Hi, i have OpenSSH working on Bering. I use the hint with commenting "exit 0". Thanks to the persons who gimme the hints.
Somethings i had to do also: 1. make the following directory /var/run/sshd. and 2. uncomment PermitRootLogin Yes in the file /etc/ssh/sshd.config. Later. Manfred Schuler <[EMAIL PROTECTED]> wrote: >[EMAIL PROTECTED] wrote: >> Hi, thanks for the quick reply's. >> >> Sorry for the short coming of my bering firewall information. >> >> Now i will give you more info. >> >> 1. You should confirm that sshd is running on the Bering firewall. >> YES, lrpkg -l shows that LIBZ and SSHD are running. >> With ps i don't see anything about SSHD. >> >> 2. Are you trying to connect to the router from the LAN side or the >> external side? Are you certain you are using the right IP address in either >> case? If the connection is external, is it possible that your ISP >> interferes with traffic to port 22 (ssh)? >> I only want to work from local to firewall. >> � >> 3. Just in case ... the default in putty is a telnet connection. You are >> changing that to ssh, right? >> YES. >> >> 4. "the standard policy and rules of the bering firewall" is not really all >> that well-defined; there is a lot of customizing you can, and sometimes >> need to, do to make Shorewall work with "standard" Bering settings. You >> might find it worthwhile to review the output of "/sbin/shorewall status" >> ... or to post it here if �you need help interpreting it. >> >> HOSTS.ALLOW >> ALL: 192.168.1.0/255.255.255.0 >> >> HOSTS.DENY >> ALL: PARANOID >> ALL: ALL >> >> ZONES: >> net net internet >> adsl � �adsl � �alcatel modem >> loc local � local networks >> >> Ifaces �net ppp0 � �- � � � routefilter,norfc1918 >> � � adsl � �eth0 � �10.0.0.255 �routefilter >> � � loc eth1 � �192.168.1.255 � routestopped >> >> policy �loc loc ACCEPT >> � � � � loc net ACCEPT >> � � � � loc fw �ACCEPT >> � � fw �adsl � �ACCEPT >> � � net all DROP � �ULOG >> � � all all REJECT �ULOG >> >> rules >> >> ACCEPT � � � loc � � �fw � � � � �tcp � � � �22 >> >> 5. Is your Windows host set up properly in general, with respect to its IP >> address, routing table, and gateway address? One test: can you ping the >> Bering firewall (do it from a DOS prompt if you don't have a GUI ping app >> installed)? If not, how does a ping attempt fail? >> >> Pinging no problem. Watching Bering via Browser no problem and internetting no >> problem. >> >> >> >> Twisterf5S wrote: >> >> >>>Hi, >>> >>>i trying to get the following situation to work: >>>Windows pc with Putty connecting to Bering Firewall. >>> >>>When i make the connection via Putty i get the following reply: >>>* Network error. Connection Refused. >>> >>>I have read the online Bering Openssh documentation. >>> >>>I have the Bering 1.1 firewall. >>> >>>I have the standard policy and rules of the bering firewall. >>> >>>I don't understand what i'm doing wrong. >>> >>>Any comments. >>> >>>__________________________________________________________________ >>>The NEW Netscape 7.0 browser is now available. Upgrade now! >>>http://channels.netscape.com/ns/browsers/download.jsp >>> >>>Get your own FREE, personal Netscape Mail account today at >>>http://webmail.netscape.com/ >>> >> >> >> __________________________________________________________________ >> The NEW Netscape 7.0 browser is now available. Upgrade now! >> http://channels.netscape.com/ns/browsers/download.jsp >> >> Get your own FREE, personal Netscape Mail account today at >> http://webmail.netscape.com/ >> >> >> ------------------------------------------------------- >> This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger >> for complex code. Debugging C/C++ programs can leave you feeling lost and >> disoriented. TotalView can help you find your way. Available on major UNIX >> and Linux platforms. Try it free. www.etnus.com >> ------------------------------------------------------------------------ >> leaf-user mailing list: [EMAIL PROTECTED] >> https://lists.sourceforge.net/lists/listinfo/leaf-user >> SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html >> >> > >IIRC sshd is not enabled in inetd.conf and the file /etc/init.d/sshd >contains this lines: > >#Comment out and edit /etc/inetd.conf to run as a stand alone server >echo "Secure Shell server via inetd: sshd" >exit 0 > >So sshd is not started. You have to decide, if you start sshd by inetd >or by initscript. > >When started by inted, connecting to LEAF takes more time, because the >session key must be generated by sshd before connecting. > >Starting by initscript consumes some memory, because sshd is always running, >even when you are not logged in. > >So you have either to uncomment the sshd line in /etc/inetd.conf and backup etc >or comment the "exit 0" line in /etc/init.d/sshd and backup ssh > >Manfred > >-- >Manfred Schuler >E_Mail: mailto:[EMAIL PROTECTED] > > > >------------------------------------------------------- >This sf.net email is sponsored by:ThinkGeek >Welcome to geek heaven. >http://thinkgeek.com/sf >------------------------------------------------------------------------ >leaf-user mailing list: [EMAIL PROTECTED] >https://lists.sourceforge.net/lists/listinfo/leaf-user >SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > __________________________________________________________________ The NEW Netscape 7.0 browser is now available. Upgrade now! http://channels.netscape.com/ns/browsers/download.jsp Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger for complex code. Debugging C/C++ programs can leave you feeling lost and disoriented. TotalView can help you find your way. Available on major UNIX and Linux platforms. Try it free. www.etnus.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
