[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] access via SSH



Hi !

> I turned off FW and then I can access it using SSH, so probably not a v1 or v2 
> issue. Yes sshd is running.
> Strange is that I setup FW with yast2 and surely allowe SSH as added service,
> I also accept port 22 to be open. This is confermed to be open using nmap 
> scanning localhost (127.0.0.1)
>
--> You have to scan from OUTSIDE, because localhost may well be open 
locally while the FW is blocking the requests from outside.

Check /etc/ssh/sshd_config to make sure there is no "ListenAddress" 
restrictions.

Check /etc/sysconfig/SuSEfirewall2 
Make sure "ssh" is in "FW_SERVICES_EXT_TCP".

Check /etc/hosts.allow to make sure the hosts are allowed to connect 
to the ssh-daemon. Add a line
sshd: your.ip
or
sshd: your.ip/netmask
 
> Looking in /var/log/messages I notice that the boxes that want to
> gain access will be DROPPED by SuSE FW.
>
--> Could you post the line from /var/log/messages where the 
connection is dropped.

HTH,
Armin

-- 
Am Hasenberg 26         office: Institut für Atmosphärenphysik
D-18209 Bad Doberan             Schloss-Straße 6
Tel. ++49-(0)38203/42137        D-18225 Kühlungsborn / GERMANY
Email: schoech@xxxxxxxxxxxx     Tel. +49-(0)38293-68-102
WWW: http://armins.cjb.net/     Fax. +49-(0)38293-68-50

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here