Simon Chang wrote:
OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to xxxxxxxxxxxxxx.com [x.x.x.x] port 22.
What is really baffling is that if I try the exact same thing from, say,
a cygwin session on a host on the private network - this works fine.
So ... it's not a firewall problem as near as I can tell. It may be
an ssh configuration problem - that is, the FreeBSD ssh client can't do
it, but another client (cygwin) can.
It would be helpful if you include your firewall ruleset, plus
sshd_config. It's possible that one or more is misconfigured, but we
would have no way of knowing without your telling us about them.
I have opened up the firewall entirely just to test, and this does
not solve the problem:
00100 162 18088 divert 8668 ip from any to any via fxp0
00100 0 0 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
65000 206 21586 allow ip from any to any
65535 3872 652732 deny ip from any to any
The ssh config is untouched and has only comments in it:
# $OpenBSD: ssh_config,v 1.22 2006/05/29 12:56:33 dtucker Exp $
# $FreeBSD: src/crypto/openssh/ssh_config,v 184.108.40.206 2006/11/11 00:51:28
des Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP no
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VersionAddendum FreeBSD-20061110
Tim Daneliuk [EMAIL PROTECTED]
PGP Key: http://www.tundraware.com/PGP/
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"