Sshd problem
Installed freebsd 5.3 , put the box on the local network , used ssh to setup the box. Changed ip address to public address and made the box live so to speak. Ever since the ip was changed i am unable to ssh into the box , logs show error : Fatal timeout before authentication could occur. Things like Allow root login and all that was set because ssh was used just after the ip change did this happen. Is this a known issue that ssh stops working after an ip change or anyone got nay ideas on this issue ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sshd problem
Changed ip address to public address and made the box live so to speak. Ever since the ip was changed i am unable to ssh into the box , logs show error : Fatal timeout before authentication could occur. Did you, by any chance, used the IP from a previous box that was already configured with SSH server? In that case your ssh client would have the public key for the old server in it's table of known hosts, and would find a missmatch with the public key of the new server. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sshd problem
Unfortunately, sshd remains bound to the IP it had when it started. This isn't an issue with FBSD, but with OpenSSH. I see this all the time on other UNIX/Linux boxes. A possible solution to it in the future would be to issue a HUP to sshd using nohup. e.g. [EMAIL PROTECTED] nohup ifconfig xxx.xxx.xxx.xxx netmask xxx.xxx.xxx.xxx; killall -HUP sshd Hope that helps Casey On Tuesday 21 June 2005 09:05 am, Philip Wege wrote: Things like Allow root login and all that was set because ssh was used just after the ip change did this happen. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sshd problem
You cant even ssh onto the server from itself , it still times out. On Tue, 2005-06-21 at 14:12 +0700, Olivier Nicole wrote: Changed ip address to public address and made the box live so to speak. Ever since the ip was changed i am unable to ssh into the box , logs show error : Fatal timeout before authentication could occur. Did you, by any chance, used the IP from a previous box that was already configured with SSH server? In that case your ssh client would have the public key for the old server in it's table of known hosts, and would find a missmatch with the public key of the new server. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
sshd problem(s)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alright, I've been at this all day and searching all over the place and have been unable to find an acceptable answer for this. Whenever ssh'ing to or from my fbsd box i receive the following error: ssh_exchange_identification: Connection closed by remote host === So in light of this, I did some research as far as my use of pf, portsentry, and hosts.allow/deny go. I double and triple checked, including using tcpdmatch and there are no rules for block of ssh(d) traffic on port 22. /var/log/auth.log only shows this: Jun 24 14:06:57 atari sshd[47710]: refused connect from nintendo (192.168.0.3), or whereever else ssh connections are coming from. uname -a: FreeBSD atari.hwnet.ath.cx 5.1-RELEASE-p17 FreeBSD 5.1-RELEASE-p17 #5: Fri Jun 11 10:01:20 CDT 2004 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/ATARI i386 ssh -V: OpenSSH_3.6.1p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL 0x0090701f pfctl -sr: scrub in all fragment reassemble pass out all pass quick on lo0 all block drop in log all pass in on sis0 inet6 proto tcp from any to fe80::230:95ff:fe00:8be4 port = ssh pass in on sis0 inet proto tcp from any to 192.168.0.4 port = ssh pass in on sis0 inet proto tcp from any to 192.168.7.34 port = ssh pass out on sis0 proto tcp all keep state pass out on sis0 proto udp all keep state pass in on sis0 proto tcp from any to foo port = http keep state pass in on sis0 proto udp from any to foo port = http keep state pass in on sis0 proto tcp from any to foo port = 3292 keep state block drop in on sis0 inet proto tcp from 66.159.250.0/24 to any block drop in on sis0 inet proto udp from 66.159.250.0/24 to any pass in on sis0 proto tcp from any to foo port = https pass in on sis0 inet proto tcp from 192.168.0.0/24 to any pass in on sis0 inet proto udp from 192.168.0.0/24 to any if there is any other info i can provide please let me know. i apologize for the lengthy outputs, but i figured it would be best for assistance in fixing this problem. the only change that im aware of as far as the network goes is i had the modem replaced today, but that did not affect internal network activity whatsoever. Thanks, Marc - -- Marc Cabanatuan [EMAIL PROTECTED] Network and Systems Administrator A+, Net+, Linux+, CCNA, MCP -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA28ZAQXmDWC9ByjIRAuS1AJ942op9+vBWbhJLmkJC0GImhk3ddQCgtr63 /eG3UJu7QU9xJbXHTN7NB48= =PX0D -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: SSHD problem
Hello Kris, | You do realise the sshd in 4.4-RELEASE has a serious security | vulnerability? Unfortunately I didn't know that. Would the coredump (and security) problem be fixed after upgrading SSHD? Thank you. Jacco To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: SSHD problem
On Wed, Oct 16, 2002 at 06:30:12PM +0200, Jacco wrote: Hello Kris, | You do realise the sshd in 4.4-RELEASE has a serious security | vulnerability? Unfortunately I didn't know that. Would the coredump (and security) problem be fixed after upgrading SSHD? No idea about the coredump, but the security problem will certainly be fixed by following the upgrade directions in the security advisory. Kris msg05354/pgp0.pgp Description: PGP signature
SSHD problem
Hello all, The last day's I tied to get ssh(d) working. My firewall is running FreeBSD 4.4-RELEASE. from external host: ssh host Connection closed by host Connections from my internal network are working right/correct. /var/log/messages: Oct 15 22:47:00 host /kernel: pid 2976 (sshd), uid 0: exited on signal 11 (core dumped) Oct 15 22:47:00 host /kernel: pid 2976 (sshd), uid 0: exited on signal 11 (core dumped) Oct 15 22:47:00 host /kernel: Oct 15 22:47:00 lionsoft /kernel: pid 2976 (sshd), uid 0: exited on signal 11 (core dumped) -rw--- 1 root wheel 512000 Oct 15 22:42 sshd.core host# gdb /usr/sbin/sshd /sshd.core GNU gdb 4.18 Copyright 1998 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type show copying to see the conditions. There is absolutely no warranty for GDB. Type show warranty for details. This GDB was configured as i386-unknown-freebsd... (no debugging symbols found)... Core was generated by `sshd'. Program terminated with signal 11, Segmentation fault. Reading symbols from /usr/lib/libkrb5.so.3...(no debugging symbols found)... done. Reading symbols from /usr/lib/libasn1.so.3...(no debugging symbols found)... done. Reading symbols from /usr/lib/libcom_err.so.2...(no debugging symbols found)... done. Reading symbols from /usr/lib/libmd.so.2...(no debugging symbols found)...done. Reading symbols from /usr/lib/libroken.so.3...(no debugging symbols found)... done. Reading symbols from /usr/lib/libopie.so.2...(no debugging symbols found)... done. Reading symbols from /usr/lib/libcrypt.so.2...(no debugging symbols found)... done. ---Type return to continue, or q return to quit--- Reading symbols from /usr/lib/libcrypto.so.2...(no debugging symbols found)... done. Reading symbols from /usr/lib/libutil.so.3...(no debugging symbols found)... done. Reading symbols from /usr/lib/libz.so.2...(no debugging symbols found)...done. Reading symbols from /usr/lib/libwrap.so.3...(no debugging symbols found)... done. Reading symbols from /usr/lib/libpam.so.1...(no debugging symbols found)... done. Reading symbols from /usr/lib/libc.so.4...(no debugging symbols found)...done. Reading symbols from /usr/libexec/ld-elf.so.1...(no debugging symbols found)... done. #0 0x80531fb in getsockname () (gdb) Is there someone who can help me get this working. I don't know where I must look for to solve this problem. Do I have to upgrade sshd ? Kind regards, Jacco _ Top compression: rm -R * = 100% To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: SSHD problem
On Tue, Oct 15, 2002 at 11:13:46PM +0200, Jacco wrote: Hello all, The last day's I tied to get ssh(d) working. My firewall is running FreeBSD 4.4-RELEASE. You do realise the sshd in 4.4-RELEASE has a serious security vulnerability? Kris msg05211/pgp0.pgp Description: PGP signature