[opensuse] accept ssh into boxen
I have set up an older box with 11.1 Xfce4 and set the firewall to accept ext_tcp for port 22, reloaded the firewall and started sshd. sshd is running. but I cannot ssh into this machine. The firewall logs all show "DROP" for any access attempts (vnc also). pulling hair as I have never had this problem before. Is it old age and forgetfulness or *have* I found a ?problem? tks, -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 07 March 2009 20:48:16 Patrick Shanahan wrote:
I have set up an older box with 11.1 Xfce4 and set the firewall to accept ext_tcp for port 22, reloaded the firewall and started sshd. sshd is running.
but I cannot ssh into this machine. The firewall logs all show "DROP" for any access attempts (vnc also).
pulling hair as I have never had this problem before. Is it old age and forgetfulness or *have* I found a ?problem?
Depends. How exactly did you set the firewall? Edit the config file directly (if so how?), or did you use YaST Things changed slightly in 11.1 with SuSEfirewall2 and the config files Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* Anders Johansson <ajohansson@suse.de> [03-07-09 14:53]:
On Saturday 07 March 2009 20:48:16 Patrick Shanahan wrote:
I have set up an older box with 11.1 Xfce4 and set the firewall to accept ext_tcp for port 22, reloaded the firewall and started sshd. sshd is running.
but I cannot ssh into this machine. The firewall logs all show "DROP" for any access attempts (vnc also).
pulling hair as I have never had this problem before. Is it old age and forgetfulness or *have* I found a ?problem?
Depends. How exactly did you set the firewall? Edit the config file directly (if so how?), or did you use YaST
tks, I have fixed it, finally. Needed to set firewall to accept ssh internally ???? but it worked.
Things changed slightly in 11.1 with SuSEfirewall2 and the config files
so I see. btw, I use YaST when it can do the job (usually) as experience has shown that mixing can cause problems that are difficult to cure :^) tks, -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Patrick Shanahan wrote:
* Anders Johansson <ajohansson@suse.de> [03-07-09 14:53]:
On Saturday 07 March 2009 20:48:16 Patrick Shanahan wrote:
I have set up an older box with 11.1 Xfce4 and set the firewall to accept ext_tcp for port 22, reloaded the firewall and started sshd. sshd is running.
but I cannot ssh into this machine. The firewall logs all show "DROP" for any access attempts (vnc also).
pulling hair as I have never had this problem before. Is it old age and forgetfulness or *have* I found a ?problem?
Depends. How exactly did you set the firewall? Edit the config file directly (if so how?), or did you use YaST
tks, I have fixed it, finally. Needed to set firewall to accept ssh internally ???? but it worked.
Things changed slightly in 11.1 with SuSEfirewall2 and the config files
so I see.
btw, I use YaST when it can do the job (usually) as experience has shown that mixing can cause problems that are difficult to cure :^)
tks,
I have a standard 11.1 which had ssh enabled at install. There are no entries under allowing ssh externally or internally (FW_SERVICES_EXT_TCP as in 10.3). There is only an entry sshd in FW_CONFIGURATIONS_EXT. :-) Al -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* LLLActive@GMX.Net <LLLActive@GMX.Net> [03-07-09 16:34]:
I have a standard 11.1 which had ssh enabled at install. There are no entries under allowing ssh externally or internally (FW_SERVICES_EXT_TCP as in 10.3). There is only an entry sshd in FW_CONFIGURATIONS_EXT.
I will try that, tks -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* Patrick Shanahan <paka@opensuse.org> [03-07-09 16:45]:
* LLLActive@GMX.Net <LLLActive@GMX.Net> [03-07-09 16:34]:
I have a standard 11.1 which had ssh enabled at install. There are no entries under allowing ssh externally or internally (FW_SERVICES_EXT_TCP as in 10.3). There is only an entry sshd in FW_CONFIGURATIONS_EXT.
I will try that, tks
And it *does* work. tks, -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
but I cannot ssh into this machine. The firewall logs all show "DROP" for any access attempts (vnc also).
we need more details. what are youre interfaces, and what are your kernel packages version exactly? there was a kernel update just a few days ago on 11.1. maybe some packages or updates affected network interface names and settings or something. what about turning off whatever firewall is running and checking as a first step if ssh connect is working then? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Patrick Shanahan wrote:
I have set up an older box with 11.1 Xfce4 and set the firewall to accept ext_tcp for port 22, reloaded the firewall and started sshd. sshd is running.
but I cannot ssh into this machine. The firewall logs all show "DROP" for any access attempts (vnc also).
pulling hair as I have never had this problem before. Is it old age and forgetfulness or *have* I found a ?problem?
tks,
I checked on the standard OpenSUSE 11.1 SuSEfirewall setup under YaST -> /etc/sysconfig Editor, Network -> Firewall -> SuSEfirewall2 -> FW_CONFIGURATIONS_EXT includes sshd. Under FW_SERVICES_EXT_TCP there is nothing entered; sure it used to be 22 or ssh. Indeed, on another OpenSUSE 10.3 there is a ssh under FW_SERVICES_EXT_TCP, and FW_CONFIGURATIONS_EXT only has vnc activated. Try to include sshd in FW_CONFIGURATIONS_EXT. :-) Al -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
* LLLActive@GMX.Net <LLLActive@GMX.Net> [03-07-09 16:29]:
I checked on the standard OpenSUSE 11.1 SuSEfirewall setup under YaST -> /etc/sysconfig Editor, Network -> Firewall -> SuSEfirewall2 -> FW_CONFIGURATIONS_EXT includes sshd. Under FW_SERVICES_EXT_TCP there is nothing entered; sure it used to be 22 or ssh.
Indeed, on another OpenSUSE 10.3 there is a ssh under FW_SERVICES_EXT_TCP, and FW_CONFIGURATIONS_EXT only has vnc activated.
Try to include sshd in FW_CONFIGURATIONS_EXT.
tks, I have: FW_SERVICES_EXT_TCP="ssh" FW_CONFIGURATIONS_EXT="sshd vnc-httpd vnc-server xorg-x11-server" FW_SERVICES_ACCEPT_EXT="ssh" FW_FORWARD="ssh" They *may* not all be needed, and I may experiment more. I now have access via vnc and ssh. I am setting up a temp machine for a friend of my wife who is confined to a wheel-chair and is nearly my age (gray headed) and low on expendable cash. Her windoz machine (mother-board) went south and she has no way to browse the net and get her email. I had an old machine under the shelf (replaced customer), and she will now learn linux and xfce4 :^). But I doubt she will notice much difference except for not being able to run most wdoz apps. I have set a cron job to give me her address periodically so I can access her machine w/o difficulty and administer her problems :^) tks, -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
Anders Johansson -
cagsm -
LLLActive@GMX.Net -
Patrick Shanahan