Sziasztok ! Amennyiben hagyományos módon (ifup) csatlakozik a gép a belső hálózathoz akkor elérem ssh-n keresztül, amennyiben a NetworkManagert használom, akkor nem lehet kapcsolódni ssh-val. Többször is átnéztem a beállítást az NM-ben, jónak ...tűnik. Az elképzelés szerint a WiFi lett külső zóna dhcp-n tűzfallal védve és a kábeles csatlakozás meg belsőhálózat amin nincs beállítva tűzfal. mi lehet a gond ? KDE 4.6.5 oss11.4 -- üdv: karesz
Szia! Küldj ilyen kimeneteket, mind a két módszerrel (ezeket a prancsokat root-ként futtatva): rcSuSEfirewall2 status rcsshd status ifconfig route grep -v -e '#' -e '^$' /etc/ssh/sshd_config grep -v -e '#' -e '^$' /etc/sysconfig/SuSEfirewall2 cat /etc/sysconfig/SuSEfirewall2.d/services/sshd iptables -S illetve próbálj kapcsolódni ssh-val, de a paraméterek között legyen ott az is, hogy: -vvvvv (Tehát kb. így: `ssh 192.168.0.150 -vvvvv`) - ennek is küldd el a kimenetét, mind a két esetben. Üdv, Ottó On 17/10/11 11:16, Szágyi Károly wrote:
Sziasztok ! Amennyiben hagyományos módon (ifup) csatlakozik a gép a belső hálózathoz akkor elérem ssh-n keresztül, amennyiben a NetworkManagert használom, akkor nem lehet kapcsolódni ssh-val. Többször is átnéztem a beállítást az NM-ben, jónak ...tűnik. Az elképzelés szerint a WiFi lett külső zóna dhcp-n tűzfallal védve és a kábeles csatlakozás meg belsőhálózat amin nincs beállítva tűzfal. mi lehet a gond ?
KDE 4.6.5 oss11.4
-- üdv: karesz
2011-10-17 11:57 keltezéssel, "Horváth Gergely J. (Ottó)" írta:
Szia!
szia !
Küldj ilyen kimeneteket, mind a két módszerrel (ezeket a prancsokat root-ként futtatva):
rcSuSEfirewall2 status unused
rcsshd status running
ifconfig eth0 Link encap:Ethernet HWaddr 00:1D:92:4C:FF:A5 inet addr:192.168.0.103 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::21d:92ff:fe4c:ffa5/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:20244 errors:0 dropped:0 overruns:0 frame:0 TX packets:10182 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:28716515 (27.3 Mb) TX bytes:734118 (716.9 Kb) Interrupt:40 Base address:0x6000
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:411 errors:0 dropped:0 overruns:0 frame:0 TX packets:411 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:30322 (29.6 Kb) TX bytes:30322 (29.6 Kb) wlan0 Link encap:Ethernet HWaddr 00:15:AF:A0:93:DF UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 * 255.255.255.0 U 1 0 0 eth0 default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
grep -v -e '#' -e '^$' /etc/ssh/sshd_config PasswordAuthentication no UsePAM yes X11Forwarding yes Subsystem sftp /usr/lib/ssh/sftp-server AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL
grep -v -e '#' -e '^$' /etc/sysconfig/SuSEfirewall2 FW_DEV_EXT="" FW_DEV_INT="" FW_DEV_DMZ="" FW_ROUTE="no" FW_MASQUERADE="no" FW_MASQ_DEV="" FW_MASQ_NETS="" FW_NOMASQ_NETS="" FW_PROTECT_FROM_INT="no" FW_SERVICES_EXT_TCP="" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="" FW_SERVICES_EXT_RPC="" FW_CONFIGURATIONS_EXT="sshd" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_DMZ_RPC="" FW_CONFIGURATIONS_DMZ="sshd" FW_SERVICES_INT_TCP="" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="" FW_SERVICES_INT_RPC="" FW_CONFIGURATIONS_INT="sshd" FW_SERVICES_DROP_EXT="" FW_SERVICES_DROP_DMZ="" FW_SERVICES_DROP_INT="" FW_SERVICES_REJECT_EXT="" FW_SERVICES_REJECT_DMZ="" FW_SERVICES_REJECT_INT="" FW_SERVICES_ACCEPT_EXT="" FW_SERVICES_ACCEPT_DMZ="" FW_SERVICES_ACCEPT_INT="" FW_SERVICES_ACCEPT_RELATED_EXT="" FW_SERVICES_ACCEPT_RELATED_DMZ="" FW_SERVICES_ACCEPT_RELATED_INT="" FW_TRUSTED_NETS="" FW_FORWARD="" FW_FORWARD_REJECT="" FW_FORWARD_DROP="" FW_FORWARD_MASQ="" FW_REDIRECT="" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG_LIMIT="" FW_LOG="" FW_KERNEL_SECURITY="" FW_STOP_KEEP_ROUTING_STATE="" FW_ALLOW_PING_FW="" FW_ALLOW_PING_DMZ="" FW_ALLOW_PING_EXT="" FW_ALLOW_FW_SOURCEQUENCH="" FW_ALLOW_FW_BROADCAST_EXT="no" FW_ALLOW_FW_BROADCAST_INT="no" FW_ALLOW_FW_BROADCAST_DMZ="no" FW_IGNORE_FW_BROADCAST_EXT="yes" FW_IGNORE_FW_BROADCAST_INT="no" FW_IGNORE_FW_BROADCAST_DMZ="no" FW_ALLOW_CLASS_ROUTING="" FW_CUSTOMRULES="" FW_REJECT="" FW_REJECT_INT="" FW_HTB_TUNE_DEV="" FW_IPv6="" FW_IPv6_REJECT_OUTGOING="" FW_IPSEC_TRUST="no" FW_ZONES="" FW_ZONE_DEFAULT="" FW_USE_IPTABLES_BATCH="" FW_LOAD_MODULES="nf_conntrack_netbios_ns" FW_FORWARD_ALWAYS_INOUT_DEV="" FW_FORWARD_ALLOW_BRIDGING="" FW_WRITE_STATUS="" FW_RUNTIME_OVERRIDE="" FW_LO_NOTRACK="" FW_BOOT_FULL_INIT=""
cat /etc/sysconfig/SuSEfirewall2.d/services/sshd ## Name: Secure Shell Server ## Description: Open ports for Secure Shell Server
# space separated list of allowed TCP ports TCP="ssh"
iptables -S
-P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT
illetve próbálj kapcsolódni ssh-val, de a paraméterek között legyen ott az is, hogy: -vvvvv (Tehát kb. így: `ssh 192.168.0.150 -vvvvv`) - ennek is küldd el a kimenetét, mind a két esetben.
ssh 192.168.0.103 -vvvvv OpenSSH_5.4p1, OpenSSL 1.0.0 29 Mar 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 192.168.0.103 [192.168.0.103] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8 debug1: match: OpenSSH_5.8 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.4 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: none,zlib@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 120/256 debug2: bits set: 541/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: host 192.168.0.103 filename /root/.ssh/known_hosts debug3: check_host_in_hostfile: host 192.168.0.103 filename /root/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host '192.168.0.103' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:1 debug2: bits set: 503/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /root/.ssh/id_rsa ((nil)) debug2: key: /root/.ssh/id_dsa ((nil)) debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/id_rsa debug3: no such identity: /root/.ssh/id_rsa debug1: Trying private key: /root/.ssh/id_dsa debug3: no such identity: /root/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: debug3: packet_send2: adding 32 (len 18 padlen 14 extra_pad 64) debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 0 debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64) debug1: Authentication succeeded (keyboard-interactive). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug1: Sending environment. debug3: Ignored env LESSKEY debug3: Ignored env NNTPSERVER debug3: Ignored env MANPATH debug3: Ignored env KDE_MULTIHEAD debug3: Ignored env SSH_AGENT_PID debug3: Ignored env HOSTNAME debug3: Ignored env DM_CONTROL debug3: Ignored env XKEYSYMDB debug3: Ignored env GPG_AGENT_INFO debug3: Ignored env HOST debug3: Ignored env SHELL debug3: Ignored env TERM debug3: Ignored env PROFILEREAD debug3: Ignored env XDM_MANAGED debug3: Ignored env XDG_SESSION_COOKIE debug3: Ignored env HISTSIZE debug3: Ignored env KONSOLE_DBUS_SERVICE debug3: Ignored env GTK2_RC_FILES debug3: Ignored env GS_LIB debug3: Ignored env GTK_RC_FILES debug3: Ignored env MORE debug3: Ignored env WINDOWID debug3: Ignored env XSESSION_IS_UP debug3: Ignored env KDE_FULL_SESSION debug3: Ignored env JRE_HOME debug3: Ignored env USER debug3: Ignored env LS_COLORS debug3: Ignored env XNLSPATH debug3: Ignored env ENV debug3: Ignored env SSH_AUTH_SOCK debug3: Ignored env HOSTTYPE debug3: Ignored env SESSION_MANAGER debug3: Ignored env FROM_HEADER debug3: Ignored env KRDIR debug3: Ignored env PAGER debug3: Ignored env CSHEDIT debug3: Ignored env XDG_CONFIG_DIRS debug3: Ignored env MINICOM debug3: Ignored env MAIL debug3: Ignored env PATH debug3: Ignored env DESKTOP_SESSION debug3: Ignored env CPU debug3: Ignored env JAVA_BINDIR debug3: Ignored env QT_IM_MODULE debug3: Ignored env INPUTRC debug3: Ignored env PWD debug3: Ignored env JAVA_HOME debug3: Ignored env XMODIFIERS debug3: Ignored env KDE_SESSION_UID debug1: Sending env LANG = hu_HU.UTF-8 debug2: channel 0: request env confirm 0 debug3: Ignored env PYTHONSTARTUP debug3: Ignored env KONSOLE_DBUS_SESSION debug3: Ignored env SSH_ASKPASS debug3: Ignored env HOME debug3: Ignored env SHLVL debug3: Ignored env COLORFGBG debug3: Ignored env QT_SYSTEM_DIR debug3: Ignored env LESS_ADVANCED_PREPROCESSOR debug3: Ignored env LANGUAGE debug3: Ignored env KDE_SESSION_VERSION debug3: Ignored env OSTYPE debug3: Ignored env XCURSOR_THEME debug3: Ignored env LS_OPTIONS debug3: Ignored env WINDOWMANAGER debug3: Ignored env MACHTYPE debug3: Ignored env LOGNAME debug3: Ignored env G_FILENAME_ENCODING debug3: Ignored env LESS debug3: Ignored env CVS_RSH debug3: Ignored env XDG_DATA_DIRS debug3: Ignored env DBUS_SESSION_BUS_ADDRESS debug3: Ignored env LESSOPEN debug3: Ignored env USE_FAM debug3: Ignored env WINDOWPATH debug3: Ignored env DISPLAY debug3: Ignored env PROFILEHOME debug3: Ignored env QT_PLUGIN_PATH debug3: Ignored env XAUTHLOCALHOSTNAME debug3: Ignored env GTK_IM_MODULE debug3: Ignored env LESSCLOSE debug3: Ignored env G_BROKEN_FILENAMES debug3: Ignored env QT_IM_SWITCHER debug3: Ignored env XAUTHORITY debug3: Ignored env JAVA_ROOT debug3: Ignored env COLORTERM debug3: Ignored env mc debug3: Ignored env _ debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug2: channel_input_status_confirm: type 99 id 0 debug2: PTY allocation request accepted on channel 0 debug2: channel 0: rcvd adjust 2097152 debug2: channel_input_status_confirm: type 99 id 0 debug2: shell request accepted on channel 0 Last failed login: Wed Oct 18 *** CEST 2011 from 192.168.0.xxx on ssh:notty There was 1 failed login attempt since the last successful login. Last login: Wed Oct 18 *** 2011 from 192.168.0.XXX Have a lot of fun...
Üdv, Ottó
Egy kicsit zavarban vagyok, mert ezeket végigfuttatva rootként megyen a dolog... azért érdekelne a mi lehetett a baj... mondjuk most hogy ezeket lefuttattam a notin bekapcsoltam a WiFI-t. A WiFi-t csak akkor használnám, ha nem helyi hálózaton lóg a gép. -- Karesz
participants (2)
-
"Horváth Gergely J. (Ottó)" -
Szágyi Károly