Re: [Cooker] ssh in msec level 4
Jeremy Salch <[EMAIL PROTECTED]> writes: > Well i stuck that in the hosts.allow but it still doesn't allow connectoins > I don't see what is going wrong here. I do that daily with a security level of 5 and it works fine. -- Fred - May the source be with you
Re: [Cooker] ssh in msec level 4
I dont know what happened with the system it got really freaky so i just reinstalled the system i'll try setting that up again tonight when i get home so i don't get cut off from the server here at work On Wednesday 20 February 2002 01:21 pm, you wrote: > Jeremy Salch <[EMAIL PROTECTED]> writes: > > Well i stuck that in the hosts.allow but it still doesn't allow > > connectoins > > I don't see what is going wrong here. I do that daily with a security > level of 5 and it works fine.
Re: [Cooker] ssh in msec level 4
well at first that worked but after leaving it running for a while and after a reboot it no longer accepts connecitons again. On Tuesday 19 February 2002 04:21 pm, you wrote: > so i added > > authorized_services(all) to the level.local file and that made it work > but but i wonder if that could potentially open up other stuff perhaps /? > > On Tuesday 19 February 2002 04:10 pm, you wrote: > > Well i stuck that in the hosts.allow but it still doesn't allow > > connectoins > > > > On Tuesday 19 February 2002 03:12 pm, you wrote: > > > On Tuesday 19 February 2002 12:51 pm, you wrote: > > > > Jeremy Salch <[EMAIL PROTECTED]> writes: > > > > > Thankyou that was the problem. I was pulling my hair out. Now I > > > > > just have to figure out how to make that stick so that when i go to > > > > > level 4 the hosts.deny file will have what I want in it. The only > > > > > problem is i dont konw what files to modify. > > > > > > > > To allow ssh connections in high security level, use the following in > > > > /etc/hosts.allow: > > > > > > > > sshd: ALL > > > > > > Alright Thankyou very much I went in and edited one of the libmsec.py > > > or something i can't remember so it wouldn't put that line in the > > > hosts.deny but now i guess all i need to do is that.. cool ok thanks
Re: [Cooker] ssh in msec level 4
so i added authorized_services(all) to the level.local file and that made it work but but i wonder if that could potentially open up other stuff perhaps /? On Tuesday 19 February 2002 04:10 pm, you wrote: > Well i stuck that in the hosts.allow but it still doesn't allow connectoins > > On Tuesday 19 February 2002 03:12 pm, you wrote: > > On Tuesday 19 February 2002 12:51 pm, you wrote: > > > Jeremy Salch <[EMAIL PROTECTED]> writes: > > > > Thankyou that was the problem. I was pulling my hair out. Now I just > > > > have to figure out how to make that stick so that when i go to level > > > > 4 the hosts.deny file will have what I want in it. The only problem > > > > is i dont konw what files to modify. > > > > > > To allow ssh connections in high security level, use the following in > > > /etc/hosts.allow: > > > > > > sshd: ALL > > > > Alright Thankyou very much I went in and edited one of the libmsec.py or > > something i can't remember so it wouldn't put that line in the hosts.deny > > but now i guess all i need to do is that.. cool ok thanks
Re: [Cooker] ssh in msec level 4
Well i stuck that in the hosts.allow but it still doesn't allow connectoins On Tuesday 19 February 2002 03:12 pm, you wrote: > On Tuesday 19 February 2002 12:51 pm, you wrote: > > Jeremy Salch <[EMAIL PROTECTED]> writes: > > > Thankyou that was the problem. I was pulling my hair out. Now I just > > > have to figure out how to make that stick so that when i go to level 4 > > > the hosts.deny file will have what I want in it. The only problem is > > > i dont konw what files to modify. > > > > To allow ssh connections in high security level, use the following in > > /etc/hosts.allow: > > > > sshd: ALL > > Alright Thankyou very much I went in and edited one of the libmsec.py or > something i can't remember so it wouldn't put that line in the hosts.deny > but now i guess all i need to do is that.. cool ok thanks
Re: [Cooker] ssh in msec level 4
On Tuesday 19 February 2002 12:51 pm, you wrote: > Jeremy Salch <[EMAIL PROTECTED]> writes: > > Thankyou that was the problem. I was pulling my hair out. Now I just > > have to figure out how to make that stick so that when i go to level 4 > > the hosts.deny file will have what I want in it. The only problem is i > > dont konw what files to modify. > > To allow ssh connections in high security level, use the following in > /etc/hosts.allow: > > sshd: ALL Alright Thankyou very much I went in and edited one of the libmsec.py or something i can't remember so it wouldn't put that line in the hosts.deny but now i guess all i need to do is that.. cool ok thanks
Re: [Cooker] ssh in msec level 4
Jeremy Salch <[EMAIL PROTECTED]> writes: > Thankyou that was the problem. I was pulling my hair out. Now I just have to > figure out how to make that stick so that when i go to level 4 the hosts.deny > file will have what I want in it. The only problem is i dont konw what > files to modify. To allow ssh connections in high security level, use the following in /etc/hosts.allow: sshd: ALL -- Fred - May the source be with you
Re: [Cooker] ssh in msec level 4
Guillaume Rousse <[EMAIL PROTECTED]> writes: > Ainsi parlait Jeremy Salch : > > Thankyou that was the problem. I was pulling my hair out. Now I just have > > to figure out how to make that stick so that when i go to level 4 the > > hosts.deny file will have what I want in it. The only problem is i dont > > konw what files to modify. > use such a level.local file in /etc:security/msec: > > from mseclib import * > > # authorize all services > authorize_services(ALL) > > Currently one has to dig in /usr/share/msec.py to find available options. > Fred, unless your objective is having everyone learning python, a list of all > available options with possible values would be of a great. I have started a man page for mseclib which describes all the available functions (try man mseclib). -- Fred - May the source be with you
Re: [Cooker] ssh in msec level 4
Ainsi parlait Jeremy Salch : > Thankyou that was the problem. I was pulling my hair out. Now I just have > to figure out how to make that stick so that when i go to level 4 the > hosts.deny file will have what I want in it. The only problem is i dont > konw what files to modify. use such a level.local file in /etc:security/msec: from mseclib import * # authorize all services authorize_services(ALL) Currently one has to dig in /usr/share/msec.py to find available options. Fred, unless your objective is having everyone learning python, a list of all available options with possible values would be of a great. -- Guillaume Rousse <[EMAIL PROTECTED]> GPG key http://lis.snv.jussieu.fr/~rousse/gpgkey.html
Re: [Cooker] ssh in msec level 4
Thankyou that was the problem. I was pulling my hair out. Now I just have to figure out how to make that stick so that when i go to level 4 the hosts.deny file will have what I want in it. The only problem is i dont konw what files to modify. On Tuesday 19 February 2002 12:31 am, you wrote: > Well, the reason for it lies in your /etc/hosts.deny file. ssh uses the tcp > wrapper and so it uses that file. And I bet that if you look into your > file, it says deny to all. Not I believe that even if you change the file > by hand, msec overwrites it priodically. Either change msec by hand, go to > a lower level, or don't use it. > > Quoting Jeremy Salch <[EMAIL PROTECTED]>: > > no it does it when i try to connect to it as anyone > > > > On Tuesday 19 February 2002 12:09 am, you wrote: > > > > whenever I go to msec level 4 i always get this message when trying > > > > to connect to it > > > > > > > > > > > > ssh_exchange_identification: Connection closed by remote host > > > > > > > > > > > > how do i fix this. it works fine in level 3 but when i go to level 4 > > > > > > it all > > > > > > > craps out > > > > > > As root?
Re: [Cooker] ssh in msec level 4
Well, the reason for it lies in your /etc/hosts.deny file. ssh uses the tcp wrapper and so it uses that file. And I bet that if you look into your file, it says deny to all. Not I believe that even if you change the file by hand, msec overwrites it priodically. Either change msec by hand, go to a lower level, or don't use it. Quoting Jeremy Salch <[EMAIL PROTECTED]>: > no it does it when i try to connect to it as anyone > > > On Tuesday 19 February 2002 12:09 am, you wrote: > > > whenever I go to msec level 4 i always get this message when trying to > > > connect to it > > > > > > > > > ssh_exchange_identification: Connection closed by remote host > > > > > > > > > how do i fix this. it works fine in level 3 but when i go to level 4 > > > > it all > > > > > craps out > > > > As root? >
RE: [Cooker] ssh in msec level 4
> Subject: Re: [Cooker] ssh in msec level 4 > > no it does it when i try to connect to it as anyone > strange, I have server at msec 4 and can ssh into it without any problem. What is in /etc/hosts.{alow,deny}? By default level 4 closes everything except localhost > > On Tuesday 19 February 2002 12:09 am, you wrote: > > > whenever I go to msec level 4 i always get this message when trying to > > > connect to it > > > > > > > > > ssh_exchange_identification: Connection closed by remote host > > > > > > > > > how do i fix this. it works fine in level 3 but when i go to level 4 > > > > it all > > > > > craps out > > > > As root?
Re: [Cooker] ssh in msec level 4
no it does it when i try to connect to it as anyone On Tuesday 19 February 2002 12:09 am, you wrote: > > whenever I go to msec level 4 i always get this message when trying to > > connect to it > > > > > > ssh_exchange_identification: Connection closed by remote host > > > > > > how do i fix this. it works fine in level 3 but when i go to level 4 > > it all > > > craps out > > As root?
RE: [Cooker] ssh in msec level 4
> whenever I go to msec level 4 i always get this message when trying to > connect to it > > > ssh_exchange_identification: Connection closed by remote host > > > how do i fix this. it works fine in level 3 but when i go to level 4 it all > craps out > As root?
[Cooker] ssh in msec level 4
whenever I go to msec level 4 i always get this message when trying to connect to it ssh_exchange_identification: Connection closed by remote host how do i fix this. it works fine in level 3 but when i go to level 4 it all craps out