Depending on the shell you are using, you may be able to set that to
auto-logout, or you
could set a cron job to run every 5 minutes and terminate tty's with 5min
idle time.
Honestly though, you will rarely find a good technical solution to a social
problem--there's always a work-around--and
Thanks for your response Markham,
I'm afraid labor law is much too protective here for us to be able to educate
users in this way ;)
Your idea to run a cron job every X minutes has merit though, I'll try and
check into that !
On May 3, 2013, at 4:51 PM, markham breitbach
Allow me to add a bit of context here.
We're wrapping things up to obtain the PCI DSS certification which is awarded
for running through a long and annoying series of hoops.
This certification is rather important to our business so like it or not, we
have to play along.
Allowing the use of
On May 3, 2013, at 5:16 PM, Arthur Chance free...@qeng-ho.org wrote:
On 05/03/13 15:28, Fleuriot Damien wrote:
Hello list,
I'm facing this unusual demand at work where we need to time out idle SSH
connections for security purposes.
I've checked the following options from
On 05/03/13 15:28, Fleuriot Damien wrote:
Hello list,
I'm facing this unusual demand at work where we need to time out idle SSH
connections for security purposes.
I've checked the following options from sshd_config but none seems to fit my
needs :
TCPKeepAlive
ClientAliveCountMax
Firing people for violating the 5 minute rule seems a tad extreme. If there is
indeed a company policy regarding the 5 minute idle window you and you intend
to roll forward with a connection kill script then also make screen or tmux
available. In my experience people tend to be more accepting
On 5/3/2013 10:05 AM, Fleuriot Damien wrote:
Thanks for your response Markham,
I'm afraid labor law is much too protective here for us to be able to educate
users in this way;)
Your idea to run a cron job every X minutes has merit though, I'll try and
check into that !
If labor law's
On Fri, 3 May 2013 17:22:04 +0200, Fleuriot Damien wrote:
Allow me to add a bit of context here.
We're wrapping things up to obtain the PCI DSS certification which
is awarded for running through a long and annoying series of hoops.
This certification is rather important to our business so
On Fri, Apr 8, 2011 at 5:15 PM, ill...@gmail.com ill...@gmail.com wrote:
On 8 April 2011 15:22, Scott Ballantyne s...@ssr.com wrote:
I've never seen this before, but when ssh'ing to my server today, I
got:
ssh_exchange_identification: Connection closed
Was this multiple log-in failures
On 9 April 2011 13:22, Scott Ballantyne s...@ssr.com wrote:
On Fri, Apr 8, 2011 at 5:15 PM, ill...@gmail.com ill...@gmail.com wrote:
On 8 April 2011 15:22, Scott Ballantyne s...@ssr.com wrote:
I've never seen this before, but when ssh'ing to my server today, I
got:
is your host ip denied by /etc/hosts.allow?
On 04/08/2011 12:22, Scott Ballantyne wrote:
I've never seen this before, but when ssh'ing to my server today, I
got:
ssh_exchange_identification: Connection closed
I was able to log in using my vendors KVM access, and didn't see
anything
El dia Friday, April 08, 2011 a las 12:53:05PM -0700, Robison, Dave escribio:
is your host ip denied by /etc/hosts.allow?
Dave,
Don't top post!
On 04/08/2011 12:22, Scott Ballantyne wrote:
I've never seen this before, but when ssh'ing to my server today, I
got:
On 8 April 2011 15:22, Scott Ballantyne s...@ssr.com wrote:
I've never seen this before, but when ssh'ing to my server today, I
got:
ssh_exchange_identification: Connection closed
Was this multiple log-in failures receiving the same
error message?
is this log-in happening across the
than flaky hardware.
Thanks for your help to those who took the time to reply.
Martin.
From: Martin Minkus
Sent: Monday, 28 June 2010 09:22
To: freebsd-questions@freebsd.org
Subject: RE: sshd / tcp packet corruption ? ZFS Samba?
Hey all,
It was suggested I do a memtest
Hey all,
It was suggested I do a memtest, but that checked out fine. (I wish it
was as simple as just the ram!)
I’ve realised the issue manifests itself almost immediately when
accessing an underlying ZFS filesystem using Samba. But if it is UFS, it
is fine.
Does this mean anything to
Martin Minkus martin.min...@punz.co.nz writes:
It seems this issue I reported below may actually be related to some
kind of TCP packet corruption ?
Possible. Or memory errors. Hard to say much at this point, when you
don't even know which side is actually causing the errors.
Still same
point. I'll do a memtest.
Martin.
-Original Message-
From: Lowell Gilbert [mailto:freebsd-questions-lo...@be-well.ilk.org]
Sent: Thursday, 24 June 2010 09:41
To: Martin Minkus
Cc: freebsd-questions
Subject: Re: sshd / tcp packet corruption ?
Martin Minkus martin.min...@punz.co.nz writes
So definitely some kind of packet corruption;
Using netcat to send a single megabyte of binary data to a box with no
known issues (from kinetic - steel):
kinetic:/tmp$ dd if=/dev/urandom of=random.testfile bs=1k count=1k
1024+0 records in
1024+0 records out
1048576 bytes transferred in
Stefan Miklosovic wrote:
hi,
my pc gets ip address from dhcp server,
but on my pc, there is running
sshd.
I want to make ssh to listen to only one
ip address, but if ip changes due to dhcp,
ssh server do not work properly.
I know, that dhcp is able to assign ip address
to client from some
On Wed, Aug 5, 2009 at 5:11 PM, Stefan
Miklosovicmiklosovic.free...@gmail.com wrote:
hi,
my pc gets ip address from dhcp server,
but on my pc, there is running
sshd.
I want to make ssh to listen to only one
ip address, but if ip changes due to dhcp,
ssh server do not work properly.
I
On Wednesday 05 August 2009 13:11:08 Stefan Miklosovic wrote:
my pc gets ip address from dhcp server,
but on my pc, there is running
sshd.
I want to make ssh to listen to only one
ip address, but if ip changes due to dhcp,
ssh server do not work properly.
I know, that dhcp is able to
Glen Barber wrote:
my pc gets ip address from dhcp server,
but on my pc, there is running
sshd.
I want to make ssh to listen to only one
ip address, but if ip changes due to dhcp,
ssh server do not work properly.
I know, that dhcp is able to assign ip address
to client from some range e.g.
2009/6/3 Sajó Zsolt Attila sajozsatt...@citromail.hu
Hi!
I would like use the sshd in jail, but the port forwarding doesn't work in
the pf firewall. My jail ip: 10.0.0.40. If I use the ssh -l user 10.0.0.40
command it's well, but when I use the ssh -p 5859 -vv -l user
luk1814.no-ip.org
;sajozsatt...@citromail.hugt;
Elküldve: 09:33
Téma: Re: sshd in jail
2009/6/3 Sajó Zsolt Attila luk1814.no-ip.org command I get this error:
gt; OpenSSH_5.1p1 FreeBSD-20080901, OpenSSL 0.9.8e 23 Feb 2007
gt; debug1: Reading configuration data /etc/ssh/ssh_config
gt; debug2: ssh_connect: needpriv
Could somebody point me to a relevant sshd documentation where
the cause of these rejection messages is explained:
sshd: Did not receive identification string from xx.xx.xx.xx
it's not rejection. sshd waited waited and didn't got next think it should
It may be ssh windows client bug or just
Dnia niedziela 31 maj 2009 o 16:18:09 Sajó Zsolt Attila napisał(a):
How do I use the sshd with pam-pgsql?
I don't know how tu use but I see something strange with your setup.
In ssh-pam_pgsql.conf you have pw_type = md5 and in your database you have a
cleartext password. I think it is your
Ansar Mohammed wrote:
Is sshd compiled with Kerberos support on freebsd 7.0?
Yup:
ldd /usr/sbin/sshd:
...
libgssapi.so.9 = /usr/lib/libgssapi.so.9 (0x28124000)
libkrb5.so.9 = /usr/lib/libkrb5.so.9 (0x2812b000)
...
Otherwise, you should be able to use PAM, with
2008/6/25 Mark Price [EMAIL PROTECTED]:
On Wed, Jun 25, 2008 at 12:04 AM, Agus [EMAIL PROTECTED] wrote:
Hi fellows,
I am trying to configure sshd on my bsd and wanted to ask if the opitons
there, in case i enable them are resource intensive;
Let me give u an example,
For instance,
On Wed, 25 Jun 2008 01:04:40 -0300
Agus [EMAIL PROTECTED] wrote:
In case i enable them, would my server, which is very small(Very
little RAM,192MB i think)..its just for educational purposes; could
my server cope with it if for instance tehre were quite a few clients
connected? I dont know
On Wed, Jun 25, 2008 at 12:04 AM, Agus [EMAIL PROTECTED] wrote:
Hi fellows,
I am trying to configure sshd on my bsd and wanted to ask if the opitons
there, in case i enable them are resource intensive;
Let me give u an example,
For instance, the Options
#ClientAliveInterval 0
Christian Laursen wrote:
It is also worth taking a look at the ProxyCommand option.
For the case above something like this should be put in ~/.ssh/config:
Host your.own.host-tunneled
HostKeyAlias your.own.host
ProxyCommand ssh [EMAIL PROTECTED] nc your.own.host 22
The you can just do ssh
Peter Boosten [EMAIL PROTECTED] writes:
No, I was more thinking of:
ssh -L :your.own.host:22 [EMAIL PROTECTED]
and then open a new shell:
scp -P the-file-you-want-to-copy [EMAIL PROTECTED]:
This works easiest with agent forwarding, but I guess any
authentication will do.
It is
On Thursday 08 May 2008 05:50:59 Steve Bertrand wrote:
ssh stream tcp nowait/20/4/10 root /usr/sbin/sshd sshd -i
into /etc/inetd.conf set a limit of
* 20 overall ssh connections
* 4 connection attempts per minute
* at most 10 connections from a single IP
This works very
Hi,
On May 7, 2008, at 01:11 , Gilles wrote:
Hello
I'm a bit tired of people trying to break into SSH:
May 6 16:59:23 freebsd sshd[24649]: Invalid user agatha from
195.43.9.246
May 6 16:59:26 freebsd sshd[24651]: Invalid user cristie from
195.43.9.246
May 6 16:59:29 freebsd sshd[24653]:
** At 07:33 +0200 on 05/08/2008, Peter Boosten wrote:
Vince Sabio wrote:
Note if you choose to do this: scp'ing files becomes a four-step
process (i.e., scp file(s) to intermediate server, log in to
intermediate server, scp to destination server, delete file(s) from
intermediate server).
Vince Sabio wrote:
** At 07:33 +0200 on 05/08/2008, Peter Boosten wrote:
Vince Sabio wrote:
Note if you choose to do this: scp'ing files becomes a four-step
process (i.e., scp file(s) to intermediate server, log in to
intermediate server, scp to destination server, delete file(s) from
On May 8, 2008, Mel wrote:
because:
for FILE in */*.[ch]; do scp ${FILE} host:/backup; done
is quicker to write then setup tunnels.
How about scp */*.[ch] host:/backup?
___
freebsd-questions@freebsd.org mailing list
On May 8, 2008, Norbert Papke wrote:
On May 8, 2008, Mel wrote:
because:
for FILE in */*.[ch]; do scp ${FILE} host:/backup; done
is quicker to write then setup tunnels.
How about scp */*.[ch] host:/backup?
To answer my own silly question, the above doesn't preserve paths. Anyway, as
On Thu, May 08, 2008 at 07:33:13AM +0200, Peter Boosten wrote:
Vince Sabio wrote:
Note if you choose to do this: scp'ing files becomes a four-step process
(i.e., scp file(s) to intermediate server, log in to intermediate server,
scp to destination server, delete file(s) from intermediate
Valeriu Mutu wrote:
On Thu, May 08, 2008 at 07:33:13AM +0200, Peter Boosten wrote:
Vince Sabio wrote:
Note if you choose to do this: scp'ing files becomes a four-step process
(i.e., scp file(s) to intermediate server, log in to intermediate server,
scp to destination server, delete file(s)
On Wednesday 07 May 2008 06:16:19 Norbert Papke wrote:
On May 6, 2008, Gilles wrote:
Is there a way to configure SSHd, so that the wait time between login
attempts increases after X failed tries?
I run sshd via inetd rather than as a stand-alone daemon. inetd provides
optional rate
On May 7, 2008, Mel wrote:
On Wednesday 07 May 2008 06:16:19 Norbert Papke wrote:
On May 6, 2008, Gilles wrote:
Is there a way to configure SSHd, so that the wait time between login
attempts increases after X failed tries?
I run sshd via inetd rather than as a stand-alone daemon.
ssh stream tcp nowait/20/4/10 root /usr/sbin/sshd sshd -i
into /etc/inetd.conf set a limit of
* 20 overall ssh connections
* 4 connection attempts per minute
* at most 10 connections from a single IP
This works very well on a personal server, not sure how it scales up.
So if I copy
** At 09:59 -0800 on 05/06/2008, Beech Rintoul wrote:
On Tuesday 06 May 2008, David Kelly said:
On Tuesday 06 May 2008, Gilles said:
Is there a way to configure SSHd, so that the wait time between
login attempts increases after X failed tries?
Depending on how you use ssh from
Vince Sabio wrote:
Note if you choose to do this: scp'ing files becomes a four-step process
(i.e., scp file(s) to intermediate server, log in to intermediate
server, scp to destination server, delete file(s) from intermediate
server). Still worth it, though.
Never thought of port
On Tuesday 06 May 2008, Gilles said:
Hello
I'm a bit tired of people trying to break into SSH:
May 6 16:59:23 freebsd sshd[24649]: Invalid user agatha from
195.43.9.246
May 6 16:59:26 freebsd sshd[24651]: Invalid user cristie from
195.43.9.246
May 6 16:59:29 freebsd sshd[24653]:
On Tue, May 06, 2008 at 09:31:15AM -0800, Beech Rintoul wrote:
Is there a way to configure SSHd, so that the wait time between
login attempts increases after X failed tries?
Not that I know of. You should look into denyhosts (in the ports) it
works well and even has a RBL feature to
On Tuesday 06 May 2008, David Kelly said:
On Tue, May 06, 2008 at 09:31:15AM -0800, Beech Rintoul wrote:
Is there a way to configure SSHd, so that the wait time between
login attempts increases after X failed tries?
Not that I know of. You should look into denyhosts (in the ports)
it
David Kelly wrote:
On Tue, May 06, 2008 at 09:31:15AM -0800, Beech Rintoul wrote:
Is there a way to configure SSHd, so that the wait time between
login attempts increases after X failed tries?
Not that I know of. You should look into denyhosts (in the ports) it
works well and even
Beech Rintoul wrote:
On Tuesday 06 May 2008, David Kelly said:
On Tue, May 06, 2008 at 09:31:15AM -0800, Beech Rintoul wrote:
Is there a way to configure SSHd, so that the wait time between
login attempts increases after X failed tries?
Not that I know of. You should look into denyhosts (in
On May 6, 2008, at 10:57, Randy Ramsdell wrote:
David Kelly wrote:
On Tue, May 06, 2008 at 09:31:15AM -0800, Beech Rintoul wrote:
Is there a way to configure SSHd, so that the wait time between
login attempts increases after X failed tries?
Not that I know of. You should look into
On Tue, May 06, 2008 at 02:26:43PM -0400, T. wrote:
I didn't realize this before, but it came to my attention when
debugging PAM problems. Actually, sshd default does not allow
it, but another default is in enabling PAM. It's passing power
over to PAM which is allowing it.
I didn't see
Doug Hardie wrote:
On May 6, 2008, at 10:57, Randy Ramsdell wrote:
David Kelly wrote:
On Tue, May 06, 2008 at 09:31:15AM -0800, Beech Rintoul wrote:
Is there a way to configure SSHd, so that the wait time between
login attempts increases after X failed tries?
Not that I know of. You
On Tue, 06 May 2008 19:11:45 +0200
Gilles [EMAIL PROTECTED] wrote:
Is there a way to configure SSHd, so that the wait time between login
attempts increases after X failed tries?
It shouldn't be too hard to patch
/usr/src/crypto/openssh/sshd.c:server_accept_loop()
by adding code for per-IP
On May 6, 2008, at 14:24, Randy Ramsdell wrote:
Doug Hardie wrote:
On May 6, 2008, at 10:57, Randy Ramsdell wrote:
David Kelly wrote:
On Tue, May 06, 2008 at 09:31:15AM -0800, Beech Rintoul wrote:
Is there a way to configure SSHd, so that the wait time between
login attempts increases
On May 6, 2008, Gilles wrote:
Is there a way to configure SSHd, so that the wait time between login
attempts increases after X failed tries?
I run sshd via inetd rather than as a stand-alone daemon. inetd provides
optional rate limiting functionality. For instance. putting
ssh stream
Andrew Pantyukhin wrote:
On Tue, May 06, 2008 at 02:26:43PM -0400, T. wrote:
I didn't realize this before, but it came to my attention when
debugging PAM problems. Actually, sshd default does not allow
it, but another default is in enabling PAM. It's passing power
over to PAM which is
cpghost wrote:
On Fri, 18 Apr 2008 13:46:48 -0500
Paul Schmehl [EMAIL PROTECTED] wrote:
Let me clarify. When I use the term host, I'm referring to what
many would call a personal workstation or personal computer. If
you have more than one person who has shell access to a computer,
then
this:
AllowUsers [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL
PROTECTED] [EMAIL PROTECTED]
It looks like AllowHosts is not available with the version of SSH that comes
with FreeBSD.
This works:
AllowUsers [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL
Wojciech Puchar wrote:
this:
AllowUsers [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL
PROTECTED] [EMAIL PROTECTED]
It looks like AllowHosts is not available with the version of SSH that
comes with FreeBSD.
This works:
AllowUsers [EMAIL PROTECTED] [EMAIL PROTECTED]
Gilles wrote:
Hello
I have a couple of questions about running SSHd:
1. I'd like to limit connections from the Net only from specific IP's.
It seems like there are several ways to do it (/etc/hosts.allow,
AllowHosts/AllowUsers, TCP-wrapper, port-knocking, etc.). Which would
you
Hi Gilles,
ssh is part of the base system, not an installed port (by default anyway) so
you won't see it with pkg_info which will only list installed packages. The
config file is /etc/ssh/sshd_config.
To limit connections, you should be using the firewall. I do use hosts.allow
too, but the
On Friday 18 April 2008 10:51:45 Gilles wrote:
1. I'd like to limit connections from the Net only from specific IP's.
It seems like there are several ways to do it (/etc/hosts.allow,
AllowHosts/AllowUsers, TCP-wrapper, port-knocking, etc.). Which would
you recommend?
hosts.allow == TCP
Hi,
Gilles wrote:
Hello
I have a couple of questions about running SSHd:
1. I'd like to limit connections from the Net only from specific IP's.
It seems like there are several ways to do it (/etc/hosts.allow,
AllowHosts/AllowUsers, TCP-wrapper, port-knocking, etc.). Which would
you
Mel wrote:
On Friday 18 April 2008 10:51:45 Gilles wrote:
1. I'd like to limit connections from the Net only from specific IP's.
It seems like there are several ways to do it (/etc/hosts.allow,
AllowHosts/AllowUsers, TCP-wrapper, port-knocking, etc.). Which would
you recommend?
--On Friday, April 18, 2008 19:14:49 +1000 Gary Newcombe
[EMAIL PROTECTED] wrote:
ssh is part of the base system, not an installed port (by default anyway) so
you won't see it with pkg_info which will only list installed packages. The
config file is /etc/ssh/sshd_config.
To limit connections,
Paul Schmehl wrote:
I have maintained publicly available servers for a small hobby domain
for almost ten years now. Initially, I bought in to this logic and ran
a firewall. (At that time we only had one server.) What it cost me was
CPU and memory. What it gained me was nothing. I turned it
On Fri, Apr 18, 2008 at 8:59 AM, Matthew Seaman
[EMAIL PROTECTED] wrote:
Paul Schmehl wrote:
I have maintained publicly available servers for a small hobby domain for
almost ten years now. Initially, I bought in to this logic and ran a
firewall. (At that time we only had one server.) What
Kurt Buff wrote:
On Fri, Apr 18, 2008 at 8:59 AM, Matthew Seaman
[EMAIL PROTECTED] wrote:
At any rate, locking down ssh access is one of my concerns, for sure,
so this discussion is helpful.
Wouldn't turning off password based logins and using public and private
keys (with a strong
On Fri, 18 Apr 2008 10:04:37 +0100, FreeBSD - Wire Consulting
[EMAIL PROTECTED] wrote:
sshd(8) is part of the base system, which is a FreeBSD patched version of
OpenSSH. Although, you can find some ports of bulk OpenSSH in
/usr/ports/security.
I don't have a firewall on that host because there's
On Fri, Apr 18, 2008 at 04:59:07PM +0100, Matthew Seaman wrote:
Paul Schmehl wrote:
I have maintained publicly available servers for a small hobby
domain for almost ten years now. Initially, I bought in to this
logic and ran a firewall. (At that time we only had one server.)
What it cost
Hi,
Gilles wrote:
I don't have a firewall on that host because there's already a NAT
router connecting the LAN to the Net.
I don't know your setup, but I'm pretty sure you can run the packet
filter on your host anyway.
You don't need to configure NAT to run your host firewall.
I'll just
Paul Schmehl wrote:
I see this statement all the time, and I wonder why. What does a
firewall on an individual host accomplish?
I have maintained publicly available servers for a small hobby domain
for almost ten years now. Initially, I bought in to this logic and ran
a firewall. (At
On Friday 18 April 2008 16:53:49 Paul Schmehl wrote:
I see this statement all the time, and I wonder why. What does a firewall
on an individual host accomplish?
...
Firewalls are for preventing access to running services. By definition, if
you are running a service, you want it to be
--On Friday, April 18, 2008 13:18:44 -0400 Jon Radel [EMAIL PROTECTED] wrote:
Paul Schmehl wrote:
I see this statement all the time, and I wonder why. What does a
firewall on an individual host accomplish?
I have maintained publicly available servers for a small hobby domain
for almost ten
--On Friday, April 18, 2008 20:30:53 +0200 Mel
[EMAIL PROTECTED] wrote:
On Friday 18 April 2008 16:53:49 Paul Schmehl wrote:
Firewalls are for preventing access to running services. By definition, if
you are running a service, you want it to be accessed.
That's your assumption.
First of
--On Friday, April 18, 2008 09:15:41 -0700 Kurt Buff [EMAIL PROTECTED]
wrote:
Not to detour this conversation too much, I hope, but I'm in a
different situation, and this is going to be an issue for me. I'm
putting together a box that's going to be a router for our company,
using BGP to give
On Friday 18 April 2008 20:53:37 Paul Schmehl wrote:
--On Friday, April 18, 2008 20:30:53 +0200 Mel
[EMAIL PROTECTED] wrote:
On Friday 18 April 2008 16:53:49 Paul Schmehl wrote:
Firewalls are for preventing access to running services. By definition,
if you are running a service, you want
--On Friday, April 18, 2008 21:37:45 +0200 Mel
[EMAIL PROTECTED] wrote:
[4] # grep sshd /etc/defaults/rc.conf
sshd_enable=NO# Enable sshd
No? Surely you're not using inetd?
I haven't used inetd in years. I'm not sure why you think I would be.
Well, since sshd_enable is
On Fri, 18 Apr 2008 10:04:37 +0100, FreeBSD - Wire Consulting
[EMAIL PROTECTED] wrote:
(snip)
Seems like I didn't do it right:
/etc/ssh/sshd_config:
[...]
AllowHosts 192.168.0 82.227.x.x
# /etc/rc.d/sshd restart
Stopping sshd.
Starting sshd.
/etc/ssh/sshd_config: line 119: Bad configuration
--On Saturday, April 19, 2008 00:12:41 +0200 Gilles [EMAIL PROTECTED]
wrote:
On Fri, 18 Apr 2008 10:04:37 +0100, FreeBSD - Wire Consulting
[EMAIL PROTECTED] wrote:
(snip)
Seems like I didn't do it right:
/etc/ssh/sshd_config:
[...]
AllowHosts 192.168.0 82.227.x.x
# /etc/rc.d/sshd restart
On Fri, 18 Apr 2008 13:46:48 -0500
Paul Schmehl [EMAIL PROTECTED] wrote:
Let me clarify. When I use the term host, I'm referring to what
many would call a personal workstation or personal computer. If
you have more than one person who has shell access to a computer,
then you no longer have
At 18:17 18/04/2008 -0500, Paul Schmehl wrote:
If you want to restrict sshd logins by host, you can use AllowUsers like this:
AllowUsers [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL
PROTECTED] [EMAIL PROTECTED]
It looks like AllowHosts is not available with the version of SSH
Any ideas? I tried doing an ldd on /usr/lib/pam* inside the
/etc/rc.d/sshd script, but the output is identical when it starts up
on boot as when I restart it. No missing libraries/etc.
Problem solved! In going from 32-bit to 64-bit, my login.conf really
needed to change. I had a default memory
Hello Huy:
-Original Message-
From: [EMAIL PROTECTED] [mailto:owner-freebsd-
[EMAIL PROTECTED] On Behalf Of Schiz0
Sent: Tuesday, July 10, 2007 7:13 PM
To: Huy Ton That
Cc: [EMAIL PROTECTED]
Subject: Re: sshd config config file question
On 7/10/07, Huy Ton That [EMAIL PROTECTED
On 7/10/07, Huy Ton That [EMAIL PROTECTED] wrote:
No, it was unhashed. Thanks for pointing it out though. But the strange
thing is when I run:
/etc/rc.d/sshd status
I get no message
No message for start, restart, reload etc. I am performing these commands as
root.
Any ideas?
(couple
The daemon is up and has been up for a long time. In fact, when I made these
changes to sshd_config, for instance as a test maxauthtries to 3 I also
reloaded it during a ssh terminal session. After which I logged back in and
as a test, purposely errored the tries; it still defaulted to 6 despite
On 7/10/07, Huy Ton That [EMAIL PROTECTED] wrote:
The daemon is up and has been up for a long time. In fact, when I made these
changes to sshd_config, for instance as a test maxauthtries to 3 I also
reloaded it during a ssh terminal session. After which I logged back in and
as a test, purposely
Christopher Cowart [EMAIL PROTECTED] writes:
When I ssh into FreeBSD hosts without allocating a tty, sshd segfaults
after the process terminates. This problem occurs on both 6_1_REL and
6_2_REL installations at all sorts of patch levels.
Examples:
Client: `ssh -t server ls`
Server Logs:
On Fri, May 11, 2007 at 10:59:19AM -0400, Lowell Gilbert wrote:
Christopher Cowart [EMAIL PROTECTED] writes:
When I ssh into FreeBSD hosts without allocating a tty, sshd segfaults
after the process terminates. This problem occurs on both 6_1_REL and
6_2_REL installations at all sorts of
On Mon, 26 Mar 2007, Don O'Neil wrote:
I just updated my openSSH to the latest and now when I login I get this:
login as: don
[EMAIL PROTECTED]'s password:
How do I ether set it to show the hostname instead of the IP or get rid of
the @ip altogether like the original openSSH ran?
I'm using
Cédric Jonas wrote:
Hi all,
I set up a some sshd servers which authenticates their users through a
LDAP DB. To realize this, I used PAM.
Everything ok until now.
Then, via PAM (pam_filter) and the host attribute in the LDAP DB, I only
allowed logon on specifical hosts for some users.
After
On Sun, 04 Mar 2007 16:39:29 +
Tom Judge [EMAIL PROTECTED] wrote:
Cédric Jonas wrote:
Hi all,
I set up a some sshd servers which authenticates their users
through a LDAP DB. To realize this, I used PAM.
Everything ok until now.
Then, via PAM (pam_filter) and the host
The errors you are getting is indicative that sshd is already running. Try
doing:
ps -ax|grep named
-Derek
At 12:30 PM 2/26/2007, Noah wrote:
Hi there,
any clues why sshd is attempting to start twice?
sshd[836]: error: Bind to port 22 on :: failed: Address already in use.
On 2007-02-26 10:30, Noah [EMAIL PROTECTED] wrote:
Hi there,
any clues why sshd is attempting to start twice?
sshd[836]: error: Bind to port 22 on :: failed: Address already in use.
sshd[836]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
here is the /etc/rc.conf of
On 2007/02/26 10:07, Giorgos Keramidas seems to have typed:
On 2007-02-26 10:30, Noah [EMAIL PROTECTED] wrote:
sshd_enable=YES
sshd_program=/usr/local/sbin/sshd
[snip]
inetd_enable=YES
[snip]
I see you have switched the `rc.conf' path of sshd to point to the
version of sshd in
Peter A. Giessel wrote:
On 2007/02/26 10:07, Giorgos Keramidas seems to have typed:
On 2007-02-26 10:30, Noah [EMAIL PROTECTED] wrote:
sshd_enable=YES
sshd_program=/usr/local/sbin/sshd
[snip]
inetd_enable=YES
[snip]
I see you have switched the `rc.conf' path of sshd to point to the
On 2007-02-26 10:28, Peter A. Giessel [EMAIL PROTECTED] wrote:
On 2007/02/26 10:07, Giorgos Keramidas seems to have typed:
On 2007-02-26 10:30, Noah [EMAIL PROTECTED] wrote:
sshd_enable=YES
sshd_program=/usr/local/sbin/sshd
[snip]
inetd_enable=YES
[snip]
I see you have
On 2007-02-26 13:06, Derek Ragona [EMAIL PROTECTED] wrote:
The errors you are getting is indicative that sshd is already running.
Try doing:
ps -ax|grep named
You mean grep sshd right? :)
A slightly more complex command, which gives nicer output is:
$ ps xau -p $(echo $(pgrep 'ssh') |
Peter A. Giessel wrote:
On 2007/02/26 10:07, Giorgos Keramidas seems to have typed:
On 2007-02-26 10:30, Noah [EMAIL PROTECTED] wrote:
sshd_enable=YES
sshd_program=/usr/local/sbin/sshd
[snip]
inetd_enable=YES
[snip]
I see you have switched the `rc.conf'
1 - 100 of 290 matches
Mail list logo