On Wednesday 11 September 2002 03:49, S Mohan wrote: > I've now getting to some deployment scenarios after playing around with > bering. I've a few doubts and would appreciate some pointers. > > 1. In shorewall, the FAQ/doc says that sshd should be commented in inetd > for it to work. I thought it was there to make sure controls of > host.deny and host.allow could apply. Why is it being commented? All Bering distro so far up to and including rc3 expect sshd to run through inetd. Therefore you have in inetd.conf : <snip> #:OTHER: Other services ssh stream tcp nowait root /usr/sbin/tcpd /usr/sbin/sshd -i www stream tcp nowait sh-httpd /usr/sbin/tcpd ... <snip> <snip> Prior to sshd 3.4p1 the /etc/init.d/sshd script was a "dummy" script since sshd was running by default through inetd.conf
With sshd 3.4p1, as mentionned in the changelog, the /etc/init.d/sshd script runs sshd a normal daemon that will stay in memory. This is compliant with the sshd debian package. That is why you have to comment out the ssh line in inetd.conf if you are using Bering rc3. Of course that will be the default in rc4. I thought it was is pretty clear in the changelog statement of sshd 3.4p1. But apparently not... http://leaf.sourceforge.net/devel/jnilo/openssh1.html#AEN55 http://leaf.sourceforge.net/devel/jnilo/packages/openssh-3.4p1/README.txt > 2. I shut down shorewall and changed all policies to accept to first see > if my services are going thro'. When I try to login thro' ssh to the > bering box, the login takes almost 4 minutes to show up on the screen. > My bering box is a P4 1.7Mhz with 512MB RAM! I'm sure something is wrong > in the config but do not know what. Once again, this is a FAQ. http://leaf.sourceforge.net/devel/jnilo/openssh4.html#AEN184 Add you client IP address in your router /etc/hosts file > 3. I tried running weblet using /usr/sbin/sh-httpd& and then did a ps. > Ps shows stopped for sh-httpd (tty input). I cannot run sh-httpd as a > service using svi as no entry in /etc/init.d exists. Am I wrong? I also > configured weblet to accept client logins from a specified network by > uncommenting that line. When I invoke sh-httpd& after this, I'm getting > Exit 1 status in ps ax. Why would this be? I went back and commented > that line, sh-httpd worked as earlier. I leave that one to someone else :-) > 4. Will lrps from oxygen or dachenstein work on bering? Some of the lrps > I need are not available on bering - wget, vrrpd etc. Generally yes. Be careful since some oxygen packages are glic 2.1 based. Dachstein should work in most case but in some cases you might need to modify the scripts (e.g. dhclient); My advice: just give it a try ... Jacques ------------------------------------------------------- In remembrance www.osdn.com/911/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
