Mailinglist Archive: opensuse (626 mails)

< Previous Next >
Re: [opensuse] trouble with ssh connecting
  • From: Knurpht-openSUSE <knurpht@xxxxxxxxxxxx>
  • Date: Mon, 12 Nov 2018 20:18:46 +0100
  • Message-id: <1724410.MszJXlWtAm@knurpht-hp>
Op maandag 12 november 2018 20:15:44 CET schreef Patrick Shanahan:
* Patrick Shanahan <paka@xxxxxxxxxxxx> [11-12-18 13:00]:
* Carlos E. R. <robin.listas@xxxxxxxxxxxxxx> [11-12-18 11:16]:
On 12/11/2018 15.32, Peter Suetterlin wrote:
Carlos E. R. wrote:
On 12/11/2018 15.00, Peter Suetterlin wrote:
In my case, it does. Just realized I cannot ssh into my laptop
anymore, and the firewall was blocking.

The reson was that the sshd service configuration for the firewall,
/etc/sysconfig/SuSEfirewall2.d/services/sshd, was/is part of the
openssh
package, but the latest one doesn't have it anymore (because
SuSEfirewall has been dropped).
Nice move :(

(This is Tumbleweed - don't know how it is on other systems)

Well, in TW you should not be using SuSEfirewll2.

I just continuously updated my installation. I cannot remember
anything
urging me to remove the package and replace it with something else,
nor was
such a switch done by the updates.....

OK, for real - of course I know about the switch, as I read the list
here.
But not everyone does.

(And I still think that switch to firewalld was one of the worst
stunts in
opensuse history - but that's another topic)

Oh, I agree. I have migrated two machines to 15.0, a third is waiting,
and I haven't still done the firewall in any. I fear it.

really doesn't appear too difficult. I have it on three boxes now and
thing I have everything I had with SuSEfirewall2. it's just different.
there are plenty of examples and instructions on the net. I successfully
opened ports for kconnectd and vnc and moved ssh. but my server is still
on 42.2 and SuSEfirewall2. I probably will not change it until I upgrade
it.

there is an add-on for yast which will make changes for you but not nearly
as comprehensive and leading as before.

fwiw: Just updated and rebooted a remote tw box w/SuSEfirewall2 and could
no longer connect. and yast firewall does not work either. ran yast
sysconfig and enabled ssh and had to manually restart SuSEfirewall2 to
re-enable ssh pass thru. and difficult to accomplish giving blind
direction on the phone.

finally got remote access and installed firewalld and switched w/o further
incidence.

BUT... not good these type of changes w/o any notice and no way to
recover w/o remote assistance. next time the remote aid may not be as
viable and then a loooong trip for very suspect reasons.

yes, this is a RANT, but a NECESSARY RANT.

PAY ATTENTION.

tw is a long term investment.
This would mean you did/do not have the TW Update repo active. That's where a
fixed set of openssl packages were pushed, AFAIK they should be in later
snapshots as well.

--
Gertjan Lettink a.k.a. Knurpht
openSUSE Board Member
openSUSE Forums Team



--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups