[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] access via SSH
> I turned off FW and then I can access it using SSH, so probably not a v1 or v2
> issue. Yes sshd is running.
> Strange is that I setup FW with yast2 and surely allowe SSH as added service,
> I also accept port 22 to be open. This is confermed to be open using nmap
> scanning localhost (127.0.0.1)
--> You have to scan from OUTSIDE, because localhost may well be open
locally while the FW is blocking the requests from outside.
Check /etc/ssh/sshd_config to make sure there is no "ListenAddress"
Make sure "ssh" is in "FW_SERVICES_EXT_TCP".
Check /etc/hosts.allow to make sure the hosts are allowed to connect
to the ssh-daemon. Add a line
> Looking in /var/log/messages I notice that the boxes that want to
> gain access will be DROPPED by SuSE FW.
--> Could you post the line from /var/log/messages where the
connection is dropped.
Am Hasenberg 26 office: Institut für Atmosphärenphysik
D-18209 Bad Doberan Schloss-Straße 6
Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY
Email: schoech@xxxxxxxxxxxx Tel. +49-(0)38293-68-102
WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here