At 07:56 PM 10/25/01 -0600, David Blood wrote:
Well, that's a start at a report. Now please provide the rest of the information I asked for in my prior response. Namely: "what the failures actually look like, whether your logs contain any information about the failures, and theSorry Bering 1.0rc3. I have been able to ssh from an intenel machine to the external ip but whenever I try from the outside I can't get in.
basics of your setup as outlined in the SR FAQ".
1. "what the failures actually look like". Saying "from the outside I can't get in" is NOT providing this info. When you try, what actual response(s) do you see in the ssh client (and what ssh client are you using)? Are you prompted for userid and password, then get disconnected" Or do you get a "connection refused" message? Or does the connection simply hang (for more than 3 minutes; anything less might be a DNS lookup delay)? Or something else?
2. "whether your logs contain any information about the failures". This might be an entry or entries from sshd itself, or it might be a firewall (Shorewall) entry or entries. (It even might be entries from inetd or tcpd, in the unlikely event that you are running sshd through inetd ... I don't recall right now what options Bering offers.) If there are any relevant entries, please quote them in full to us.
3. "the basics of your setup as outlined in the SR FAQ". This part is just in case, since there might just be something odd about your setup that we are not thinking of and that you think is too obvious, or "irrelevent", to mention. Also, seeing the actual firewall ruleset in place can help to spot a Shorewall configuration error.
It would also be worth your showing us how you did these things (what the actual entries in the relevant files are), since if you made an error here, we won't be able to spot it without seeing the specifics. And am I correct in assuming that you restarted shorewall after editing its config files?Tried adding the ip address of the machine in hosts.allow no different. Add the line in rules for shorewall to allow net to fw on port 22
Final thought: you said "whenever I try from the outside I can't get in". How many distinct locations have you tried from? Is there any possibility of a problem with ssh on the remote end?
--
-------------------------------------------"Never tell me the odds!"--------
Ray Olszewski -- Han Solo
Palo Alto, California, USA [EMAIL PROTECTED]
-------------------------------------------------------------------------------
-------------------------------------------------------
This sf.net email is sponsored by: Influence the future of Java(TM) technology. Join the Java Community Process(SM) (JCP(SM)) program now. http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0004en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
