SSH is blocking my connections
OK I've beed trying to SSH to my LAN from an external host. I've gotten past configuring my firewall correctly. When I try to SSH to my box, PuTTY terminated without error. When I checked /var/log/messages it said:
SSHD: refused connect from xx.xx.xx.xx (xx.xx.xx.xx) I made sure to make SSH listen on that interface. I known that SSH is listening because I can SSH out to a host and then back in. Any ideas? --tarballedtux |
edit your sshd_config
Adding the line: ListenAddress 192.168.0.1 Or whatever the server's address is should correct your problem. - lowlife |
If you're running SSH over xinetd check the only_from line in the ssh configuration. Running tcp_wrappers? (/etc/hosts.allow, /etc/hosts.deny)
|
99% change this is your /etc/hosts.allow file :)
enter this line to allow SSH connections from everywhere: sshd: ALL or from just 1 subnet: sshd: 192.168.0.0/255.255.255.0 |
OK, I should have said this the first time, but I already did put in an entry for SSHD in hosts.allow
SSHD: xx.34.56. because there is a range of addresses that the connections will be coming from. I also already said I put in a listen directive in sshd.conf ListenAddress xx.xx.xx.xx Which is the IP of the interface that touches the internet. So I'm still confused. Maybe I will try a SSHD: ALL for testing purposes. --tarballedtux |
Try and find out :)
Also take a look in /var/log/auth.log which tells you probably more... |
but I already did put in an entry for SSHD in hosts.allow
SSHD: xx.34.56. Had the same prob time ago. If you have "ALL: ALL" in /etc/hosts.deny then it rules out the "ssh: xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy" in /etc/hosts.deny. I think this ./makes sense, because you already restrict access in .*allow before .*deny is read, at least that's what I think the man page sez. |
TCP Wrappers checks for matches in hosts.allow then hosts.deny. If no match is found in either, then the connection is allowed. It's best to put "ALL : ALL" in your hosts.deny so that it covers everthing that is not explicity named in hosts.allow.
|
Oops, my mistake, thnx for correcting Stickman.
|
All times are GMT -5. The time now is 12:02 AM. |