Dear Dan,
If you have a highly trusted co-worker to help you with this, try the
following: (READ the whole thing first!!!!!)
On your home network set the router up to put the one machine on the
isolated IP, try oh say 192.168.1.20. Also set the router to forward
port 22 to this machine.
On that machine (192.168.1.20), open the sharing preferences group,
click on the firewall tab. Make sure that Remote Login - SSH (22) is
enabled to be on.
If you don't have that one checked on in the list, then turn the
firewall off, click on the check box to turn it on. Turn the firewall
back on.
If for some reason it is not in the list, turn the firewall off, add
it by clicking on the New.. button and follow the instructions --
remember it is port 22. Turn the firewall back on.
Special note: if you running 10.2.0 you will need to restart to get the
changes to take effect. This was fixed I believe in one of the updates
and is okay in 10.2.2 (not sure about 10.2.1).
Go to another computer on the same local network, open Terminal, and
type in the following:
ssh -l login-name 192.168.1.20 and press the return key ( that ssh -l
has a dash elle with a space there, you can use your shorter login name
if you wish)
The machine you are on will complain that it does not know the host
192.168.1.20 with some such and such RSA key (a bunch of strange
looking characters) and it will ask you if you want to accept it. Type
yes and press return --- you must type the full word. Your machine will
grumble back a warning to you about 192.168.1.20 being permanently
added to the hosts file, think about things for a while than try to
connect to the 192.168.1.20 machine.
You will get a message back asking you for your password. Enter it.
Then you will have a session within a session going (what is going on
is that you are now running Terminal on the 192.168.1.20 machine.).
Type exit.
(What you just did was start up the SSH server -- it is secure, but
does not like to stay active, it has been known to go to sleep).
Now have your co-worker at the remote location open Terminal on that
machine and type in the following:
ssh -l name IPaddress and press return (where IP address is the one
your ISP gave you for the network -- this will be a lot easier if this
is a static IP,
but if it is dynamic:
use your browser to quickly get the IP address from the router
(the 192.168.1.1 page for the router will have it). Tell your co-worker
the address.
Your co-worker will get the same bit about trusted host, etc. have them
say it is okay. Once they log in, them have them exit.
The reason that I had you do the same thing first is to get the SSH
server up and running and listening for requests before the co-worker
tried it. There is a definite time factor that the connection must be
established within or else the connection will be refused by the
co-worker's machine! If they are the one that initiates everything, the
attempt may run into time-out problems.
Okay, what all of this was for is to be able to tell if the router is
forwarding requests properly in a secure manner without worrying about
the ftp set-up.
If this was successful, then you can concentrate on getting the ftp
services set-up.
Jerry
On Monday, December 2, 2002, at 09:52 AM, Dan Crutcher wrote:
> In response to several suggestions about FTP sharing:
>
> >You may want to try changing the default router IP address to
> something somewhat unique.
>
> I'm not sure if I understand this. The router is using DHCP, so it
> picks up its IP from the ISP; I don't have any control over that. If
> you're referring to the LAN IP that I assign my computer, I am using a
> unique IP for that. The router is set up to start assigning IPs at
> 192.168.1.100; I have manually assigned mine an IP of 192.168.1.7 (and
> I've also tried .17 and .149 and a couple of others), which no other
> computer on the network can have.
>
> > I usually use scp these
> >days because I'm paranoid about sending unencrypted passwords out into
> >the world. Mac OS X comes with scp installed, and it works great.
>
> Praytell, what is scp and where do I find it? Is this something that's
> going to require me finally to tackle the terminal?
>
> >You need to set up your Linksys router to put your laptop in the DMZ
>
> I have tried DMZ and port forwarding without success. The inability to
> connect seems to be at an earlier stage in the process. It's as if the
> ftp request is never getting past (or to) the router's IP address, if
> that makes any sense.
>
> As for several suggestions to try a different ftp client, that will be
> my next step in the troubleshooting process.
>
> By the way, is there anyone out there who actually has OS X's built-in
> FTP sharing working on a computer that's behind a cable/DSL router,
> regardless of brand?
>
> Thanks for all the suggestions. We have only begun to fight.
>
> Dan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 5223 bytes
Desc: not available
Url :
http://www.math.louisville.edu/pipermail/macgroup/attachments/20021202/f6ce8a2a/attachment.bin
