[opensuse] Getting SSH to Work
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.) How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Rick Bilonick wrote:
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
tcptraceroute could tell you where the packets are being dropped. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 2008-06-03 at 20:37 -0700, Joe Sloan wrote:
Rick Bilonick wrote:
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
tcptraceroute could tell you where the packets are being dropped.
Joe
Thanks. tcptraceroute is not installed. I will try to install it from the SLED SP1 DVD. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2008-06-03 at 20:37 -0700, Joe Sloan wrote:
tcptraceroute could tell you where the packets are being dropped.
Do you mean this: /usr/share/zsh/4.3.4/functions/_tcptraceroute ? Or this? Results from http://download.opensuse.org/repositories/network:/utilities/openSUSE_10.3 tcptraceroute (1.5beta7) Traceroute Implementation using TCP Packets - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIRo0QtTMYHG2NR9URAm8eAJ9SBA3+BHoDxZhl1Q9gU8SmvR+qxACghqSs 4JD7iWjO3pSF3D6Aqe/aZTA= =aYOp -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The Tuesday 2008-06-03 at 20:37 -0700, Joe Sloan wrote:
tcptraceroute could tell you where the packets are being dropped.
Do you mean this:
/usr/share/zsh/4.3.4/functions/_tcptraceroute
?
Or this?
Results from http://download.opensuse.org/repositories/network:/utilities/openSUSE_10.3 tcptraceroute (1.5beta7) Traceroute Implementation using TCP Packets
The latter - I wasn't aware of a zsh tcptraceroute function, or what it could actually do - Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-06-04 at 10:09 -0700, Sloan wrote:
Carlos E. R. wrote:
The Tuesday 2008-06-03 at 20:37 -0700, Joe Sloan wrote:
tcptraceroute could tell you where the packets are being dropped.
Do you mean this:
/usr/share/zsh/4.3.4/functions/_tcptraceroute
?
Or this?
Results from http://download.opensuse.org/repositories/network:/utilities/openSUSE_10.3 tcptraceroute (1.5beta7) Traceroute Implementation using TCP Packets
The latter - I wasn't aware of a zsh tcptraceroute function, or what it could actually do -
Me neither; I mean, I knew none of them, and I have wanted such a tool recently. After I posted I saw that factory has it: S | Name | Summary | Type - --+---------------+---------------------------------------------+-------- | tcptraceroute | Traceroute Implementation using TCP Packets | package So that's very nice. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIRukFtTMYHG2NR9URArMpAJ4gSQyMRsAZ/P1GX2teHTZK90wyjACdG2Va sAPR0XEwQ/qvGKAXOad6G64= =VThV -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, Jun 3, 2008 at 8:37 PM, Joe Sloan
Rick Bilonick wrote:
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
tcptraceroute could tell you where the packets are being dropped.
Joe --
Red herring. Packets are not being dropped. He said he could connect thru the same router with other machines. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
On Tue, Jun 3, 2008 at 8:37 PM, Joe Sloan
wrote: Rick Bilonick wrote:
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
tcptraceroute could tell you where the packets are being dropped.
Joe --
Red herring. Packets are not being dropped. He said he could connect thru the same router with other machines.
That doesn't mean the packets aren't being dropped when coming from this particular machine. I could demonstrate selective packet dropping with iptables and a few test machines, but you get the point, right? At any rate, he later mentioned that he does get through, but that the other end is apparently unable to process the login attempt. I advised searching through the logs on the system that he can't reach from the SLED box. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Jun 4, 2008 at 11:03 AM, Sloan
John Andersen wrote:
On Tue, Jun 3, 2008 at 8:37 PM, Joe Sloan
wrote: Rick Bilonick wrote:
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
tcptraceroute could tell you where the packets are being dropped.
Joe --
Red herring. Packets are not being dropped. He said he could connect thru the same router with other machines.
That doesn't mean the packets aren't being dropped when coming from this particular machine. I could demonstrate selective packet dropping with iptables and a few test machines, but you get the point, right?
He turned off his firewall, so its not his machine. The routers allow all other machines to ssh outbound. Therefore, baring any selective blocking of ssh at the router (which he would probably know about because the symptoms would include "no rote to host") you can safely assume there is no blockage. Tech support is the art of arriving at the most probable fault given half the data, in the wrong order. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, Jun 3, 2008 at 10:32 PM, Rick Bilonick
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
So there are four computers: comp1, comp2, Fedora8, SLED 10.1 And you can access comp1 and comp2 from Fedora8 but not from SLED 10.1, correct?
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
If my understanding is correct then what is the error message on SLED 10.1? Mike -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2008-06-04 at 06:44 -0500, Michael Mientus wrote:
On Tue, Jun 3, 2008 at 10:32 PM, Rick Bilonick
wrote: I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
So there are four computers: comp1, comp2, Fedora8, SLED 10.1
And you can access comp1 and comp2 from Fedora8 but not from SLED 10.1, correct?
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
If my understanding is correct then what is the error message on SLED 10.1?
Mike
Your understanding is correct. There is no error message - it just times out. The F8 computer connects almost instantly. What else is there to do? I'm not sure why it would be necessary to block out-going ssh. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2008-06-04 at 13:26 -0400, Rick Bilonick wrote:
On Wed, 2008-06-04 at 06:44 -0500, Michael Mientus wrote:
On Tue, Jun 3, 2008 at 10:32 PM, Rick Bilonick
wrote: I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
So there are four computers: comp1, comp2, Fedora8, SLED 10.1
And you can access comp1 and comp2 from Fedora8 but not from SLED 10.1, correct?
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
If my understanding is correct then what is the error message on SLED 10.1?
Mike
Your understanding is correct. There is no error message - it just times out. The F8 computer connects almost instantly.
What else is there to do? I'm not sure why it would be necessary to block out-going ssh.
Rick B.
If I deliberately type in the wrong password, it comes back instantly saying "permission denied, please try again." When and only when I type in the correct password, it just sits there. This suggests to me it is actually connecting to the remote computer but something is preventing communication after login. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Rick Bilonick wrote:
If I deliberately type in the wrong password, it comes back instantly saying "permission denied, please try again." When and only when I type in the correct password, it just sits there. This suggests to me it is actually connecting to the remote computer but something is preventing communication after login.
That is a crucial piece of information. It almost sounds like a name resolution issue on the remote end. The fact that it *is* connecting, but the other end is having problems answering, should be a clarion call to search through the syslog entries on the target server for clues as to why it can't process the connection from the SLED machine. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
2008/6/4 Rick Bilonick
If I deliberately type in the wrong password, it comes back instantly saying "permission denied, please try again." When and only when I type in the correct password, it just sits there.
So, there is no need for traceroute or other network analysis tools (at least for now). Maybe I have missed it, but I believe, you have not yet told us what the sshd (on the machine you try to connect to) writes to syslog when you attempt to log in. I am pretty sure that this information will significantly help you/us solve the problem. Regards Ingolf -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, 2008-06-05 at 16:09 +0200, Ingolf Steinbach wrote:
2008/6/4 Rick Bilonick
: If I deliberately type in the wrong password, it comes back instantly saying "permission denied, please try again." When and only when I type in the correct password, it just sits there.
So, there is no need for traceroute or other network analysis tools (at least for now). Maybe I have missed it, but I believe, you have not yet told us what the sshd (on the machine you try to connect to) writes to syslog when you attempt to log in. I am pretty sure that this information will significantly help you/us solve the problem.
Regards Ingolf
I will check when I get home. Although it is not my biggest problem now. I downloaded and burned SLED SP2 and updated the HP 2133. Now I have no wireless access at all. All the connection info still shows in nm-applet (edit) but it now does not detect any networks (even though there are many networks). The wireless device does not seem to exist (even though it is set to activate on boot). Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, 2008-06-05 at 16:09 +0200, Ingolf Steinbach wrote:
2008/6/4 Rick Bilonick
: If I deliberately type in the wrong password, it comes back instantly saying "permission denied, please try again." When and only when I type in the correct password, it just sits there.
So, there is no need for traceroute or other network analysis tools (at least for now). Maybe I have missed it, but I believe, you have not yet told us what the sshd (on the machine you try to connect to) writes to syslog when you attempt to log in. I am pretty sure that this information will significantly help you/us solve the problem.
Regards Ingolf
OK, I downloaded SLED SP2 (as suggested by someone on this list) and updated the HP 2133. This of course wiped out my wireless (apparently HP/Novell are using a kernel module that you can see in SP2 but cannot install) but I was able to install ndiswrapper and get the wireless back. I tried ssh and it worked right away. So I'm making a good bit of progress. Thanks to every one who responded. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, Jun 6, 2008 at 1:42 AM, Rick Bilonick
OK, I downloaded SLED SP2 (as suggested by someone on this list) and updated the HP 2133. This of course wiped out my wireless (apparently HP/Novell are using a kernel module that you can see in SP2 but cannot install) but I was able to install ndiswrapper and get the wireless back.
I tried ssh and it worked right away. So I'm making a good bit of progress. Thanks to every one who responded.
Rick B.
Out of curiosity, can you now edit ssh_config and sshd_config as root? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* james Wright
Out of curiosity, can you now edit ssh_config and sshd_config as root?
root *is* root and can do all! -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, Jun 6, 2008 at 10:14 AM, Patrick Shanahan
* james Wright
[06-06-08 10:06]: Out of curiosity, can you now edit ssh_config and sshd_config as root?
root *is* root and can do all! -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711
Yes, but he was apparently unable to do it before. - James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* james Wright
On Fri, Jun 6, 2008 at 10:14 AM, Patrick Shanahan
wrote: * james Wright
[06-06-08 10:06]: Out of curiosity, can you now edit ssh_config and sshd_config as root?
root *is* root and can do all!
Yes, but he was apparently unable to do it before.
perhaps *limited* in the access method, ie: visudo ??? -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 2008-06-06 at 10:05 -0400, james Wright wrote:
On Fri, Jun 6, 2008 at 1:42 AM, Rick Bilonick
wrote: OK, I downloaded SLED SP2 (as suggested by someone on this list) and updated the HP 2133. This of course wiped out my wireless (apparently HP/Novell are using a kernel module that you can see in SP2 but cannot install) but I was able to install ndiswrapper and get the wireless back.
I tried ssh and it worked right away. So I'm making a good bit of progress. Thanks to every one who responded.
Rick B.
Out of curiosity, can you now edit ssh_config and sshd_config as root?
I could get in before, but not through the shell using vi or cat, only using nautilus launched from a root shell. Now with SP2, I can view it from a shell window even as a user. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, Jun 6, 2008 at 7:37 AM, Rick Bilonick
On Fri, 2008-06-06 at 10:05 -0400, james Wright wrote:
On Fri, Jun 6, 2008 at 1:42 AM, Rick Bilonick
wrote: OK, I downloaded SLED SP2 (as suggested by someone on this list) and updated the HP 2133. This of course wiped out my wireless (apparently HP/Novell are using a kernel module that you can see in SP2 but cannot install) but I was able to install ndiswrapper and get the wireless back.
I tried ssh and it worked right away. So I'm making a good bit of progress. Thanks to every one who responded.
Rick B.
Out of curiosity, can you now edit ssh_config and sshd_config as root?
I could get in before, but not through the shell using vi or cat, only using nautilus launched from a root shell. Now with SP2, I can view it from a shell window even as a user.
That's just wrong. Not being able to get there in a shell (without SP2) speaks to some horrible borken stuff. Do/Did you have SELinux options installed or something? -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, Jun 6, 2008 at 2:37 PM, John Andersen
On Fri, Jun 6, 2008 at 7:37 AM, Rick Bilonick
wrote: I could get in before, but not through the shell using vi or cat, only using nautilus launched from a root shell. Now with SP2, I can view it from a shell window even as a user.
That's just wrong.
Not being able to get there in a shell (without SP2) speaks to some horrible borken stuff.
Do/Did you have SELinux options installed or something?
Or have/had you been playing with chattr? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 2008-06-06 at 11:37 -0700, John Andersen wrote:
On Fri, Jun 6, 2008 at 7:37 AM, Rick Bilonick
wrote: On Fri, 2008-06-06 at 10:05 -0400, james Wright wrote:
On Fri, Jun 6, 2008 at 1:42 AM, Rick Bilonick
wrote: OK, I downloaded SLED SP2 (as suggested by someone on this list) and updated the HP 2133. This of course wiped out my wireless (apparently HP/Novell are using a kernel module that you can see in SP2 but cannot install) but I was able to install ndiswrapper and get the wireless back.
I tried ssh and it worked right away. So I'm making a good bit of progress. Thanks to every one who responded.
Rick B.
Out of curiosity, can you now edit ssh_config and sshd_config as root?
I could get in before, but not through the shell using vi or cat, only using nautilus launched from a root shell. Now with SP2, I can view it from a shell window even as a user.
That's just wrong.
Not being able to get there in a shell (without SP2) speaks to some horrible borken stuff.
Do/Did you have SELinux options installed or something?
I don't believe selinux was installed when I had SLED SP1 installed. HP is sending me a rescue disk which is SP1 (HP is not shipping SP2 with HP 2133's yet). Regardless, it all works fine with SP2 with the exception that it screwed up my wireless. The bcm4312 worked fine in SP1 - I could contact WEP and WPA systems very easily. Apparently there is some proprietary Broadcom kernel module. I can see it in the SP2 DVD using Yast but it won't let me install it or if it is installed it's not working under SP2. I can't tell - it has a strange name and I can't find it using "rpm -qv". Although the hardware listing seems to indicate that there was no driver installed for the 4312. I installed ndiswrapper which works OK except for wpa (it never connects). Not sure why updating from SP1 to SP2 would hose the wireless module. Apparently, when I called HP tech services, I was the first one to have updated from SP1 to SP2. (They have 5 or 6 people dedicated to Linux, at least for the HP 2133 mini-notebook.) I'm not sure if I'm going to go to the trouble of installing SP1 from the rescue disk. SP1 is not very functional except for the wireless. I have an extra 160gb hard drive that I'm going to install and try installing openSuse 11 and/or Fedora 9. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, Jun 3, 2008 at 8:32 PM, Rick Bilonick
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
Rick B.
--
First you never need to open a port for an outward connection. The firewall is not the issue here. Check your /etc/ssh_config It should have the following lines uncommented ForwardX11 yes ForwardX11Trusted yes ----The above two are optional but if you trust the remote host its ok Protocol 2 Nothing else should be uncommented except some possible options that begine with SendEnv -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Jun 4, 2008 at 11:06 AM, John Andersen
On Tue, Jun 3, 2008 at 8:32 PM, Rick Bilonick
wrote: I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
Rick B.
--
First you never need to open a port for an outward connection. The firewall is not the issue here.
Check your /etc/ssh_config It should have the following lines uncommented ForwardX11 yes ForwardX11Trusted yes ----The above two are optional but if you trust the remote host its ok Protocol 2
You might also try Protocol 2,1 but 1 is deprecated. You may want to add these lines (they should be the default) RSAAuthentication yes PasswordAuthentication yes HostbasedAuthentication no GSSAPIAuthentication no -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2008-06-04 at 11:06 -0700, John Andersen wrote:
On Tue, Jun 3, 2008 at 8:32 PM, Rick Bilonick
wrote: I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
Rick B.
--
First you never need to open a port for an outward connection. The firewall is not the issue here.
Check your /etc/ssh_config It should have the following lines uncommented ForwardX11 yes ForwardX11Trusted yes ----The above two are optional but if you trust the remote host its ok Protocol 2
Nothing else should be uncommented except some possible options that begine with SendEnv
I become root and go to /etc. I do an ls and see ssh_config and it has a non-zero size. It's also shown as rw. But I cannot cat it nor can I open it with a text editor. There is also an sshd_config file that I can't open or look at. Other files (key) are the same. When I try to access these files it says they don't exist. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Jun 4, 2008 at 12:00 PM, Rick Bilonick
On Wed, 2008-06-04 at 11:06 -0700, John Andersen wrote:
On Tue, Jun 3, 2008 at 8:32 PM, Rick Bilonick
wrote: I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
Rick B.
--
First you never need to open a port for an outward connection. The firewall is not the issue here.
Check your /etc/ssh_config It should have the following lines uncommented ForwardX11 yes ForwardX11Trusted yes ----The above two are optional but if you trust the remote host its ok Protocol 2
Nothing else should be uncommented except some possible options that begine with SendEnv
I become root and go to /etc. I do an ls and see ssh_config and it has a non-zero size. It's also shown as rw. But I cannot cat it nor can I open it with a text editor. There is also an sshd_config file that I can't open or look at. Other files (key) are the same. When I try to access these files it says they don't exist.
Rick B.
/etc/ssh/ssh_config must be readable by all users, writeable only by root. sshd_config is only read/wirteable by root. If you are indeed root and you STILL can not cat those files then you have something seriously hozed and I would start diagnosing that problem rather than worrying about ssh. -- ----------JSA--------- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, Jun 4, 2008 at 3:11 PM, John Andersen
On Wed, Jun 4, 2008 at 12:00 PM, Rick Bilonick
wrote: I become root and go to /etc. I do an ls and see ssh_config and it has a non-zero size. It's also shown as rw. But I cannot cat it nor can I open it with a text editor. There is also an sshd_config file that I can't open or look at. Other files (key) are the same. When I try to access these files it says they don't exist.
Rick B.
/etc/ssh/ssh_config must be readable by all users, writeable only by root.
sshd_config is only read/wirteable by root.
If you are indeed root and you STILL can not cat those files then you have something seriously hozed and I would start diagnosing that problem rather than worrying about ssh.
As John says, you are either making a mistake, or your system is hosed. As root you should be able to vi those files. If your system is not hosed, check to see if nscd is running, if it is, kill it. I have seen this be the problem before. - James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2008-06-04 at 15:00 -0400, Rick Bilonick wrote:
On Wed, 2008-06-04 at 11:06 -0700, John Andersen wrote:
On Tue, Jun 3, 2008 at 8:32 PM, Rick Bilonick
wrote: I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
Rick B.
--
First you never need to open a port for an outward connection. The firewall is not the issue here.
Check your /etc/ssh_config It should have the following lines uncommented ForwardX11 yes ForwardX11Trusted yes ----The above two are optional but if you trust the remote host its ok Protocol 2
Nothing else should be uncommented except some possible options that begine with SendEnv
I become root and go to /etc. I do an ls and see ssh_config and it has a non-zero size. It's also shown as rw. But I cannot cat it nor can I open it with a text editor. There is also an sshd_config file that I can't open or look at. Other files (key) are the same. When I try to access these files it says they don't exist.
Rick B.
I am able to look at it through the Nautilus file manager. I changed ForwardX11 from no to yes and restarted sshd. But I still cannot connect. I just connected through the F8 computer with no problem. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-06-04 at 15:00 -0400, Rick Bilonick wrote: ...
I become root and go to /etc. I do an ls and see ssh_config and it has a non-zero size. It's also shown as rw. But I cannot cat it nor can I open it with a text editor. There is also an sshd_config file that I can't open or look at. Other files (key) are the same. When I try to access these files it says they don't exist.
Is it a reiserfs? Reboot into the install DVD, rescue system, bash console: "fsck device", where device is the one holding /etc. If it says that fsck is not needed, force it. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIRuoQtTMYHG2NR9URAjdiAJ9806iwuiz5I9IONWFIqwnQqTvgmgCggAbp E8LHJBOF+atMjnjfJ/tsRRE= =AI4h -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 04 June 2008 04:32:20 am Rick Bilonick wrote:
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
Rick B.
You do know that by default ssh with user root is turned off by default? Jerry -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu, 2008-06-05 at 14:07 +0100, Jerome R. Westrick wrote:
On Wednesday 04 June 2008 04:32:20 am Rick Bilonick wrote:
I'm running SLED 10.1. sshd is running (I can ssh to localhost) and I've opened port 22 for ssh in the firewall. I can access web pages (which means I have access to the Internet) but I cannot access two other computers (even using their IP's). (I can access these computers from another laptop running Fedora 8 through the same wireless router.)
How can I determine what is going wrong? I've tried disabling the firewall completely (although it always seems to come on by itself) to see if it was blocking ssh. Any suggestions would be appreciated.
Rick B.
You do know that by default ssh with user root is turned off by default? Jerry
I normally don't start an ssh session as root. I can't get ssh to open any session as a regular user. I'm download SLED SP2 (someone else pointed out that it was available). Maybe this will fix the problems I've been having using ssh and using yast2 or zypper to install packages from repositories. Someone else suggested using tcptraceroute but that is not installed and it doesn't appear to be available with SLED. I tried to install but there were too many dependencies I could not resolve. Which is the source of most of the other problems I have had with SLED 10.1. Thanks. Rick B. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (10)
-
Carlos E. R.
-
Ingolf Steinbach
-
james Wright
-
Jerome R. Westrick
-
Joe Sloan
-
John Andersen
-
Michael Mientus
-
Patrick Shanahan
-
Rick Bilonick
-
Sloan