On Mon, 10 Dec 2001 17:18:28 -0500
Dennis Myers <[EMAIL PROTECTED]> frantically pecked out this message:::::
> On Monday 10 December 2001 15:16, you wrote:
> > What are the config files and what needs to be done to allow access? Do I
> > have to tell the sshd file to accept logins? Does ssh just ask for a
> > username and password if it is encryped, not the phrase?
> >
> > From: "Carl Lafferty" <[EMAIL PROTECTED]>
> > Reply-To: [EMAIL PROTECTED]
> > To: <[EMAIL PROTECTED]>
> > Subject: RE: [newbie] SSH problems
> > Date: Mon, 10 Dec 2001 14:45:05 -0500
> >
> > Not familiar enough with bastille to be able to offer any suggestions.
> > my only time installing ssh was on a slackware box that didn't have it
> > bundled.
> The best thing I know of to start with Bastille is go into the /sbin file
> and as root or su type "InteractiveBastille" (just like that) and it will
> start a Installation with some dialog explaining what the question is about
> and what it will do. There if you choose yes for IPforwarding you can choose
> some of the options to leave telenet open, (not a good Idea) but use ssh
> instead. The config file is /etc/Bastille/bastille-firewall.cfg and you can
> do some more detailed changes there. HTH
> --
> Dennis M. registered linux user # 180842
>
>
in order for Bastille to allow ssh connections from the Publick interface port 22
needs to be open.
TCP_PUBLIC_SERVICES="20 21 22 25 53 80 109 110 119 143 443 3306"
thats the line where Bastille handles this. next you will want to make sure that the
line that handles this in /etc/services is "not" commented out in
affect closing out the service.
ssh 22/tcp SSH Remote Login Protocol
ssh 22/udp SSH Remote Login Protocol
Now...a word about Bastille firewall. This is "not" and end all be all firewall for
you Linux box. what it "is", is a very fine beginning to get a firewall started. there
is a lot more then can and needs to be done to make a real secure firewall. I would
strngly suggest learning iptables, how it works, why it works the way it does, and how
to talk to it.
http://people.unix-fu.org/andreasson/iptables-tutorial/iptables-tutorial.html
the above link will take you to what i consider the best iptables tutorial i've ever
seen. this fella really knows what he's talking about and puts presents iptables in
such a way that you can't help but understand.
the only other thing that "might" be keeping you locked out is Portsentry. check the
/etc/hosts.deny file to make sure that the IP number of the machine you're trying to
access the other machine from hasn't been added to this file. if it has remove it.
then place that machine's IP number into the /etc/hosts.ignore file so that Portsentry
won't do that again.
--
Mark
Registered Linux User 182496
Mandrake 8.1
---------------------------------------------------------------------
7:05am up 2 days, 9:00, 2 users, load average: 0.02, 0.17, 0.28
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
