Mailinglist Archive: opensuse (626 mails)

< Previous Next >
Re: [opensuse] trouble with ssh connecting
* Patrick Shanahan <paka@xxxxxxxxxxxx> [11-12-18 13:00]:
* Carlos E. R. <robin.listas@xxxxxxxxxxxxxx> [11-12-18 11:16]:
On 12/11/2018 15.32, Peter Suetterlin wrote:
Carlos E. R. wrote:
On 12/11/2018 15.00, Peter Suetterlin wrote:

In my case, it does. Just realized I cannot ssh into my laptop
anymore, and
the firewall was blocking.

The reson was that the sshd service configuration for the firewall,
/etc/sysconfig/SuSEfirewall2.d/services/sshd, was/is part of the openssh
package, but the latest one doesn't have it anymore (because
SuSEfirewall has
been dropped).
Nice move :(

(This is Tumbleweed - don't know how it is on other systems)

Well, in TW you should not be using SuSEfirewll2.

I just continuously updated my installation. I cannot remember anything
urging me to remove the package and replace it with something else, nor
was
such a switch done by the updates.....

OK, for real - of course I know about the switch, as I read the list here.
But not everyone does.

(And I still think that switch to firewalld was one of the worst stunts in
opensuse history - but that's another topic)

Oh, I agree. I have migrated two machines to 15.0, a third is waiting,
and I haven't still done the firewall in any. I fear it.

really doesn't appear too difficult. I have it on three boxes now and
thing I have everything I had with SuSEfirewall2. it's just different.
there are plenty of examples and instructions on the net. I successfully
opened ports for kconnectd and vnc and moved ssh. but my server is still
on 42.2 and SuSEfirewall2. I probably will not change it until I upgrade
it.

there is an add-on for yast which will make changes for you but not nearly
as comprehensive and leading as before.

fwiw: Just updated and rebooted a remote tw box w/SuSEfirewall2 and could
no longer connect. and yast firewall does not work either. ran yast
sysconfig and enabled ssh and had to manually restart SuSEfirewall2 to
re-enable ssh pass thru. and difficult to accomplish giving blind
direction on the phone.

finally got remote access and installed firewalld and switched w/o further
incidence.

BUT... not good these type of changes w/o any notice and no way to
recover w/o remote assistance. next time the remote aid may not be as
viable and then a loooong trip for very suspect reasons.

yes, this is a RANT, but a NECESSARY RANT.

PAY ATTENTION.

tw is a long term investment.

--
(paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri
http://en.opensuse.org openSUSE Community Member facebook/ptilopteri
Registered Linux User #207535 @ http://linuxcounter.net
Photos: http://wahoo.no-ip.org/piwigo paka @ IRCnet freenode

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >