[Bug 733361] New: SSH port is blocked in stage 2 of ssh based installations
https://bugzilla.novell.com/show_bug.cgi?id=733361 https://bugzilla.novell.com/show_bug.cgi?id=733361#c0 Summary: SSH port is blocked in stage 2 of ssh based installations Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Installation AssignedTo: lnussel@suse.com ReportedBy: max@suse.com QAContact: jsrain@suse.com CC: lnussel@suse.com, pcerny@suse.com, zjjia@suse.com Depends on: 732391 Found By: --- Blocker: --- +++ This bug was initially created as a clone of Bug #732391 +++ When doing a ssh based installation, which by default configures port 22 to be, the firewall still blocks the port in stage 2, making it impossible to continue the installation remotely. (In reply to https://bugzilla.novell.com/show_bug.cgi?id=732391#c7)
does yast2 2nd stage actually block further system boot?
When doing a ssh based installation, further system boot is indeed blocked at some point, waiting for the user to log in through ssh and start yast2 2nd stage manually.
If SuSEfirewall2 gets started while not yet configured by yast2 2nd stage the port of course won't be open. [...] 2. SuSEfirewall2 does what's written in the config file
I looked at /etc/sysconfig/SuSEfirewall2 at the point when the system waits for the user to log in and run yast2 2nd stage, and it contains sshd in all three FW_CONFIGURATIONS_* variables. Hmm, as I am not seing any firewall startup message on the console up to this point, could it be that the real firewall hasn't even been started yet and only a few "block just about everything" rules have been loaded? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c
Reinhard Max
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c1
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c2
--- Comment #2 from Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c3
Boris Karpov
check iptables -vnL INPUT
Chain INPUT (policy DROP 2926 packets, 298K bytes) pkts bytes target prot opt in out source destination 4 260 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 8 672 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED iptables drop any new input. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c4
--- Comment #4 from Boris Karpov
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c5
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c6
--- Comment #6 from Frederic Crozat
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c7
--- Comment #7 from Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c8
--- Comment #8 from Frederic Crozat
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c9
Frederic Crozat
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c
Andreas Jaeger
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c11
Jiří Suchomel
https://bugzilla.novell.com/show_bug.cgi?id=733361
https://bugzilla.novell.com/show_bug.cgi?id=733361#c12
--- Comment #12 from Bernhard Wiedemann
participants (1)
-
bugzilla_noreply@novell.com