I've followed the install instructions on the website, it still isn't working. but when i install a ssh client on the firewall and then try to connect to the sshd (wich is allso on the firewall) i still can't connect, then i get "exchange_identification : connection closed by remote host" and in the host.allow is a line "ALL: 192.168.1.0/255.255.255.0".
I had allmost the same problem with dachstein, i solved that by getting the sshd.lrp from the dachstein cd-rom. I can't find another sshd.lrp for bering, every site links to http://leaf.sourceforge.net/devel/jnilo/ How can i solve my problem? PS with SILENT_DENY i mean i don't want to log this message "Oct 10 02:01:02 firewall kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:80:2d:6a:f5:8b:08:00 SRC=172.31.254.129 DST=255.255.255.255 LEN=348 TOS=0x00 PREC=0x00 TTL=253 ID=45715 DF PROTO=UDP SPT=67 DPT=68 LEN=328" otherwise i get very large logfiles because i get this like 3000 times a day. Thanks in advance, Aris ----- Original Message ----- From: "Jeff Newmiller" <[EMAIL PROTECTED]> To: "ArisB" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, October 10, 2002 2:40 AM Subject: Re: [leaf-user] ssh > On Thu, 10 Oct 2002, ArisB wrote: > > > I'm now using bering instead of dachstein and im trying to setup a sshd > > (internal). > > So i downloaded ssh,sshd,libz,sshkey from > > ssh.lrp shouldn't be necessary, and may actually be a bad idea for a > firewall. > > > http://leaf.sourceforge.net/devel/jnilo/ > > I put them on a disk (1440) and configured bering to start from 2 diskettes. > > I have made a key (with makekey) and it seems to be installed. > > but when i try to connect from a client i see this: > > "ssh_exchange_identification : connection closed by remote host" (with > > redhat 8.0), in windows with putty i only get the message "connection closed > > by remote host" > > Is /etc/hosts.allow configured to let you connect? > > Have you followed the instructions for configuring an "sshd" user for > privilege separation? http://leaf.sourceforge.net/devel/jnilo/openssh.html > > > PS where can i configure silent_deny in bering? > > If you mean use DENY rather than REJECT for default packet handling... in > the Shorewall policy file. > > -------------------------------------------------------------------------- - > Jeff Newmiller The ..... ..... Go Live... > DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go... > Live: OO#.. Dead: OO#.. Playing > Research Engineer (Solar/Batteries O.O#. #.O#. with > /Software/Embedded Controllers) .OO#. .OO#. rocks...2k > -------------------------------------------------------------------------- - > ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
