Simon Chang wrote:

  OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug2: ssh_connect: needpriv 0
  debug1: Connecting to xxxxxxxxxxxxxx.com [x.x.x.x] port 22.


What is really baffling is that if I try the exact same thing from, say,
a cygwin session on a host on the private network - this works fine.
So ... it's not a firewall problem as near as I can tell.  It may be
an ssh configuration problem - that is, the FreeBSD ssh client can't do
it, but another client (cygwin) can.

It would be helpful if you include your firewall ruleset, plus
sshd_config.  It's possible that one or more is misconfigured, but we
would have no way of knowing without your telling us about them.

SC

I have opened up the firewall entirely just to test, and this does
not solve the problem:

00100  162  18088 divert 8668 ip from any to any via fxp0
00100    0      0 allow ip from any to any via lo0
00200    0      0 deny ip from any to 127.0.0.0/8
00300    0      0 deny ip from 127.0.0.0/8 to any
65000  206  21586 allow ip from any to any
65535 3872 652732 deny ip from any to any



The ssh config is untouched and has only comments in it:

#       $OpenBSD: ssh_config,v 1.22 2006/05/29 12:56:33 dtucker Exp $
#       $FreeBSD: src/crypto/openssh/ssh_config,v 1.27.2.4 2006/11/11 00:51:28 
des Exp $

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

# Host *
#   ForwardAgent no
#   ForwardX11 no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   BatchMode no
#   CheckHostIP no
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VersionAddendum FreeBSD-20061110


--
----------------------------------------------------------------------------
Tim Daneliuk     [EMAIL PROTECTED]
PGP Key:         http://www.tundraware.com/PGP/

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to