Here is the snip from the log: Dec 17 13:25:11 workstation sshd[538]: refused connect from lucky Just a little more info, I have run the harden_suse script and am running the SuSE_firewall script, not sure if one of those is the problem. Thanx Rainer Link wrote:
On Sun, 17 Dec 2000, jonathan wrote:
Please excuse the bumb question. I just installed the SuSE rpm for openSSH, ran ssh-keygen but when I try to connect from another machine I get:
ssh_exchange_identification: Connection closed by remote host
Just a guess. But per default our OpenSSH package is shipped with libwrap support (man 8 tcpd). So it maybe neccessary to change /etc/hosts.allow.
What does the log of the remote host say? sshd should log into /var/log/message.
HTH
best regards, Rainer Link
-- Rainer Link | SuSE - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)
On Son, 17 Dez 2000, jonathan wrote:
Here is the snip from the log: Dec 17 13:25:11 workstation sshd[538]: refused connect from lucky
Just a little more info, I have run the harden_suse script and am running the SuSE_firewall script, not sure if one of those is the problem. Thanx
Yup, take a look at the /etc/hosts.{allow,deny}. FOR SURE you have been cancelled out by tcpwrappers, which openssh use. -- ciao norb +-------------------------------------------------------------------+ | Norbert Preining http://www.logic.at/people/preining | | University of Technology Vienna, Austria preining@logic.at | | DSA: 0x09C5B094 (RSA: 0xCF1FA165) mail subject: get [DSA|RSA]-key | +-------------------------------------------------------------------+
Add sshd: ALL to /etc/hosts.allow if you want to allow all IP ranges to connect to sshd. If you wish to allow only certain ranges, replace ALL with 1 or more IP ranges... Cheers -Nix At 07:43 PM 17/12/2000 +0100, you wrote:
On Son, 17 Dez 2000, jonathan wrote:
Here is the snip from the log: Dec 17 13:25:11 workstation sshd[538]: refused connect from lucky
Just a little more info, I have run the harden_suse script and am running the SuSE_firewall script, not sure if one of those is the problem. Thanx
Yup, take a look at the /etc/hosts.{allow,deny}. FOR SURE you have been cancelled out by tcpwrappers, which openssh use.
-- ciao norb
+-------------------------------------------------------------------+ | Norbert Preining http://www.logic.at/people/preining | | University of Technology Vienna, Austria preining@logic.at | | DSA: 0x09C5B094 (RSA: 0xCF1FA165) mail subject: get [DSA|RSA]-key | +-------------------------------------------------------------------+
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Microsoft is to operating systems & security .... .... what McDonalds is to gourmet cooking
participants (3)
-
jonathan
-
Nix
-
Norbert Preining