Re: [leaf-user] Bering RC3 updatetime script not working..

[Julian Church]

Hi Anders

At 16:10 22/09/02 +0200, Anders Åkesson wrote:
 
  $ ps axc | grep [x]ntpd
 
  Put [ ] around xntpd.
 
  Again, haven't tested on ash, just on ksh. But presuming it is a sh
  compatible shell, it should work.
 

W! :D

Works like a charm. Seems that [x] makes all the difference. What does
it do? (Trying to learn a bit about scripts..)


This is all pretty much straight from a textbook I read recently - I'm not 
that clever :)  It was presented as the standard way of stopping grep 
processes matching themselves in process lists generated by the ps command.

[x]ntpd is a regular expression that only matches the string xntpd, but the 
entry the grep command generates in the `ps axc` list will be grep 
[x]ntpd, so won't match.

cheers

Julian
-- 

[EMAIL PROTECTED]
www.ljchurch.co.uk



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering RC3: How to setup multiple ipsecs.

[Chutima Subsirin]

Hi all

I have setup 3 firewalls as following:

 -
 _1___|  FW1   |---
 |___|   |
   --
-
   | Router  ||  FW3   
|-3-
   --
-
---   |
  _2__|  FW2 |--
||

I have some trouble according to setup the IPSEC across the network 1 to 3 AND 2 to 3 
(pls see the picture). At this moment, it is work properly just only at the one time 
(1 to 3 OR 2 to 3).

Anybody know how to setup at the same time kindly reply mail to me.

Thanks in advance
Chutima S.
†+,~w­zf¢–+,¦‰ì¢·o$áŠyyézW(™ëhç¤…æ¯zxm¶Ÿÿ¶§’ž‘ÊþÇåy§î±êæj)bž
b²Ù^iû¬z¹b²Û,¢êÜyú+éÞ¶m¦Ïÿ–+-²Ê.­ÇŸ¢¸ë–+-³ùb²Ø§~åy§î±êÒDP†Ûiÿù^iúk¢7œ¶Šàþ››ýÚýÚ™©Úêÿv‡w_=Öf

Re: [leaf-user] Bering RC3: How to setup multiple ipsecs.

[Charles Steinkuehler]

 I have setup 3 firewalls as following:

  -
  _1___|  FW1   |---
  |___|   |
-- 
   -
| Router
||  FW3   |-3-
-- 
   -
 ---   |
   _2__|  FW2 |--
 ||

 I have some trouble according to setup the IPSEC across the network 1
to 3 AND 2 to 3 (pls see the picture). At this moment, it is work
properly just only at the one time (1 to 3 OR 2 to 3).

 Anybody know how to setup at the same time kindly reply mail to me.

Other than mentioning you're going to need at least two connection
descriptions in /etc/ipsecc.conf (one for the 1-3 link, and one for the
2-3 link), I can't help you much with the limited information provided.
You might try posting details of your ipsec.conf, the errors you get
when trying to configure both links at the same time (if any), and other
debugging info...

Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Bering RC3 updatetime script not working..

[JeeBak Kim]

Hi Anders,

* Anders kesson ([EMAIL PROTECTED]) [020923 05:10]:
 Works like a charm. Seems that [x] makes all the difference. What does
 it do? (Trying to learn a bit about scripts..)

The [] are part of what's called shell filename expansion
metacharacters in this context (not to be confused with regular
expressions which also uses them.)  The [] is what's called a
character class.  It's probably too much to explain in this mailing
list but this should be enough for you to start a search on your own to
learn more about them.

Have fun and welcome to the world of scripting! ;)


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] (no subject)

[Naughty - Treach]

Hello, My name is Johnnattanh
My question is this if I want to my LRP/LEAF box advertise routing tables 
with certain protocol (RIP,OSPF,IS-IS,maybe IGRP or EIGRP) I have seen some 
modules but, I only have to load them and that's it or I can configure them 
in some configuration file.
Thank you in advance for the help and thank you for this greatful project.
Also someone knows where or if I can do a back to back connection between 2 
ISDN boxes or connect 2 LRP/LEAF running ISDN in a serial link (I mean 
without have a ISDN switch of the telco between the two boxes) or the LRP 
can be used like an NT1 or NT2.

_
Send and receive Hotmail on your mobile device: http://mobile.msn.com



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] (no subject)

[Naughty - Treach]

Hello, My name is Johnnattanh
My question is this if I want to my LRP/LEAF box advertise routing tables 
with certain protocol (RIP,OSPF,IS-IS,maybe IGRP or EIGRP) I have seen some 
modules but, I only have to load them and that's it or I can configure them 
in some configuration file.
Thank you in advance for the help and thank you for this greatful project.
Also someone knows where or if I can do a back to back connection between 2 
ISDN boxes or connect 2 LRP/LEAF running ISDN in a serial link (I mean 
without have a ISDN switch of the telco between the two boxes) or the LRP 
can be used like an NT1 or NT2.



_
Send and receive Hotmail on your mobile device: http://mobile.msn.com



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] (no subject)

[Eric B Kiser]

Howdy Johnnattanh,

The LRP mailing lists are virtually unused. Just wanted to let you know
before you got your hopes up about getting a response from that arena.

Hello, My name is Johnnattanh
My question is this if I want to my LRP/LEAF box advertise routing tables
with certain protocol (RIP,OSPF,IS-IS,maybe IGRP or EIGRP)

I would recommend using zebra.lrp it is based on zebra-0.92 and supports
bgp, ospf, and rip. I have had problems running it on the LEAF Bering distro
but I know of people that have used it with the LEAF Oxygen distro with
great success.

EIGRP is a cisco specific protocol. The only way to play with this is to
play with cisco.

There is a sourceforge project that is currently working on IS-IS support
for zebra but apparently it is still rather buggy and is only available as a
patch or series of patches to the main zebra source.

IGRP is just plain old and doesn't really compare to any of the more modern
OSPF, IS-IS, EIGRP.

 I have seen some
modules but, I only have to load them and that's it or I can configure
them
in some configuration file.

Yes, they must be configured. I would recommend joining the zebra mailing
list at zebra.org if you are going to work with it. One word of warning
though, the zebra mailing list can be caustic. There is usually nothing
warm, fuzzy, or even polite about it. Generally, though, if you show that
you have done your homework you can get the answers you need out of them.

Thank you in advance for the help and thank you for this greatful project.
Also someone knows where or if I can do a back to back connection between
2
ISDN boxes or connect 2 LRP/LEAF running ISDN in a serial link (I mean
without have a ISDN switch of the telco between the two boxes) or the LRP
can be used like an NT1 or NT2.

Nope, you would have to have something in between. Tens of thousands of
dollars just for an emulator, IIRC.

Good luck,
Eric

_
Send and receive Hotmail on your mobile device: http://mobile.msn.com



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] PPTP client

[Scott Merrill]

I'd like to have the Bering gateway at my remote facility initiate a PPTP 
connection to Poptop running at the main office, so that both of the users at 
the remote facility can use intranet services at the main office.

http://leaf.sourceforge.net/devel/jnilo/bupppoa.html doesn't give me much 
information about the PPTP client configuration.  I've installed the pptp.lrp 
file, and referenced it in syslinux.cfg, but there's no configuration option 
for it (although the backup screen provides the option to back it up).

Can someone please point me to documentation on the pptp.lrp PPTP _client_ 
configuration?  The official pptpclient documentation and mailing list 
(http://pptpclient.sourceforge.net) all reference the pptp-command perl 
script, which is obviously unavailable for LEAF Bering.  There's no 
comprehensive listing of which files need to be created / modified, and what 
they should contain.

Any assistance is greatly appreciated!

Cheers,
Scott


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] PPTP client

[Tom Eastep]

Scott Merrill wrote:
 I'd like to have the Bering gateway at my remote facility initiate a PPTP 
 connection to Poptop running at the main office, so that both of the users at 
 the remote facility can use intranet services at the main office.
 
 http://leaf.sourceforge.net/devel/jnilo/bupppoa.html doesn't give me much 
 information about the PPTP client configuration.  I've installed the pptp.lrp 
 file, and referenced it in syslinux.cfg, but there's no configuration option 
 for it (although the backup screen provides the option to back it up).
 
 Can someone please point me to documentation on the pptp.lrp PPTP _client_ 
 configuration?  The official pptpclient documentation and mailing list 
 (http://pptpclient.sourceforge.net) all reference the pptp-command perl 
 script, which is obviously unavailable for LEAF Bering.  There's no 
 comprehensive listing of which files need to be created / modified, and what 
 they should contain.
 
 Any assistance is greatly appreciated!

http://www.shorewall.net/PPTP.htm

-Tom
-- 
Tom Eastep\ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ [EMAIL PROTECTED]



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Can't ssh from local network

[Warren Post]

ssh is running on our Dachstein box, but I can't access it. When I try 
to ssh into the Dachstein box on a workstation on the local network, 
PuTTY chokes with Connection closed by remote host. PuTTY's log says 
nothing useful, but the /var/log/auth.log on the Dachstein box contains 
this line corresponding to my every ssh attempt:

sshd [number_changes]: fatal: mmap (65536): Invalid argument

We're using Dachstein 1.0.2 with the following configuration:

* Our local network is 192.168.0.0, not Dachstein's default 192.168.1.0.
* Dachstein's DHCP is turned off to not interfere with our local 
network's preexisting DHCP server.
* Booting from a hard disk, not a floppy.

I notice lots of DENY references to 192.168.0.x in /etc/ipfilter.conf, 
and suspect this to be the problem, but don't know enough to deal with 
this intelligently.

Yes, ssh is running (so says ps) and privilege separation is implemented.

With the exception of this issue, the Dachstein box is working 
perfectly. Thanks Charles and everyone!
-- 
Warren Post, Voluntario Naciones Unidas
Departamento de Informática
Municipalidad de Santa Rosa de Copán, Honduras
http://www.santarosahistorica.net/



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Can't ssh from local network

[Michael D. Schleif]

Whence did you get ssh[d].lrp?

This is an issue that I've encountered with mmap enabled on some, but
not all, dachstein boxen; which is supposedly attributable to 2.2x
kernels . . .

Warren Post wrote:
 
 ssh is running on our Dachstein box, but I can't access it. When I try
 to ssh into the Dachstein box on a workstation on the local network,
 PuTTY chokes with Connection closed by remote host. PuTTY's log says
 nothing useful, but the /var/log/auth.log on the Dachstein box contains
 this line corresponding to my every ssh attempt:
 
 sshd [number_changes]: fatal: mmap (65536): Invalid argument
 
 We're using Dachstein 1.0.2 with the following configuration:
 
 * Our local network is 192.168.0.0, not Dachstein's default 192.168.1.0.
 * Dachstein's DHCP is turned off to not interfere with our local
 network's preexisting DHCP server.
 * Booting from a hard disk, not a floppy.
 
 I notice lots of DENY references to 192.168.0.x in /etc/ipfilter.conf,
 and suspect this to be the problem, but don't know enough to deal with
 this intelligently.
 
 Yes, ssh is running (so says ps) and privilege separation is implemented.
 
 With the exception of this issue, the Dachstein box is working
 perfectly. Thanks Charles and everyone!

-- 

Best Regards,

mds
mds resource
888.250.3987

Dare to fix things before they break . . .

Our capacity for understanding is inversely proportional to how much we
think we know.  The more I know, the more I know I don't know . . .


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering RC3: How to setup multiple ipsecs.

[Francois BERGERET]

HI Chutima,

I am tempting this for 5 firewalls without success.
I have never been able to start a VPN between only two boxes !
I am waiting for any help from Chad who has Bering IPSec in charge.

Is it possible to have a post with your params (shorewall, and IPSec) ?
This could be help me a little.

You can send them directly to my adress, if you want or through this list.

Thanks in advance,
Francois BERGERET,
France.

 -Message d'origine-
 De : [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]De la part de Chutima
 Subsirin
 Envoyé : lundi 23 septembre 2002 14:50
 À : [EMAIL PROTECTED]
 Cc : Thitiporn; Chutima S.
 Objet : [leaf-user] Bering RC3: How to setup multiple ipsecs.


 Hi all

 I have setup 3 firewalls as following:

  -
  _1___|  FW1   |---
  |___|   |
--
-
| Router  ||  FW3   
|-3-
--
-
 ---   |
   _2__|  FW2 |--
 ||

 I have some trouble according to setup the IPSEC across the network 1 to 3 AND 2 to 
3 (pls see the picture). At this
 moment, it is work properly just only at the one time (1 to 3 OR 2 to 3).

 Anybody know how to setup at the same time kindly reply mail to me.

 Thanks in advance
 Chutima S.




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Shorewall-1.3.8 DNAT

[Matthew Schalit]

Jason Taylor wrote:
 I'm trying to redirect port 24 to 25 for a single IP.  My rules file 
 line is:
 
 DNAT loc dmz:10.10.1.1:25 tcp 24 - 10.10.1.1
 
 It appears that this rule is useless because the original destination IP 
 matches the destination IP.


I'd like to understand why it's useless, but maybe it's just
how the shorewall code processes things.  I've been racking
my brain a bit on this one.  It's an interesting desire,
especially because I wrote one of the original firewalls
used on lrps, before the days of LEAF, and never tried this.




 Leaving off the - 10.10.1.1 portion does redirect all tcp traffic from 
 loc destined for port 24 as expected.


You mean like this?

   DNAT loc dmz:10.10.1.1:25 tcp 24 - -




 However, I would still like to have it dropped unless destined 
  for this particular host.


That seems easy enough.  Just put another line right above
the one that you've got that works like this:

 REJECT  loc  dmz:!10.10.1.1   tcp 24-   -
 DNATloc  dmz:10.10.1.1:25 tcp 24-   -


Let me know if this works.  I'm digging around for another
nic to setup a dmz to test this, but I may get sidetracked
by the new puppy.

regards,
matthew

















---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Shorewall-1.3.8 DNAT

[Tom Eastep]

Matthew Schalit wrote:

 
 
 That seems easy enough.  Just put another line right above
 the one that you've got that works like this:
 
 REJECT  loc  dmz:!10.10.1.1   tcp 24-   -
 DNATloc  dmz:10.10.1.1:25 tcp 24-   -
 
 
 Let me know if this works.  I'm digging around for another
 nic to setup a dmz to test this, but I may get sidetracked
 by the new puppy.

The firewall script available from the 1.3.8 Errata allows the following 
to work correctly:

DNATloc dmz:10.10.1.1:25tcp 24  -   10.10.1.1

The problem was that Shorewall was only generating the nat table mapping 
if the original and server IP addresses were different. The new code 
generates this mapping if the ports are different as well.

-Tom
-- 
Tom Eastep\ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ [EMAIL PROTECTED]



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Can't ssh from local network

[Warren Post]

I downloaded ssh.lrp and sshd.lrp from:

http://leaf.sourceforge.net/dev/jnilo/packages/openssh-3.4p1/

I forgot to mention in my original message that I have, of course, read 
the openssh LEAF/LRP user's guide (also in jnilo's directory) and 
searched this list for previous references to ssh problems.
-- 
Warren Post, Voluntario Naciones Unidas
Departamento de Informática
Municipalidad de Santa Rosa de Copán, Honduras
http://www.santarosahistorica.net/

Michael D. Schleif wrote:

 Whence did you get ssh[d].lrp?
 
 This is an issue that I've encountered with mmap enabled on some, but
 not all, dachstein boxen; which is supposedly attributable to 2.2x
 kernels . . .




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Can't ssh from local network

[Erich Titl]

Warren

Warren Post wrote the following at 22:38 23.09.2002:
I downloaded ssh.lrp and sshd.lrp from:

http://leaf.sourceforge.net/dev/jnilo/packages/openssh-3.4p1/

I am not sure if this sshd is suitable for your Dachstein release. IIRC 
Jacques is concerned mainly with Bering related software. It may be 
possible to run userland programs across releases but I am afraid you may 
be on the wrong track.

The only sshd I could find for Dachstein is in the CD contents directory. 
http://leaf.sourceforge.net/devel/cstein/files/diskimages/dachstein-CD/CD-Contents/

I believe this is still the old (small, less secure) sshd, I know it is 
working on Dachstein, because I used it with putty myself.

HTH
Erich

THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024  8D8A B7D4 FF9D 05B8 0A16



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Can't ssh from local network

[Brad Fritz]

On Mon, 23 Sep 2002 23:34:25 +0200 Erich Titl wrote:

 The only sshd I could find for Dachstein is in the CD contents directory.
 
 http://leaf.sourceforge.net/devel/cstein/files/diskimages/dachstein-CD/CD-Contents/
 
 I believe this is still the old (small, less secure) sshd, I know it is
 working on Dachstein, because I used it with putty myself.

Michael Schleif has packaged openssh v3.4p1.  It is available from
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/devel/helices/ .
I have only used it with Bering, but I am fairly certain Michael uses
it with Dachstein.  You may want to give it whirl.

--Brad



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Can't ssh from local network - SOLVED

[Warren Post]

Erich Titl wrote:

 Warren
 
 Warren Post wrote the following at 22:38 23.09.2002:
 
 I downloaded ssh.lrp and sshd.lrp from:

 http://leaf.sourceforge.net/dev/jnilo/packages/openssh-3.4p1/
 
 
 I am not sure if this sshd is suitable for your Dachstein release. IIRC 
 Jacques is concerned mainly with Bering related software. It may be 
 possible to run userland programs across releases but I am afraid you 
 may be on the wrong track.
 
 The only sshd I could find for Dachstein is in the CD contents 
 directory. 
 http://leaf.sourceforge.net/devel/cstein/files/diskimages/dachstein-CD/CD-Contents/ 
 
 
 I believe this is still the old (small, less secure) sshd, I know it is 
 working on Dachstein, because I used it with putty myself.
 
 HTH
 Erich


That fixed it, thank you! I overwrote my original sshd.lrp with the 
sshd.lrp on the link you provided and generated a new key. No problem.
-- 
Warren Post, Voluntario Naciones Unidas
Departamento de Informática
Municipalidad de Santa Rosa de Copán, Honduras
http://www.santarosahistorica.net/



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Can't ssh from local network - SOLVED

[Brad Fritz]

On Mon, 23 Sep 2002 16:57:29 CST Warren Post wrote:

 Erich Titl wrote:
  
  The only sshd I could find for Dachstein is in the CD contents 
  directory. 
  http://leaf.sourceforge.net/devel/cstein/files/diskimages/dachstein-CD/CD-C
ontents/ 
  
  
  I believe this is still the old (small, less secure) sshd, I know it is 
  working on Dachstein, because I used it with putty myself.
  
  HTH
  Erich
 
 
 That fixed it, thank you! I overwrote my original sshd.lrp with the 
 sshd.lrp on the link you provided and generated a new key. No problem.

Just a heads-up.  There have been several sshd vulnerabilities
and fixes since 3.0p1 at the above link was released.  If you
use it instead of the new 3.4p1 that Michael has made available,
I would strongly suggest, if you haven't already, that you set
your firewall rules to only allow ssh connections from trusted
hosts or networks.  (Doing so is a good idea anyway.)

I get several ssh probes every day on otherwise quiet networks.
There are definitely people who are curious what version of
sshd you're running.  I don't suppose all of them have the best
of intentions.

--Brad



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html