ssh login

rickylim · 03-02-2006, 08:36 PM

Hi everyone,

i am taking over one of the freebsd 4.9 server running as mail server and i am very new to freebsd.

i have few questions related to ssh. PLease advice.

1st questions:-
how can i check what port is ssh using in that server(running on command interface).

2nd questions:-
how do i check whether the ssh port is open and not blocked so that i can use it in that server.

3rd questions:-
can ssh allow only specific ip address to ssh in to the server.

4th questions:-
i am running win xp, is it possible to ssh to the freeBSD server.

Thanks for your attention.

rgds.
Lim

JackSmith · 03-02-2006, 08:51 PM

1st
SSH usually runs on port 22. As far as determining what port it's running under, It's probably not the best method, but I always just use nmap. ie 'nmap localhost'. If you have some IDS in place this will likely make it unhappy though.

3rd
I'm not sure whether SSH itself allows that kind of granularity, but you can easily solve the issue using a firewall. IPFilter is the standard firewall for freebsd if I remember right.

4th
yes! you just need an SSH client for XP, you can find one here:
http://www.colorado.edu/its/MSG/win/...hellClient.exe

Hope this helps a little, good luck.

gilead · 03-02-2006, 08:55 PM

Hope this helps (Slackware here, not BSD)...

For your first question (port number), can you try the following:

Code:

ssh -v localhost

And look for a line like:

Code:

debug1: Connecting to localhost [127.0.0.1] port 22.

For your second question, try the following:

Code:

netstat --inet -a | grep 'ssh'

An output like the following means that it is listening on all interfaces:

Code:

tcp        0      0 *:ssh                   *:*                     LISTEN

For your third question, depending on how ssh was compiled, it may use hosts.allow/hosts.deny. Alternatively, you can configure your firewall rules to limit the hosts.

For your fourth question, yes there are windows based ssh clients (putty from http://www.chiark.greenend.org.uk/~sgtatham/putty/ is just one).

frob23 · 03-02-2006, 09:00 PM

1) `sockstat | grep sshd`

That will print out where sshd is listening

2) I would use nmap from an external computer or a website which does such things (portmapping). If it is blocked... look in your /etc/rc.conf to see if you have a firewall type described and then you can find that and change it to permit access.

3) Edit /etc/ssh/sshd_config and add

Code:

AllowUsers *@10.0.0.1

Replace the ip with the one you want (you can add more by seperating them with spaces and wild cards should work as well). With this done, only those users and hosts listed here will be able to log in. It's probably best to use:

Code:

AllowUsers username@ip.add.re.ss

As that will allow only you, and only from that ip.

Here is the relevant section of the man page.

Code:

     AllowUsers
             This keyword can be followed by a list of user name patterns,
             separated by spaces.  If specified, login is allowed only for
             user names that match one of the patterns.  `*' and `?' can be
             used as wildcards in the patterns.  Only user names are valid; a
             numerical user ID is not recognized.  By default, login is
             allowed for all users.  If the pattern takes the form USER@HOST
             then USER and HOST are separately checked, restricting logins to
             particular users from particular hosts.

rickylim · 03-02-2006, 09:04 PM

Thanks guy!.. you guys are great.

As for the firewall setting, i will check with the Person-In-Charge.

Bravo.. :-) Thanks!!!

frob23 · 03-02-2006, 09:07 PM

Quote:

Originally Posted by gilead

Hope this helps (Slackware here, not BSD)...

For your first question (port number), can you try the following:

Code:

ssh -v localhost

And look for a line like:

Code:

debug1: Connecting to localhost [127.0.0.1] port 22.

How would this work if sshd was running on port 23005 (for example)? It wouldn't. This is just the verbose listing but it does provide the port information if the port is the standard one (which we already know is 22).

Quote:

For your second question, try the following:

Code:

netstat --inet -a | grep 'ssh'

An output like the following means that it is listening on all interfaces:

Code:

tcp        0      0 *:ssh                   *:*                     LISTEN

These options aren't valid. And, while netstat can be used... this would also only work with the standard port. The *:ssh uses /etc/services to look up the number... if sshd was listening on 666 for example, it would show up as *:doom

gilead · 03-02-2006, 09:45 PM

Yeah, you're right - at best it would only confirm whether the standard values were being used. My apologies to rickylim if this caused any confusion.

danielanson · 04-03-2006, 02:55 AM

1. cat /etc/ssh/sshd_config | grep -i port (look for an uncommented line. 22 is default)
2. telnet serveraddress port (from an outside machine)
3. yes
4. putty or secureshell

-=SuperChicken=-