.
------------
After all this, the phone can access the internet through the computer. Two problems appeared:
1. I couldn't get access to https sites, like webmails. The phone gave a "communication error". But then I tried with Opera instead of the browser built in the phone's firmware, and I could finally get to https sites.
2. I couldn't retrieve mail, neither POP nor IMAP nor IMAPS. I thought it was a firmware problem again, and I tried out several mobile phone email clients written in java, but none of them worked.
So this is at the moment the problem. If I connect from the phone to the internet directly through 3G, the email clients work for all my accounts. I don't think it's a firewall problem, because the ports are opened for this connection
View 3 Replies
View Related
Jul 6, 2011
I connected my laptop running with Ubuntu 11 in the LAN but I couldn't access internet.But I could ping to the other computers connected in the LAN. I tried the same thing with windows 7 in the same laptop and I could access internet.
View 1 Replies
View Related
Aug 4, 2009
I have a linux domain (FEDORA CORE 1) and two laptop's which are part of my domain with windows xp pro service pack 2.I have given two ip's to both the laptop's being primary as global and secondary as local.I have configured printer in one laptop and shared.Till last week i was accessing that shared printer from my other laptop and every thing was working fine.Last week i formatted one laptop,(which dose not have shared printer) from then onwards i am not able to access my other laptop. I get the following message when i try to accessmy other Laptop,"you might not have permission to use this network resource. contact the administrator of this server to find out if you have access permission there are currently no logon servers available to service the logon request"P.S : If i have only local IP i am able to see both the systems and i am able to access my printer, this problem comes only when i add global IP to both the machines.And also i have stopped the firewall and other things.
View 1 Replies
View Related
Jun 25, 2010
The system in question is using Mint 9, but the forums there aren't as active and since its Ubuntu based I didn't think it would be a concern bringing my problem here. If this is an issue, apologies, lock the thread and I'll head over to the Mint forums.So I have an SSH server running on the system, but I only like to have it running at certain times, so I removed it from the rc scripts using the command: sudo update-rc.d -f ssh remove.
Anyway, later I found that SSH was turning on at boot time anyway. I checked the rc scripts manually and couldn't find reference to it. I then tried to stop the process using the command: sudo /etc/init.d/ssh stop which reported that it was working, but after checking the processes and consulting syslog I found that it was re-spawning after I had told it to stop.I found 2 ways to stop the process without it re-spawning:sudo initctl stop sshand sudo service ssh stopSo whilst I can turn it off at each boot, or script it to shutdown at login, I'm still wondering why update-rc.d isn't working
View 3 Replies
View Related
Jul 1, 2010
I have latest openssh-server. you know the classic star/stop scripts:
sudo /etc/init.d/ssh start/stop
But when I wrote this stop command, everything looks good, except sshd was still running. I looked into script it uses start-stop-deaemon to kill through pid. The script always kills process, but immediately, new process of sshd was emerged (by it self - with new process ID)! I don't get it. I'm sick of my not understanding of the proglem! The new process of sshd has parent with id 1 (init). How is this possible? How does it come, that ssh can not be turn off and nobody has noticed or complain about it?
After 2 hours of googling I managed to find this command:
sudo service ssh stop
and ssh finally got killed. Yeahh! After issuing this command /etc/init.d/ssh start/stop work correctly. But only to restart of system. Is this some king of super-uber command and we should not user /etc/init.d/ scripts anymore?
The strange thing is, ssh is run by itself after system start-up (without being in /etc/rc...).
View 2 Replies
View Related
Jul 7, 2010
I see in /etc/init/ssh.conf that sshd is designed to start on filesystemstop on runlevel SI understand that runlevel S is single user.Which says to me that sshd is not stopped on shutdown (runlevel 0).Also, sshd is in /usr/sbin/sshd and furthermoresudo lsof -p <sshd_pid>shows that it uses lib files in /usr/lib.So, my question is, if sshd is not stopped on shutdown YET sshd uses files in /usr, then how can/etc/rc0.d/S40umountfsever successfully umount /usr during shutdown when /usr is on its own partition? sshd should still be using the files, meaning the file system is busy. right?Yet, I'm pretty sure that my shutdowns used to complete successfully. (Edit : I guess they didn't - see next post)
View 2 Replies
View Related
Feb 22, 2011
I've got Fedora 14 running on an EBS volume on Amazon EC2. I've created a few users and enabled port 22. When I set a password for these users, they can successfully ssh into the instance; even if they logout and login again....until:
If I reboot the machine, they can no longer ssh into the machine (permission denied). If I issue the passwd <user> command and change their passwords, they can login again....until I reboot the machine at which time they cannot login again until I change their passwords. The problem exists even from the machine. That is, if root attempts to ssh into 127.0.0.1 using their username/password, the same problem/resolution exists.
View 2 Replies
View Related
Jan 22, 2011
How do I get SSHD to log EVERYTHING to it's own log file? I tried this in sshd_conf:
SyslogFacility SSHDLOG
LogLevel DEBUG
View 3 Replies
View Related
Jun 30, 2010
i installed it, but every time i start my system, sshd is running, but i can't find out where it's startup entry is located.Code:ls /etc/rc*.d | grep sshreturns nothing, which indeed is true, 'cause i removed the links from the runlevel directories. i checked the rc.local file which is empty and never added a line anywhere to start the ssh daemon explicit.i'm using the latest ubuntu with updates and everything (at least i think so). in my gnome startup application preferences the only thing related to ssh is the ssh key agent. but if i deactivate it, sshd still startsup.
Code:
sudo update-rc.d -f ssh remove
didn't helped either
[code]....
View 9 Replies
View Related
May 17, 2011
How to separate sftp and ssh and run on different ports.
i.e.
a) sftp on port x
b) ssh on port 22
I searched from the web and there are no detailed instructions. They suggested something like separating sshd_config into two files (file A and file B) and run two instances. Each instance points to its configuration file.
However, they didnt write down the detailed procedure of:
a) how to modify file A and file B (i.e. which line should insert specific commands)?
b) how to run two instances?
c) how to point each instance to its config file.
I am using Linux CentOS and the latest open-ssh.
View 4 Replies
View Related
Oct 14, 2010
I have just built my first ever Linux desktop, using VM Ware and it is running Ubuntu 10.10. I wish to try and use SSH to contact the machine but I don't believe the SSHD is running.
I have done a grep for SSHD shows nothing and have checked the Synaptic Package Manager and can see an openssh-client version 1:5.5.p1-4ubuntu is currently installed.
On Solaris, you can start SSH by typing /etc/init.d/ssh start but when checking /etc/init.d on Linux, there is nothing in there called SSH so am unable to restart it.
I just want to have the SSH running on the machine.
View 3 Replies
View Related
Jun 29, 2011
I have a Redhat fedora core release 6 (2.6.22.9-61.Ns4) server and form time to time ssh fails although I am still able to ping the device and with a reboot the device will start working correctly so upon further investigation it appears the sshd daemon fails.Not knowing a great deal about Linux I thought I would ask some advice on the path I am thinking of taking. The first would be to put an entry in the cron to try and start the ssdh every hour or so. Would this cause issues in the long term run it multiple times when the sshd daemon was still running?
The Second though I had was having a bash script to check if the process was running and if not restarts it and if it was just exit the program which would seem like a neater way to do it but this is where my limited Linux knowledge hits a wall so was looking for suggestion on how to implement this?
View 5 Replies
View Related
Mar 7, 2010
I have openSSH installed and wish to log on to my Centos container (hosted by switchlinck.co.uk) from my Windows PC using putty. I can log on fine using by entering my username and password, but wish to use an rsa key to log on without a password. I have managed to create the keys with putty, and ammended them to work with openSSH. However, I am unable to find the authorized_keys file to put the key into. SSH is running but that file does not exist in /etc/ssh. When I read different how to sites for this, they all point towards ~/.ssh. I do not have a .ssh directory anywhere on the system. I have tried creating different users but still can not find this directory.
View 2 Replies
View Related
Sep 20, 2015
When i login on localhost with pubkey-auth, i get the following in my log
Code: Select allSep 20 12:42:27 aldebaran sshd[19745]: Accepted publickey for root from 127.0.0.1 port 37520 ssh2: RSA 45:4e:27:4d:30:f5:3d:25:10:d0:92:88:53:77:1a:3b
Sep 20 12:42:27 aldebaran sshd[19745]: pam_unix(sshd:session): session opened for user root by (uid=0)
Sep 20 12:42:27 aldebaran systemd[19757]: pam_unix(systemd-user:session): session opened for user root by (uid=0)
Sep 20 12:42:27 aldebaran systemd-logind[585]: New session 70 of user root.
Sep 20 12:42:27 aldebaran systemd[19757]: Starting Paths.
[code]....
View 1 Replies
View Related
Oct 13, 2010
I set up a debian lenny in vmware on my windows machine. The network interface is set to bridged, so the virtual machine is connected directly to the university network i am connected to. I want to be able to ssh into the vm.I installed sshd via "apt-get install ssh", generated a key pair with puttygen and copied the public part to "/home/user/.ssh/authorized_keys", set rights to 600 and then tried to disable password authentication completely, following the "securing debian" documentation.this is how my /etc/ssh/sshd_config looks now:
# Package generated configuration file
# See the sshd(8) manpage for details
# What ports, IPs and protocols we listen for
[code]...
View 7 Replies
View Related
May 30, 2010
I tried recompiling a new kernel yesterday (2.6.34) on my debian sarge box, but I ran into multiple difficulties. These difficulties forced me to do a double dist-upgrade to lenny. The new kernel was (seemingly) compiled without any hiccups, and I ran dpkg -i on both the image and the header debs. They didn't install properly into grub, but I think I managed to fix that manually.Next thing I did was rebooting the server. It refused to come back up. Luckily my ISP has recovery tools, so I managed to switch back to the old kernel. It boots just fine with that kernel, but the problem is that there is no ssh daemon running! I can access it through ftp and do limited jobs through php, but nothing big, as I have no root access.Now, enough backstory. My question is: How can I install openssh-server onto the server remotely? I cannot access the server personally, as the server is in a completely different country.
View 14 Replies
View Related
