Ben and Larry, thanks for the feedback.
To add more info, yes, the RH box (800 mi away) is outside my LAN (-: ,
and so is efn. I was also able to connect to the RH box from efn (and I am
pretty sure I was the first one on efn who established ssh connection to
that site).
I find it hard to believe that Mandrake 8.1 (OpenSSH_2.9p2) is so
outdated (most recent is 3.0._?_) -- it's the most recent of the 3
machines
I am talking about.
Initiating ssh connection with -p 13xx (I tried 3 different xx) either
didn't make a difference or failed because some of those was filtered
and rejected by portsentry's settings.
Analytical as I am I still try to understand what efn's error
message really means:
> > debug1: unknown identity file /home/members/hpl/.ssh/identity
> > debug1: identity file /home/members/hpl/.ssh/identity type -1
, given that I just created 'identity' on efn ............. Horst.
On Mon, 11 Feb 2002, Larry Price wrote:
> You may be running into the fact that efn filters incoming
> connections to privileged ports (<1024) with the exception of ident(113).
>
> On Mon, 11 Feb 2002, Horst wrote:
>
> > My box: Mkd 8.1 ; sshd version OpenSSH_2.9p2:
> > THIS COL BYLARRY:
~~~~~~~~~~~~~~~~
> > I can NOT ssh from efn to my box. no previous outgoing
> > I can ssh from my box to efn. outgoing
> > I can ssh to another box RH_6.1 (800 mi away) outgoing
> > I can ssh from that RH_6.1 box to my box previous same ip:
> >
> You can get around this by using the -p option to ssh and telling it to
> use an unpriviliged port say 1337, you may additionally need to specify
> this port in your /etc/ssh/sshd_config using the Port directive.
>
>
> > Any hint to what prevents me from ssh'ing directly
> > from efn to my box? I started reading the man pages and
> > did ssh-keygen, since I saw the hint to the identity file,
> > but that didn't show an effect.
> >
> > - Horst, please cc directly since I am digest'ing.
> >
> >
> > garcia$ ssh [EMAIL PROTECTED] -v -v
> > OpenSSH_2.5.2p2, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
> > debug1: Seeded RNG with 29 bytes from programs
> > debug1: Seeded RNG with 3 bytes from system calls
> > debug1: Rhosts Authentication disabled, originating port will not be
> > trusted.
> > debug1: ssh_connect: getuid 11130 geteuid 0 anon 1
> > debug1: Connecting to 12.225.128.123 [12.225.128.123] port 22.
> > debug1: Connection established.
> > debug1: unknown identity file /home/members/hpl/.ssh/identity
> > debug1: identity file /home/members/hpl/.ssh/identity type -1
> > debug1: unknown identity file /home/members/hpl/.ssh/id_rsa
> > debug1: identity file /home/members/hpl/.ssh/id_rsa type -1
> > debug1: unknown identity file /home/members/hpl/.ssh/id_dsa
> > debug1: identity file /home/members/hpl/.ssh/id_dsa type -1
> > ssh_exchange_identification: Connection closed by remote host
> > debug1: Calling cleanup 0x23764(0x0)
> > debug1: Calling cleanup 0x2a2d4(0x0)
> > debug1: writing PRNG seed to file /home/members/hpl/.ssh/prng_seed
> >
> >
> > AFTER ssh-keygen:
> > =================
> > garcia$ ls -la -tr .ssh
> > total 9
> > -rw-r--r-- 1 hpl 361 Oct 6 16:37 known_hosts
> > -rw-r--r-- 1 hpl 1210 Jan 22 12:19 known_hosts2
> > drwx--x--x 11 hpl 1536 Feb 11 21:12 ..
> > drwx------ 2 hpl 512 Feb 11 21:13 .
> > -rw------- 1 hpl 525 Feb 11 21:13 identity
> > -rw-r--r-- 1 hpl 329 Feb 11 21:13 identity.pub
> > -rw------- 1 hpl 1024 Feb 11 21:15 prng_seed
> > garcia$
> >
> >
>
> http://www.efn.org/~laprice ( Community, Cooperation, Consensus
> http://www.opn.org ( Openness to serendipity, make mistakes
> http://www.efn.org/~laprice/poems ( but learn from them.(carpe fructus ludi)
>
