Op maandag 12 november 2018 20:26:50 CET schreef Patrick Shanahan:
* Knurpht-openSUSE <knurpht@opensuse.org> [11-12-18 14:19]:
Op maandag 12 november 2018 20:15:44 CET schreef Patrick Shanahan:
* Patrick Shanahan <paka@opensuse.org> [11-12-18 13:00]:
* Carlos E. R. <robin.listas@telefonica.net> [11-12-18 11:16]:
On 12/11/2018 15.32, Peter Suetterlin wrote:
Carlos E. R. wrote: > On 12/11/2018 15.00, Peter Suetterlin wrote: >> In my case, it does. Just realized I cannot ssh into my laptop >> anymore, and the firewall was blocking. >> >> The reson was that the sshd service configuration for the >> firewall, >> /etc/sysconfig/SuSEfirewall2.d/services/sshd, was/is part of the >> openssh >> package, but the latest one doesn't have it anymore (because >> SuSEfirewall has been dropped). >> Nice move :( >> >> (This is Tumbleweed - don't know how it is on other systems) > > Well, in TW you should not be using SuSEfirewll2.
I just continuously updated my installation. I cannot remember anything urging me to remove the package and replace it with something else, nor was such a switch done by the updates.....
OK, for real - of course I know about the switch, as I read the list here. But not everyone does.
(And I still think that switch to firewalld was one of the worst stunts in opensuse history - but that's another topic)
Oh, I agree. I have migrated two machines to 15.0, a third is waiting, and I haven't still done the firewall in any. I fear it.
really doesn't appear too difficult. I have it on three boxes now and thing I have everything I had with SuSEfirewall2. it's just different. there are plenty of examples and instructions on the net. I successfully opened ports for kconnectd and vnc and moved ssh. but my server is still on 42.2 and SuSEfirewall2. I probably will not change it until I upgrade it.
there is an add-on for yast which will make changes for you but not nearly as comprehensive and leading as before.
fwiw: Just updated and rebooted a remote tw box w/SuSEfirewall2 and could no longer connect. and yast firewall does not work either. ran yast sysconfig and enabled ssh and had to manually restart SuSEfirewall2 to re-enable ssh pass thru. and difficult to accomplish giving blind direction on the phone.
finally got remote access and installed firewalld and switched w/o further incidence.
BUT... not good these type of changes w/o any notice and no way to recover w/o remote assistance. next time the remote aid may not be as viable and then a loooong trip for very suspect reasons.
yes, this is a RANT, but a NECESSARY RANT.
PAY ATTENTION.
tw is a long term investment.
This would mean you did/do not have the TW Update repo active. That's where a fixed set of openssl packages were pushed, AFAIK they should be in later snapshots as well.
I fail to understand your comment, or you failed to read the post ...
I definitely have Tw Updates active and others. I did not fail to connect for having an incorrect/broken ssh configuration or openssh version. the update dropped ssh from SuSEfirewall2 config just as Peter noted and having to reboot the machine for dbus changes, lost connect and could not regain. THAT IS A PROBLEM and more so for a remote.remote.remote box. In that case you missed that SuSEfirewall2 is deprecated and not even available in TW anymore.
-- Gertjan Lettink a.k.a. Knurpht openSUSE Board Member openSUSE Forums Team -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org