host1 envoie un reset TCP (flag R) se qui signifie qu'il n'accepte pas la connection. a cela plusieurs cause:
- (La plus probable) tcp wrapper (regarde ta config inetd/xinetd ansi que /etc/hosts.allow|deny). - Un firewall sur host1. - sshd lui meme. JeF On Fri, Jul 25, 2003 at 04:26:42AM -0400, Dominique Vanlent wrote: > Hello, > > Voila mom probleme. > > Je suis en console sur la machine host1. De l'autre cote d'internet, une machine > want-to-ssh-to-host1 essaie desesperement de me joindre. > > host1 est une RedHat9, l'autre uilise putty. > > [EMAIL PROTECTED] root]# tcpdump -i eth1 > tcpdump: listening on eth1 > > 11:10:03.941891 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: S > 70378484:70378484(0) win 24820 <nop,nop,sackOK,mss 1380> (DF) > 11:10:03.941941 host1.domaine.org.ssh > want-to-ssh-to-host1.56435: S > 1572190196:1572190196(0) ack 70378485 win 5840 <mss 1460,nop,nop,sackOK> (DF) > 11:10:03.942267 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: R 1:1(0) ack 1 > win 5840 <mss 1460,nop,nop,sackOK> (DF) > 11:10:07.348120 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: S > 70378484:70378484(0) win 24820 <nop,nop,sackOK,mss 1380> (DF) > 11:10:07.348160 host1.domaine.org.ssh > want-to-ssh-to-host1.56435: S > 1575596425:1575596425(0) ack 70378485 win 5840 <mss 1460,nop,nop,sackOK> (DF) > 11:10:07.348495 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: R 1:1(0) ack 1 > win 5840 <mss 1460,nop,nop,sackOK> (DF) > 11:10:14.065015 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: S > 70378484:70378484(0) win 24820 <nop,nop,sackOK,mss 1380> (DF) > 11:10:14.065049 host1.domaine.org.ssh > want-to-ssh-to-host1.56435: S > 1582313318:1582313318(0) ack 70378485 win 5840 <mss 1460,nop,nop,sackOK> (DF) > 11:10:14.065389 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: R 1:1(0) ack 1 > win 5840 <mss 1460,nop,nop,sackOK> (DF) > 11:10:27.563511 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: S > 70378484:70378484(0) win 24820 <nop,nop,sackOK,mss 1380> (DF) > 11:10:27.563547 host1.domaine.org.ssh > want-to-ssh-to-host1.56435: S > 1595811817:1595811817(0) ack 70378485 win 5840 <mss 1460,nop,nop,sackOK> (DF) > 11:10:27.563886 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: R 1:1(0) ack 1 > win 5840 <mss 1460,nop,nop,sackOK> (DF) > 11:10:54.564504 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: S > 70378484:70378484(0) win 24820 <nop,nop,sackOK,mss 1380> (DF) > 11:10:54.564549 host1.domaine.org.ssh > want-to-ssh-to-host1.56435: S > 1622812815:1622812815(0) ack 70378485 win 5840 <mss 1460,nop,nop,sackOK> (DF) > 11:10:54.564877 want-to-ssh-to-host1.56435 > host1.domaine.org.ssh: R 1:1(0) ack 1 > win 5840 <mss 1460,nop,nop,sackOK> (DF) > > 60 packets received by filter > 0 packets dropped by kernel > [EMAIL PROTECTED] root]# > > > Sur host1, je suis capable de faire un ssh localhost et un ssh sur l'ip de > l'interface eth1. Mais aux travers d'Internet, pas moyen. > > Les traces tcpdump vous parlent vous? > > Pourquoi cela ne va pas vous penser? > > J'ai l'impression qu'un firewall bloque quelaue chose, non? > > Merci pour vos idee :-) > > Dominique > > > PS: j'ai volontairement eliminer des traces de tcpdump et modifie les IP. > > > > > > > > > __________________________________________________________________ > McAfee VirusScan Online from the Netscape Network. > Comprehensive protection for your entire computer. Get your free trial today! > http://channels.netscape.com/ns/computing/mcafee/index.jsp?promo=393397 > > Get AOL Instant Messenger 5.1 free of charge. Download Now! > http://aim.aol.com/aimnew/Aim/register.adp?promo=380455 > _______________________________________________________ > Linux Mailing List - http://www.unixtech.be > Subscribe/Unsubscribe: http://www.unixtech.be/mailman/listinfo/linux > Archives: http://www.mail-archive.com/[EMAIL PROTECTED] > IRC: efnet.unixtech.be:6667 - #unixtech -- -> Jean-Francois Dive --> [EMAIL PROTECTED] There is no such thing as randomness. Only order of infinite complexity. - Marquis de LaPlace - deterministic Principles - _______________________________________________________ Linux Mailing List - http://www.unixtech.be Subscribe/Unsubscribe: http://www.unixtech.be/mailman/listinfo/linux Archives: http://www.mail-archive.com/[EMAIL PROTECTED] IRC: efnet.unixtech.be:6667 - #unixtech
