Re: [leaf-user] scp?
I've got SFTP set up to fall back into SCP. Doug, I hardcode this to SCP for Leaf. Also disable Lookup user groups under Environment - SCP/Shell. - Bob Coffman -- Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] scp?
I hardcode this to SCP for Leaf. Also disable Lookup user groups under Environment - SCP/Shell. How do you hardcode this? ~Doug -- Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] scp?
I hardcode this to SCP for Leaf. Also disable Lookup user groups under Environment - SCP/Shell. How do you hardcode this? firewall# find / | grep scp /sys/module/x_tables/holders/xt_dscp /sys/module/xt_dscp /sys/module/xt_dscp/holders /sys/module/xt_dscp/initstate /sys/module/xt_dscp/refcnt /sys/module/xt_dscp/sections /sys/module/xt_dscp/sections/.note.gnu.build-id /sys/module/xt_dscp/sections/.text /sys/module/xt_dscp/sections/.exit.text /sys/module/xt_dscp/sections/.init.text /sys/module/xt_dscp/sections/.rodata.str1.4 /sys/module/xt_dscp/sections/.data..read_mostly /sys/module/xt_dscp/sections/.gnu.linkonce.this_module /sys/module/xt_dscp/sections/.symtab /sys/module/xt_dscp/sections/.strtab /sys/module/xt_dscp/notes /sys/module/xt_dscp/notes/.note.gnu.build-id /usr/bin/scp /lib/modules/xt_dscp.ko /lib/xtables/libxt_dscp.so firewall# ll /usr/bin | grep scp lrwxrwxrwx1 root root21 Nov 15 17:39 scp - ../sbin/dropbearmulti firewall# ../sbin/dropbearmulti Dropbear multi-purpose version 2012.55 Make a symlink pointing at this binary with one of the following names: 'dropbear' - the Dropbear server 'dropbearkey' - the key generator 'scp' - secure copy firewall# Does Leaf have its own SCP command? If so, what/where is it? ~Doug -- Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] scp?
I hardcode this to SCP for Leaf. Also disable Lookup user groups under Environment - SCP/Shell. How do you hardcode this? firewall# find / | grep scp /sys/module/x_tables/holders/xt_dscp /sys/module/xt_dscp /sys/module/xt_dscp/holders /sys/module/xt_dscp/initstate /sys/module/xt_dscp/refcnt /sys/module/xt_dscp/sections /sys/module/xt_dscp/sections/.note.gnu.build-id /sys/module/xt_dscp/sections/.text /sys/module/xt_dscp/sections/.exit.text /sys/module/xt_dscp/sections/.init.text /sys/module/xt_dscp/sections/.rodata.str1.4 /sys/module/xt_dscp/sections/.data..read_mostly /sys/module/xt_dscp/sections/.gnu.linkonce.this_module /sys/module/xt_dscp/sections/.symtab /sys/module/xt_dscp/sections/.strtab /sys/module/xt_dscp/notes /sys/module/xt_dscp/notes/.note.gnu.build-id /usr/bin/scp /lib/modules/xt_dscp.ko /lib/xtables/libxt_dscp.so firewall# ll /usr/bin | grep scp lrwxrwxrwx1 root root21 Nov 15 17:39 scp - ../sbin/dropbearmulti firewall# ../sbin/dropbearmulti Dropbear multi-purpose version 2012.55 Make a symlink pointing at this binary with one of the following names: 'dropbear' - the Dropbear server 'dropbearkey' - the key generator 'scp' - secure copy firewall# Does Leaf have its own SCP command? If so, what/where is it? I seem to have misconfigured the WinSCP setup for the scp connection to the BuC firewall. The scp connection is working fine now. I just had to choose to establish a SCP connection instead of a SFTP connection with fallback to SCP. Egads. I also had to make sure that the shell points to /bin/sh as well. ~Doug -- Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] scp?
Running version 4.3.1. of BuC. Apparently I cannot scp into the firewall. /var/log/auth.log reports successful login but then my WinSCP app hangs and times out. I've got SFTP set up to fall back into SCP. Both SFTP server and SCP shell is set to /bin/sh. This WinSCP configuration worked with older version of 3.x. Is there a tweak I need to implement for version 4.3.x? Should I consider a different SCP app for Windows? ~Doug -- Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] scp?
Hi Doug on 16.11.2012 03:13, Doug Sampson wrote: Running version 4.3.1. of BuC. Apparently I cannot scp into the firewall. /var/log/auth.log reports successful login but then my WinSCP app hangs and times out. I've got SFTP set up to fall back into SCP. Both SFTP server and SCP shell is set to /bin/sh. This WinSCP configuration worked with older version of 3.x. Is there a tweak I need to implement for version 4.3.x? I was successful with it on 4.3, but I always use the OpenSSH implementation. Should I consider a different SCP app for Windows? Unless you succeed with scp on *X, I wouldn't.I suspect it to be a problem on the server side. cheers Erich smime.p7s Description: S/MIME Kryptografische Unterschrift -- Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] SCP/SFTP
I'm building a stock Bering uClibc 2.3.1 router and am trying to connect using WinSCP 3.7.6 from the internal network. I keep getting a time-out. Error message says Server refused to start a shell/command. I can successfully access using ssh. What do I need to get a shell running on Bering? I would like to copy files to/from Bering. ~Doug ___ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?» ¯¯¯ Doug Sampson Information Technology Dawn Sign Press dougs (at) dawnsign dot com ___ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?» ¯¯¯ --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
RE: [leaf-user] SCP/SFTP
Oh, and I should add that I am using dropbear. ~Doug I'm building a stock Bering uClibc 2.3.1 router and am trying to connect using WinSCP 3.7.6 from the internal network. I keep getting a time-out. Error message says Server refused to start a shell/command. I can successfully access using ssh. What do I need to get a shell running on Bering? I would like to copy files to/from Bering. ~Doug ___ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?» ¯¯¯ Doug Sampson Information Technology Dawn Sign Press dougs (at) dawnsign dot com ___ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?» ¯¯¯ --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click -- -- leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] SCP/SFTP
Doug Sampson wrote: Oh, and I should add that I am using dropbear. ~Doug I'm building a stock Bering uClibc 2.3.1 router and am trying to connect using WinSCP 3.7.6 from the internal network. I keep getting a time-out. Error message says Server refused to start a shell/command. I can successfully access using ssh. What do I need to get a shell running on Bering? I would like to copy files to/from Bering. ~Doug Did you configure winscp to use a shell. Folow the instructions here in winscp. http://sourceforge.net/mailarchive/message.php?msg_id=9995360 --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
RE: [leaf-user] scp broken in bering-uclib 2.2.0_b4?
Martin wrote: Please let me know if that one works for you. Thank you very much for this, now scp works fine! Bye, Frank --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] scp broken in bering-uclib 2.2.0_b4?
Hello! When I want to scp something, my system states that it can not find the binary: Emerald:~ scp .profile.off [EMAIL PROTECTED]:/tmp/ /usr/local/bin/ssh: No such file or directory lost connection Emerald:~ I have: ssh 3.7.1p1 Rev 4 OpenSSH ssh client. from the packages download page. Is this a already known problem? Bye, Frank --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] scp broken in bering-uclib 2.2.0_b4?
I experienced the same problem, the binary is actually there but in /usr/bin just do a symlink to it and backup local.lrp. It worked for me :) Ben Frank Dauer wrote: Hello! When I want to scp something, my system states that it can not find the binary: Emerald:~ scp .profile.off [EMAIL PROTECTED]:/tmp/ /usr/local/bin/ssh: No such file or directory lost connection Emerald:~ I have: ssh 3.7.1p1 Rev 4 OpenSSH ssh client. from the packages download page. Is this a already known problem? Bye, Frank --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] scp broken in bering-uclib 2.2.0_b4?
Frank Dauer wrote: Hello! When I want to scp something, my system states that it can not find the binary: Emerald:~ scp .profile.off [EMAIL PROTECTED]:/tmp/ /usr/local/bin/ssh: No such file or directory lost connection Emerald:~ I have: ssh 3.7.1p1 Rev 4 OpenSSH ssh client. from the packages download page. Is this a already known problem? You are right - it's broken. And you are also right - it was a known issue, but for some reason, the fixed package never made it into cvs (I probably just forgot about it). Sorry about that. A fixed version is on it's way to CVS (it takes around a day to show up) and from there to the packages page, in the mean time you can download the updated package from http://lrp.hejl.de/devel/sshd.lrp Please let me know if that one works for you. Martin --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] SCP
I'm using Bering 1.2 with SSH (OpenSSH_3.5p1,) and SSHD. Problem is that SCP is missing. Does anyone know what happened to SCP in the SSH package? Roger --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SCP
Roger At 09:03 07.04.2004 -0400, Roger E McClurg wrote: I'm using Bering 1.2 with SSH (OpenSSH_3.5p1,) and SSHD. Problem is that SCP is missing. Does anyone know what happened to SCP in the SSH package? For some unknown reason scp is in sshd.lrp cheers Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70alloc_id638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SCP
Erich, I found the answer. It is not in sshd 3.5p1 but it is in sshd 3.7.1p2. Thanks for the help. Roger Erich Titl erich.titl @think.ch 04/07/2004 10:41 AM To: Roger E McClurg/CEG/[EMAIL PROTECTED], [EMAIL PROTECTED] cc: Subject:Re: [leaf-user] SCP Roger At 09:03 07.04.2004 -0400, Roger E McClurg wrote: I'm using Bering 1.2 with SSH (OpenSSH_3.5p1,) and SSHD. Problem is that SCP is missing. Does anyone know what happened to SCP in the SSH package? For some unknown reason scp is in sshd.lrp cheers Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70alloc_id638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] scp for Bering-uClib
Dropbear, which I otherwise love, doesn't include scp. The dropbear docs suggest that scp from the ssh package can be used, but while the scp on my Debian system is plenty small it of course links in a half dozen libraries, including libc, that aren't present on Bering-uClib. Before I try to figure out how to build scp for Bering-uClib, does anybody have a .lrp to share? Or know of plans to include one anytime soon? Thanks, --Eric House -- ** * From the desktop of: Eric House, [EMAIL PROTECTED]* *Crosswords 4.0 for PalmOS is out!: http://www.peak.org/~fixin/xwords * ** --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] scp for Bering-uClib
Am Montag, 8. Dezember 2003 17:09 schrieb Eric House: Dropbear, which I otherwise love, doesn't include scp. The dropbear docs suggest that scp from the ssh package can be used, but while the scp on my Debian system is plenty small it of course links in a half dozen libraries, including libc, that aren't present on Bering-uClib. Before I try to figure out how to build scp for Bering-uClib, does anybody have a .lrp to share? Or know of plans to include one anytime soon? Eric; There is no extra lrp yet, but you'll find scp in sshd.lrp. It requires libz and libcrpto.lrp; I guess too much for a floppy. kp --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] scp for bering package backup
Hi everybody I hacked the Bering backup scripts so that they allow a backup custom destination of 'scp'. This makes the backup go to /tmp and then subsequently to the host/directory as specified in a few additional entries in /etc/lrp.conf. The following files are affected: /usr/sbin/lrcfg.back /usr/sbin/lrcfg.back.script /etc/lrp.conf You can find these in my CVS tree at http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/devel/etitl/bering/ It reflects partially the directory structure of a Bering LEAF router. These changes are based on my 1.0_rc3 installation, I don't know if Jacques made changes here to the stable Version but the modifications should be pretty easy to port. Barf if there is anything unclear, else have fun Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [Leaf-user] SCP _through_ Bering firewall disk problem
Rick -- I read theough all 3 messages you posted, and from what you write there, scp *should* work. Whatever the problem, I'd doubtful that it related to Bering, since to it, there is no visible difference between an ssh and an scp connection going through it. So ... I noticed that the one thing missing from your reports is a description of what the actual failures looked like. What errors does scp report at the originating end? Ar ethe errors different on the Sun-Sid system and on the Win2K-CygWin system? Are there any relevant entries in the Bering-dmz system's logs? Also ... what sort of authentication are ssh and scp using on the dmz system? I'm used to using it (and scp) with userid/password authentication. If your Bering-dmz system uses, say, RSA authentication, there may be scp issues I'm not thinking of. (What issues? Beats me; if I knew, it wouldn't be something I'm not thinking of.) Third, just to be clear ... the successful ssh connections to the Bering-dmz Debian-Sid system from the Sun-Sid system and the unsuccessful scp connections between them do use the same userid, right? Same question for connections from the CygWin system. And the scp connections don't involve directories/files where there might be permissions problems with reading or writing (whichever way you are testing)? At 10:14 PM 4/14/02 -0700, Jeff Newmiller wrote: On Fri, 12 Apr 2002, Rick Price wrote: I'm having trouble getting scp to work through a Bering firewall (it hangs). I have no trouble whatsoever with ssh. I have only tried to scp things from the outside into a machine in the dmz, and from the internal network into the dmz. No other incoming connections are allowed. I tried removing the ssh entries for TOS, but that did not seem to fix things. A friend had it work once with no problems from freeshell.org. But it now seems broken. I have used scp a lot before with no problems (but not with Bering). So far I have tried it from Debian Testing and OpenSSH on Solaris 8. My Bering firewall is configured to allow everything out from the internal network (both external network, and into dmz). Allow one port (tcp 1966) into the dmz from the Internet to port 22 on a machine inside. The outside network and the dmz are not allowed into the internal network. The dmz is allowed out. Does anyone else have these problems, or am I missing something? I don't use scp from outside a firewall... but scp passes through a single ssh tunnel, so if ssh works, the networking portion of scp should work, and Bering should have absolutely nothing to do with it. I would review the names for your hosts... each endpoint should be able to identify the other. To eliminate name resolution from the picture for troubleshooting, use ip addresses in your file-specifications. Also, confirm that scp is installed and working on each end. Try ssh'ing to the other end, and scp'ing from there. Also try the -v option. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user -- Never tell me the odds!--- Ray Olszewski-- Han Solo Palo Alto, CA[EMAIL PROTECTED] ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] SCP _through_ Bering firewall disk problem
I use password authentication. Everything is the same except that I use scp instead of ssh. scp just hangs, I used the -v option and it gave me no errors. I've had essentially the same problem across all the systems. I didn't let it sit there that long, so I didn't wait long enough for timeout errors. I think there is actually one difference between ssh and scp, scp sets the TOS flag differently (or so I have read). Bering seems to let you set TOS flags based on where the traffic is going, I did disable the flags for SSH, but to no avail. I've read that there was a bug in kernels less that 2.4.2 where scp was derailed by the TOS code not properly computing a checksum when it changed the TOS type of packets going through. But I have not checked to see what kernel Bering uses. I've done scp lots of times through firewalls before and so I find it really puzzling. I just put a DNS server in the DMZ, so maybe I will give it another spin. Rick On Mon, 15 Apr 2002, Ray Olszewski wrote: Rick -- I read theough all 3 messages you posted, and from what you write there, scp *should* work. Whatever the problem, I'd doubtful that it related to Bering, since to it, there is no visible difference between an ssh and an scp connection going through it. So ... I noticed that the one thing missing from your reports is a description of what the actual failures looked like. What errors does scp report at the originating end? Ar ethe errors different on the Sun-Sid system and on the Win2K-CygWin system? Are there any relevant entries in the Bering-dmz system's logs? Also ... what sort of authentication are ssh and scp using on the dmz system? I'm used to using it (and scp) with userid/password authentication. If your Bering-dmz system uses, say, RSA authentication, there may be scp issues I'm not thinking of. (What issues? Beats me; if I knew, it wouldn't be something I'm not thinking of.) Third, just to be clear ... the successful ssh connections to the Bering-dmz Debian-Sid system from the Sun-Sid system and the unsuccessful scp connections between them do use the same userid, right? Same question for connections from the CygWin system. And the scp connections don't involve directories/files where there might be permissions problems with reading or writing (whichever way you are testing)? At 10:14 PM 4/14/02 -0700, Jeff Newmiller wrote: On Fri, 12 Apr 2002, Rick Price wrote: I'm having trouble getting scp to work through a Bering firewall (it hangs). I have no trouble whatsoever with ssh. I have only tried to scp things from the outside into a machine in the dmz, and from the internal network into the dmz. No other incoming connections are allowed. I tried removing the ssh entries for TOS, but that did not seem to fix things. A friend had it work once with no problems from freeshell.org. But it now seems broken. I have used scp a lot before with no problems (but not with Bering). So far I have tried it from Debian Testing and OpenSSH on Solaris 8. My Bering firewall is configured to allow everything out from the internal network (both external network, and into dmz). Allow one port (tcp 1966) into the dmz from the Internet to port 22 on a machine inside. The outside network and the dmz are not allowed into the internal network. The dmz is allowed out. Does anyone else have these problems, or am I missing something? I don't use scp from outside a firewall... but scp passes through a single ssh tunnel, so if ssh works, the networking portion of scp should work, and Bering should have absolutely nothing to do with it. I would review the names for your hosts... each endpoint should be able to identify the other. To eliminate name resolution from the picture for troubleshooting, use ip addresses in your file-specifications. Also, confirm that scp is installed and working on each end. Try ssh'ing to the other end, and scp'ing from there. Also try the -v option. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user -- Never tell me the odds!--- Ray Olszewski-- Han Solo Palo Alto, CA [EMAIL PROTECTED]
[Leaf-user] SCP _through_ Bering firewall disk problem
I'm having trouble getting scp to work through a Bering firewall (it hangs). I have no trouble whatsoever with ssh. I have only tried to scp things from the outside into a machine in the dmz, and from the internal network into the dmz. No other incoming connections are allowed. I tried removing the ssh entries for TOS, but that did not seem to fix things. A friend had it work once with no problems from freeshell.org. But it now seems broken. I have used scp a lot before with no problems (but not with Bering). So far I have tried it from Debian Testing and OpenSSH on Solaris 8. My Bering firewall is configured to allow everything out from the internal network (both external network, and into dmz). Allow one port (tcp 1966) into the dmz from the Internet to port 22 on a machine inside. The outside network and the dmz are not allowed into the internal network. The dmz is allowed out. Does anyone else have these problems, or am I missing something? Rick ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] SCP _through_ Bering firewall disk problem
I'm having trouble getting scp to work through a Bering firewall (it hangs). Which version are you using ? Where did you get it from ? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] SCP _through_ Bering firewall disk problem
Uh, sorry about that, I was trying really hard to have everything in the email. This is from the readme file: LEAF Bering Firewall - V1.0-rc1 Jacques Nilo [EMAIL PROTECTED] On Fri, 12 Apr 2002, Jacques Nilo wrote: Eric Wolzak [EMAIL PROTECTED] Instruction user's guide at: On Fri, 12 Apr 2002, Jacques Nilo wrote: I'm having trouble getting scp to work through a Bering firewall (it hangs). Which version are you using ? Where did you get it from ? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] SCP _through_ Bering firewall disk problem
Uh, sorry about that, I was trying really hard to have everything in the email. This is from the readme file: LEAF Bering Firewall - V1.0-rc1 Jacques Nilo [EMAIL PROTECTED] On Fri, 12 Apr 2002, Jacques Nilo wrote: Eric Wolzak [EMAIL PROTECTED] Instruction user's guide at: No I mean where did you get the scp package from ? Also are you using from with the firewall or not ? Also do you have ssh installed (scp is a wrapper program to ssh) ? If so is your ssh version the same as you scp version ? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] SCP _through_ Bering firewall disk problem
I'm not using scp or ssh *into* the firewall, I just want to get through it from the outside to the inside so to speak. So I don't have any scp or ssh installed on the firewall. My ssh on my pc(s) would be the latest Debian Testing version from about a week ago. It's OpenSSH_3.0.2p1. On solaris it's, OpenSSH_3.0.2p1 from Sunfreeware.com The target machine runs Debian testing, ssh version as above. SSH works just fine through the firewall. I would pretty much have to assume my scp version is the same as the ssh version because I always install it as a package. One way I try to use it is to scp from my work Solaris machine to my machine in the dmz. I've tried it with scp from Cygwin on my work NT2000 machine and it's also broken. The other way is to scp from my internal (home) debian or Solaris machine and it is broken as well. SSH works just fine in these situations. I have not tried to scp out from inside the firewall (except from internal to dmz) because I have nowhere to copy to until I can get into work from home. I did a verbose on scp and it does not come up with any errors. I noticed a message on the net about TOS not properly dealing with a checksum in 2.4.2 kernels, and so I removed the TOS entries for SSH but that didn't seem to make a difference. Please switch to my other email for the weekend [EMAIL PROTECTED], I'm leaving work soon and I can't access my work email from home. (work firewall issues). Rick On Fri, 12 Apr 2002, Jacques Nilo wrote: Uh, sorry about that, I was trying really hard to have everything in the email. This is from the readme file: LEAF Bering Firewall - V1.0-rc1 Jacques Nilo [EMAIL PROTECTED] On Fri, 12 Apr 2002, Jacques Nilo wrote: Eric Wolzak [EMAIL PROTECTED] Instruction user's guide at: No I mean where did you get the scp package from ? Also are you using from with the firewall or not ? Also do you have ssh installed (scp is a wrapper program to ssh) ? If so is your ssh version the same as you scp version ? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user