Networking :: Single LAN Port Inexplicably Changes RSA Host Key
Feb 19, 2010
I am running several servers with multiple LAN ports. Two of the machines can communicate via two separate subnets to control bandwidth issues.
Machine 1: 10.0.0.1 (w/ additional alias 12.0.0.1)
192.168.1.1
Machine 2: 10.0.0.2
192.168.1.2
I see three separate intermittent symptoms on the 10.0.0.0 network.
1) Both machines will cut off in the middle of the data transfer (rsync) if it takes too long.
2) Both machines will claim that the RSA key host has changed on the other...this will happen every few minutes.
3) Both machines will, at times, disallow login from the other...ssh prompts for password but will not accept the password.
Performing any operation between the same machines via the 192.168.1.0 subnet has no issue (as of yet).From what I can see, the routing tables are set correctly. Machines were exact clones of each other. Machine 2 is a recently rebuilt machine with a fresh suse11 distro install. Symptoms on Machine 2 appeared immediately. I had this exact setup but reversed ip addresses before Machine 2 burned out without issue. All networks but the 12.0.0.1 are internal and there hasn't been any indication of attack.At times, running ssh-keygen -R <ipaddress> will fix issues 1-3, other times only 1-2.
View 2 Replies
ADVERTISEMENT
Jul 24, 2010
what I am trying to do is use an external transparent proxy for only one of the hosts on my internal network. For example, for an internal host of 192.168.1.8, I want to send all internet requests for ANY port to a proxy server out in the internet at 238.34.232.7 / port: 8080. All other hosts would use the internet without using any proxy server. Is IPTables the way to set this up or is there an easier option?
View 3 Replies
View Related
Jan 25, 2011
I have a slave node uploading all kinds of backups to my server in the internet. Now I would like to display the actual upload and download rate to this server (not the entire nic-traffic, any protocol) in a small php-page for easy monitoring.I had a look at quite some monitoring tools and the one which kind of offers what I am looking for is iftop with a filter on the IP of my server. As I would like to periodically update a file with the actual rates, an interactive program won't do. A possibility would be to filter the packages myself using but this seems to be quite a long shot.The optimal solution would be a program or script printing out the actual upload to a host specified in the options to STDOUT
View 3 Replies
View Related
Jul 24, 2010
I have searched for this quite a bit but my lack of knowledge of IPTables makes me doubt whether I have found a solution or not. I have very light experience with IPTables as well.So I thought I'd ask here.Basically, what I am trying to do is use an external transparent proxy for only one of the hosts on my internal network. For example, for an internal host of 192.168.1.8, I want to send all internet requests for ANY port to a proxy server out in the internet at 238.34.232.7 / port: 8080. All other hosts would use the internet without using any proxy server.
View 1 Replies
View Related
Aug 21, 2010
I have a linux router with 2 physical ISPs and a VPN tunnel that all my traffic passes through. I would like to setup a rule to redirect all traffic from one internal IP address (10.0.0.x) through the physical link only. My current script is as follows.
iptables -F
iptables -X
echo 1 > /proc/sys/net/ipv4/ip_forward
[code]....
My goal is to do something similar to the mangle on the tor traffic, but for an entire host.
View 2 Replies
View Related
Nov 15, 2010
Lets say i have two machines on public ips. If i get incoming traffic on machine #1 on port 55242 i would just like to forward it to machine #2 on port 35000.I would just like to use machine #1 same way as a dns server works. It just redirects the traffic and tells the client where to go.
View 6 Replies
View Related
May 12, 2010
Netstat has always confused me. I ype netstat -pl and get this:
Code:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost:ipp *:* LISTEN 1476/cupsd
tcp 0 0 localhost:postgresql *:* LISTEN 13816/postgres
tcp 0 0 *:44223 *:* LISTEN 1288/sshd
tcp6 0 0 localhost:ipp [::]:* LISTEN 1476/cupsd
tcp6 0 0 localhost:postgresql [::]:* LISTEN 13816/postgres
tcp6 0 0 [::]:44223 [::]:* LISTEN 1288/sshd
udp 0 0 *:bootpc *:* 1267/dhclient
I assume that *:* means that any foreign host can connect from any port, but then what does [::]:* mean? and localhost:ipp... what port is ipp? Shouldn't ports be numeric?
View 1 Replies
View Related
Dec 11, 2010
I cannot use GRsync from Ubuntu Desktop to PCLinuxOS laptop.The 2 computers can ping each other. I have disabled both firewalls. My laptop IP address is 192.168.1.11This is the error on Ubuntu Grsync:
ssh: connect to host 192.168.1.11 port 22: Connection refused
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(601) [sender=3.0.7]
Rsync process exit status: 12
On PCLinuxOS it wont say Ethernet is connected when trying a static address setup.However it does connect to the internet via auto Ethernet setup and a LAN cable. It then says connected. In order to use SSH and GRsync what programs are required? I have these installed on both machines: grsync openssh-client openssh-server
View 5 Replies
View Related
Jun 15, 2011
I am facing trouble to scp from server to to my local machine where as the vice-vesra is working fine.
The error is like below.
lost connection
View 4 Replies
View Related
Nov 27, 2010
I have my desktop computer (running F13) configured to accept ssh over port 22 via the firewall configuration tool. If I type ifconfig -a, this computer, which is running on my wireless network, tells me:
Code:
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
However, if I go to my laptop computer (also running F13) and try and ssh into the desktop, i.e. ssh icthy@192.168.1.100, I get this response:
Code:
ssh: connect to host 192.168.1.100 port 22: Connection refused.
I guess I am confused to what is blocking the connection? Is there another means on F13 other than the default Firewall? I haven't really messed with the network at all. For what it's worth, I am hoping to set things up so I can just ssh into the computer name, (ssh icthy@desktop) eventually, but want to start with the IP. So, can anyone offer a hint as to what I can look for that is blocking port 22?
View 3 Replies
View Related
Jul 29, 2010
I have a Windows machine on which NX Client has been installed. I wanted to test if I could access my Ubuntu box. The Ubuntu Box has NX Server, Node and Client installed. When I try to log in from the Windows machine using NX Client with my Ubuntu username and password I get an error connection refused.
The following service is running: OpenBSD Secure Shell server sshd How can I resolve the issue?
View 3 Replies
View Related
Jan 12, 2010
I can telnet (while on the actual machine) using
Quote:
telnet localhost 25
When I try and use the local machine's ip
Quote:
telnet 192.168.100.9 25
I get
Quote:
Trying 192.168.100.9...
telnet: Unable to connect to remote host: Connection refused
[Code].....
This last one is strange as I the IP looks odd.
What I am doing wrong, and how do I fix it. After much surfing many mosts say that telnet is not used anymore but I want to use it to test my smtp server.
View 9 Replies
View Related
May 4, 2011
I have installed ubuntu 11.04 and I'm now trying to connect to existing SUSE servers on the LAN. My home directory has a shared NFS mounted home on the SUSE servers while my home on the ubuntu machine is local. I can log in using ssh to all the SUSE servers except one. I get:
ssh: connect to host srv3 port 22: Connection refused
If I use the IP address of srv3 directly it works. Also, before I changed the default machine name ("ubuntu") I could log into srv3.
nslookup srv3 works OK.
ping srv3 works OK.
Even if I completely delete the .ssh directory in both my ubuntu home and in my shared home on the SUSE servers I still cannot log in using the srv3 name, only direct IP address works. I'm thinking that the login I did to srv3 before I changed the machine name for the ububtu machine must have goofed up something
View 2 Replies
View Related
Mar 28, 2010
After I applied below iptables rule.. I am unable to ping the host in 172.16.1.0/24 from OpenVPN client
View 1 Replies
View Related
Mar 9, 2011
I'm trying to ssh from my laptop to my desktop (both fedora 14) over a local network. I can ping my desktop and get responses, but if I ssh to it, I receive
ssh: connect to host 192.168.100.xxx port 22: No route to host
I can ssh from the desktop to itself.
View 4 Replies
View Related
Mar 10, 2011
is it possible using a perl script to test for a socket listening on a UDP port on a remote host ?I work in an environment where netcat is not allowed and from time to time I need to see if a UDP port is open on a remote host.
View 6 Replies
View Related
Feb 11, 2009
I'm trying to connect with my server via telnet, but when i sent the command (telnet xxx.xxx.xxx.xxx Port) doesn't works and shows then follow error: Unable to connect to remote host: Connection refused, It happens with any port. Is strange but my telnet services works (telnet xxx.xxx.xxx.xxx), In addition, i tried with firewall enabled and disabled and the problem still happens. My centOS run on virtualbox.
View 3 Replies
View Related
Jul 23, 2010
Right now I have a machine set up running Fedora. I have configured inittab to accept Console Logins, but I am having problems getting my netbook running PuTTY to connect. How would I go about finding the Host Name and Port to connect to?
View 6 Replies
View Related
Mar 31, 2011
I'm wondering what might be causing some VERY long delays when I move groups of files from one directory to another on the same drive. In the GUI, I simply multi(shift)select a few dozen items at once (a set of JPEGs previously downloaded from my camera) and drag them together from the source directory window (where I downloaded all the images from the memory card) into a new/empty folder/window specific to that group of images. Just routine sorting of files basically... Once I 'let go' ('dropping' the items into their destination) there's often a SURPRISINGLY long delay before I can do something else within the GUI... open another file, or rename an item, etc... This delay can take a few seconds to more than a minute (if moving a couple hundred files at once)... this 'wait' during such a routine 'housekeeping' task seems surprising to me. During these delays, I CAN open/use other programs such as System Monitor or a browser... it just seems that additional GUI/filesystem tasks must wait out the delay before proceeding. If I go ahead and try to do another filesystem task during the delay anyway, it gets buffered... the file won't open/next files don't get moved/etc... UNTIL the delay from the first operation is complete (updated item counts resulting from file moves aren't reflected in List View until the delay is finished too).
According to System Monitor (see image attachment for screen cap during one of these delays...) one CPU is pegged (the "gvfsd-metadata" process, which I guess corresponds to the file/move) and the other 3 cores are relatively idle, and there's plenty of free RAM/no swap. I'd have thought such a delay wouldn't be an issue with Ubuntu/my PC... maybe I have something set up incorrectly? Other clues: intermittently, during these delays/file operations, the GUI shuts down all open windows (folders)... as if the delays/buffered tasks caused some sort of reset. The hard drive is internal SATA formatted regular Ext4 and the Ubuntu on my PC is the 32-bit version since I figured my Dell is too old (about 4-5 years) to justify the 64-bit version. Like most folks, there are LOTS of files/folders on my drives, but I only have 3 file windows open at once most of the time, and am only displaying the item names and 'sizes'... no other columns. Nothing other than the 'move' itself is running at the time which could help explain the delay.
View 1 Replies
View Related
Feb 18, 2010
I want to do a simple port redirect, i.e. whatever comes trough whatever interface on port AAAA will get redirected to port BBBBI thought that iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport AAAA -j REDIRECT --to-ports BBBBhowever it doesn't work, e.g. nc -v -w2 -z localhost AAAA gives:
nc: connect to localhost port AAAA (tcp) failed: Connection refused
while
nc -v -w2 -z localhost BBBB
[code]....
View 10 Replies
View Related
May 7, 2010
I keep on getting intermittent ethernet failures using a Gigabyte GA-MA790FXT-UD5P 790FX motherboard with a built-in network card. This is a problem on all operating systems.After many intermittent failures I think I've finally found the solution; turn the PSU off, wait until the CMOS light goes off (about 15 seconds), then turn the PSU back on. It appears a bug with Linux where a setting on the firmware of the network card is occasionally incorrectly modified causing it to malfunction, when power is removed from the device the setting resets to default and normal functionality is restored.
View 9 Replies
View Related
Mar 6, 2011
Is there any limitation to the number of transactions through a single port if so then if we assign multiple port to that particular service then the performance is increased (what i suppose)
so: Is there any way to assign multiple Ports to a single service. like for a web server the main service is httpd or some thing like that to be running on the server and now if we assign multiple ports to that service then the performance increases.
View 2 Replies
View Related
Apr 5, 2011
How can I use one serial port for KGDB and console in 2.6 kernel
View 1 Replies
View Related
Jun 1, 2010
I have this intra net server project going on and now I moved to 10.04 however there are still some things that I would like to see clarification and instructions on. I am interested to set up multiple parallel websites for my apache server, however I am not sure how to do this exactly. Now I have solid address rivera.wippies.net and port 80 redirecting to my server. What I would like to get done is that I get multiple independent of each other websites for my server I was thinking of making websites like this
/var/www/site1 (which would be as rivera.wippies.net)
/var/www/site2 (which would be as rivera.wippies.net/othersite)
/var/www/site3 (which would be rivera.wippies.net/secondothersite)
etc, so that I have multiple "individual" websties for my server. Requirements would be that each of these websites could have SSL encryption as needed available too, since some of the website could have confidential information.
View 9 Replies
View Related
Sep 5, 2010
How to number of connections for a single ip on port 80 to CentOS 5.5 with iptables? connlimit did not work on CentOS and nginx does not provide a module for that
View 4 Replies
View Related
Apr 19, 2011
Just set up a virtual host on a different port: 50085. accessing this port always returns me to 'It Works!' page.
The setup:
1. added 'Listen 50085' in ports.conf
2. added a <VirtualHost *:50085></VirtualHost> the content are the same with the site that works with a <VirtualHost *:80>
3. /etc/hosts contains the ip address and the servername
4. apache server has been configtest ok and restarted.
Anything I forgot to configure? How to troubleshoot --> I don't get any data on error log file.
View 1 Replies
View Related
Oct 30, 2010
I have an Asterisk on an externally hosted vServer with Lenny. In order to further protect the SSH access I intended to change the Port number 22 to something like 55555. For this I changed the /etc/ssh/sshd_config file and restarted ssh. This caused unfortunately the following problems:
(1) The first login works but DenyHost writes now the IP in its list so that the second login with the same IP is blocked.
(2) With RESET_ON_SUCCESS = yes several logins were possible with the same IP, but later it also was blocked for some still unknown reasons.
(3) Files can be uploaded for being edited, but they can't always be saved. When they can't be saved the next login with this IP is blocked. It thus looks like the blocking can occur while being connected. When the files can't be saved it is however still possible to copy files from the computer to the vServer.
I add below the entries in the auth.log from a logout and a login. It shows further how suddenly the attempts to save files were blocked. After this session the IP used for it was blocked. I don't know where the message "Unable to open env file: /etc/default/locale" comes from. If I remember right I had these messages already before. I don't know how much that is really important.
[Code]....
View 4 Replies
View Related
Sep 12, 2010
I have become convinced that rsync for CentOS 5 is broken. I'm trying to set up automatic backups between 2 servers in 2 different countries using rsync under CentOS 5.I can get manual backups to work between the 2 servers by doing two things I shouldn't need to do, but automatic backups fail and I see no solution.Here are the problems I am encountering: According to the instructions I've read everywhere, I am to set up two configuration files:
/etc/rsyncd.conf
/etc/rsyncd.secrets
When I run rsync from root, it apparently just totally ignores these two files. No custom greeting, no log, no password used.
Even when I specify --password-file=/etc/rsyncd.secrets in the command line, it still ignores it. I am prompted and I must enter the password manually. Let me back up a moment. After first installing rsync, when I ran any command to access the root server, I get this error:
ssh: connect to host 111.222.33.44 port 22: Connection refused
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: unexplained error (code 255) at io.c(463) [sender=2.6.8]
I read everywhere that rsync uses port 873, not port 22 which is used for SSH. Why is rsync on CentOS trying to use port 22?I have SSH switched from port 22 to another port (let's call it 5432 here) and block port 22.So, I have added this to the command line:
--rsh='ssh -p5432'
Then I get a connection ...
... but it prompts me for my password. It doesn't matter that I have my username and password, same one, in /etc/rsyncd.secrets on both servers. It still asks.And it rejects my password!The only way I can get it to connect is by creating an SSH user on the remote server for this.Even then, rsync STILL prompts me for a password, even though:
1. the username and password are specified in the /etc/rsyncd.secrets files on both servers
2. I've added the command line parameter --password-file=/etc/rsyncd.secrets Therefore, it is totally impossible to use an any cron job or other automatic synchronization, under CentOS 5.
rsync -av --password-file=/etc/rsyncd.secrets --rsh='ssh -p5432' sourcefiles* rsyncusername@111.222.33.44:httpdocs/rsync
rsync -av --password-file=/etc/rsyncd.secrets --rsh='ssh -p5432' sourcefiles* 111.222.33.44:httpdocs/rsync
rsync -av --verbose --progress --stats --password-file=/etc/rsyncd.secrets --rsh='ssh -p5432' sourcefiles* rsyncusername@111.222.33.44:httpdocs/rsync
Yes, I have made sure that I have the latest rsync. I have run yum update for everything.Yes, I have double checked, triple checked, and quadruple checked my config files.
View 2 Replies
View Related
Mar 31, 2011
I am trying to connect an ipad to a windows xp virtual machine running in a linux (opensuse) host machine. VMWare reports that usbmuxd running on the host machine (opensuse) must first release the usb port so that vmware can open it in the guest (XP) vm. VMWare knows that I have physically connected an ipad and when I click "Connect" reports the error and then displays the port as "Connected" although according to ITunes diagnostics there is no such connection. I have the same problem connecting a usb flash drive to the guest vm. Is there a way I can manually disconnect the port from the opensuse host?
View 2 Replies
View Related
Feb 20, 2010
I am getting "ssh:connect to host restart port 22: Connection refused" error when trying to start "ssh" in Ubuntu. I uncommented the port 22 in ssh_config, I dont have iptables setup...Did try to check if the port is listening using the netstat -an | grep "LISTEN" & couldnt find.
View 9 Replies
View Related
